kontrola logu

[daymaker]

Dobrý den,

prosím o ko logu. Začaly vyskakovat občas zvláštní okna. Děkuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by Marek at 2014-10-24 09:28:58
Microsoft Windows 8.1
System drive C: has 222 GB (78%) free of 286 GB
Total RAM: 6062 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:29:21, on 24. 10. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Windows\SysWOW64\UMonit64.exe
D:\Program Files (x86)\Photo Studio 16\Program32\ZPSTray.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
C:\Program Files (x86)\Apteryx\Apteryx Imaging\Name Grabber.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
D:\program files\Origin\Origin.exe
C:\Program Files (x86)\Dialog MIS\Doktor.EXE
C:\Program Files (x86)\Dialog MIS\MSMWS002.DLL
C:\Program Files (x86)\Dialog MIS\Dialog.Goblin.exe
C:\Program Files (x86)\Dialog MIS\cgmassist\wkflsr32.exe
C:\Program Files (x86)\Dialog MIS\cgmassist\wkflbu32.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqdirec.exe
C:\Program Files (x86)\Apteryx\Apteryx Imaging\DrSuni.exe
C:\Program Files\trend micro\Marek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.zonealarm.com/?src=hp&tbi ... tsId=&ver=&
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = domino.dent.cz:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Marek\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: eee1ef70083a013208d37190b1a6e5ef0063429 - {11111111-1111-1111-1111-110611341129} - C:\Program Files (x86)\SavePass 1.1\SavePass 1.1-bho.dll
O2 - BHO: BS Player ControlBar B - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Marek\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files (x86)\java\bin\ssv.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files (x86)\java\bin\jp2ssv.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll" (file missing)
O3 - Toolbar: BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Marek\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [ROGNB] "C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Zoner Photo Studio Service 16] "D:\Program Files (x86)\Photo Studio 16\Program32\ZPSTRAY.EXED:\Program Files (x86)\Photo Studio 16\Program32\ZPSService.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "D:\Program Files (x86)\Photo Studio 16\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - Startup: Name Grabber.lnk = C:\Program Files (x86)\Apteryx\Apteryx Imaging\Name Grabber.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: ImageBrowser EX Agent.lnk = C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files\ASUS\P4G\InsOnSrv.exe
O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: SluĹľba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: SluĹľba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HCS.MedConnect.Service - HCS GmbH - D:\CGMSERVER\bin\medical-net\MedConnect\HCS.MedConnect.Service.exe
O23 - Service: HCS.MEDCONNECT.SERVICEMANAGER - HCS GmbH - D:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Toolbar Service (TBSrv) - ClientConnect Ltd. - C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 13160 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"dwm.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ASUS\P4G\InsOnSrv.exe"
"C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
D:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe
D:\CGMSERVER\bin\core\cgm.servercore.exe
C:\WINDOWS\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
dashost.exe {94d728cb-ddd2-4a46-8832c34036c6dd7f}
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe"
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"

"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
D:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
"D:\CGMSERVER\nginx.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss e9eef50e-cf89-49be-bf55-fdb21e6d8919 1
\??\C:\WINDOWS\system32\conhost.exe 0x4

C:\WINDOWS\system32\svchost.exe -k HPService
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
CMD /C ""D:/CGMSERVER/bin/pgsql/bin/postgres.exe" -D "D:/CGMSERVER/data/pgsql" < "nul" 2>&1"
"D:/CGMSERVER/bin/pgsql/bin/postgres.exe" -D "D:/CGMSERVER/data/pgsql"
"D:\CGMSERVER\nginx.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"D:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forklog" "5108" "5112"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files\ASUS\P4G\InsOnWMI.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe"
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
taskhostex.exe
C:\WINDOWS\Explorer.EXE
"D:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkboot" "4988" "-x3"
"D:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkboot" "4956" "-x4"
"D:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkavlauncher" "4940"
"D:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkcol" "4936"
KBFiltr.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"D:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkbackend" "4920"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDGesture.exe"
"C:\Windows\SysWOW64\UMonit64.exe"
"D:\Program Files (x86)\Photo Studio 16\Program32\ZPSTray.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe"
"C:\Program Files (x86)\Apteryx\Apteryx Imaging\Name Grabber.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart B110 series#1405950031" -Startup
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe" -check
"C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe"
taskhost.exe $(Arg0)
"D:\program files\Origin\Origin.exe" "origin2://game/launch/?offerIds=1024871,1024872,1023299,1024870,1028693,1028694&title=FIFA%u002015&cmdParams="
"C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Dialog MIS\Doktor.EXE"
MSMWS002.DLL +msmapplid "C:\Program Files (x86)\Dialog MIS\Doktor.EXE"
"C:\Program Files (x86)\Dialog MIS\Dialog.Goblin.exe" PCDENT 20040
"C:\Program Files (x86)\Dialog MIS\cgmassist\wkflsr32"
"C:\Program Files (x86)\Dialog MIS\cgmassist\wkflbu32" "C:/Program Files (x86)/Dialog MIS/cgmassist/globalfix/" "C:/Program Files (x86)/Dialog MIS/cgmassist/globalvariable/" C:/Users/Marek/AppData/Roaming/cgmassist/local/ "" TRAYICON ENABLE
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ddd63148-2ec4-4bab-92fb-b66ee2fdb4b3 -SystemEventPortName:HostProcess-81a122a3-3e36-4293-89a8-ea1c51dd8654 -IoCancelEventPortName:HostProcess-fb2d395f-ce3e-43e4-a4c7-c7a0c7168ea8 -NonStateChangingEventPortName:HostProcess-9a34eecd-fce5-4156-aa2a-ff3816702890 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:01be5ef2-a3be-4369-8e89-39dc7d8584c2 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\System32\svchost.exe -k HPZ12
/mini ContextID:"#Hewlett-Packard#HP Photosmart B110 series#1405950031" LaunchMode:"Auto"
C:\WINDOWS\splwow64.exe 8192
"C:\Program Files (x86)\Apteryx\Apteryx Imaging\DrSuni.exe"

"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe76_ Global\UsGthrCtrlFltPipeMssGthrPipe76 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 588 592 600 65536 596
C:\WINDOWS\system32\msiexec.exe /V
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3328339923-2747926138-1126850117-100277_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3328339923-2747926138-1126850117-100277 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Users\Marek\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\6fe9931a-f2a5-4563-a8ad-0ffb0525aaba-1.job - C:\Program Files (x86)\SavePass 1.1\SavePass 1.1-codedownloader.exe# /rawdata=wLMq8QnZga1hFc7C4stZFptnUs+o5+ySgZFiJqjjyLSyo/x5ChVLZWQNL2Fv2px/85bR5QE+p+LYY6k19TLYEMiioqGoQztrkYvQMkdNyS6uehip65f3ZGDq8pnOcCLZZO3QVVMU7R5ZSUtJT6KFevcl5dBDipsD8KEW1KzaWJ+AAOGcsXFNoIchN6iyZHf7lzKQ0hR91kUG0CG1zJ0JF+VxmGE4k7YqLYVo0jZXTkVExXvRmTP8Lo4RvNAnmaZPGxtvu5OfDqnHdb8PyOopNQj6cPREJqtoajJ2/Ky2to8w8E0peH//GCwcoYt6RdUFr1Ni3lHWIE+PZ+McsELjdx2r48mmRsqGDXt60GIV5eIFPRwWN7r+DYfUUM8G+EWKo7l7ggMrNJZ+Ei1714xPIFNHPQeoiLcBWksRfoItDBFiUUIzUxEqg/Kq8fSlHOgvYnXV+haVnJ04MYhOBf51D/9jCXw+8ludX2rK4cYYUw03MFKpsbUE3MtCnepuKfyQmNrfoNw+qZ1PfE73r1EzNqhxeM0F4VoH7UHRe+RUnH4zDuZlyJgF+wDtkmWx7JFWVKhViqVZverDo1Jg6P47+VZA8d6UOdg8+WocJP2BWXXBCNBHliRlg/qKg/eWFABGOeV9NCP21++9PHlzZsTFd3MuLZa7oL+wjj0RhTzWanKtSzuIqWxoGztO5RCWetkeAsoZB064IB/BlHNRMb86/yj0aaoBxD7ymLrK3K3ZCyGHkagh4qOg3F1MCqkJ8s9M5VtP/7M7XN9PZF/KxhGg0C9xCcE/FGSCFLOMzgYFlFAJ95V5Nhra6DLbQBmjechH7YQeibaz/WviSsnVEDuBnma0aINX7AJkkKUM8YTRwcbNFGE04rMHK8lHYk51ndx5i7Kw1lMFwQycmQGDxToG1OpPJwCE56R4SsIEmUqTtuCc5UmQv9LZs9cKllCF37ESPOYXdvMJqLe2cpLruQkow9wsZvaYJqU0g6Dea/kA+FjWBZphZxsdAz8J7l1TuBm/l9EEeJvxIMB3DUMzaJBCCSdy6jW8zYlnTGAgA/MW4W7JtCp6YUzgahkxAedVdfjozhaI5xw7TQm2NV1m++PUFIitQAqqMkJBLg9uh0AEnt7JxENUiC/UwWIknv43gW/or2Vcw2bJLPcScFobuUHnlN64OVsC5F99yVeYbBwZJDIguA93oS5IFx+o6Up2Umh6tdt93xEF5ubwQx0CyTV2XyS8WfO/45vfHGF21wccAQzykzLahg0nJUp3/7wPbc79zwQJKuTK8QXQJ44oDm3ZheUlTC5d2K7OQcnyAbfhoxLQYnISO1LI1INmqa0axlnQm5cCpfaUnBAXFOJ69Fe+ig==#
C:\WINDOWS\tasks\6fe9931a-f2a5-4563-a8ad-0ffb0525aaba-11.job - C:\Program Files (x86)\SavePass 1.1\6fe9931a-f2a5-4563-a8ad-0ffb0525aaba-11.exe# /rawdata=wd9H2qP+zPnHaoPhkSf9418BHdrD5Q74VxjeKILHwW5wMaUGPQ7iVZluM1jDJXCDkgxcn5ibQyNWh9hPaHyKwHhdH9ENp29pZ0WvupOkzzvwXoor2Q3XvBTlED3QZ5r3+5k5zQM+JtQKGqZSCOGCKe27teod9PqRoRFyU2nJa8OkA+dphKctVgTFJmaH0aC1QafhAsNS/EOa6GzK7Q6bEQzrKP1Mr1Wx7HMBDJPubBeKuViWF4yweDR5a2p56B+tGJ1NpDd9ItrXtuCDSrdKjMkYm8AnrfjkV9Mxk2lvwxWtrNXhNTdrB2Tw4dRzmXU3we2izDeOSN/IuvaSue/CahfSnqjfhrKkg1pNBtS45rHfB+fJ96HOBWpDPhZFJCWDCupbNgoGad9H+dXjWFIqvPJjHBe7vL5582NklQrv6+csVufC9qfSyIfwEqmZA0qgyDGEijifRgeJVCdvv+D8o+PBdHiP7XQBMMQBCyJ+7poADlI4lzgB7kEk1lwOBBktcaCsqMVMHZ2G9Iq4J60uYjOTC6KokdiwzS3jWITtEviE4HHZG3pN1ZFRztTvzg9wxXElPKqV6YEXgI7VnXLgKS4FdnCxny0wrr/4bYa1o1WEZhY8SOhE4KyGhhcanQCiANq0HImCBEfyo976gUtfqvMlLYKiC5v0Q5QOfBEkQwC7aNJRYvfBLxZHS2F9JZcdvN5eHG2eiBrvwq1n3fv7Dq1jW2qviMH8OvqtZnbxLmOOeXoPSnDswjxAN6NhUfwmO/RCNrEFujDFihTSE32PfK81TftZkA/5WgPt6atyYZdpf9G7EzCEVKjgL9naJDri+k3GQDCwAnGYp13O5o9h645vtPG4ITAdoWoe0RJvNdlVwTeZf4QpQ4Jvu0PAg9RkF3j7RelAZDjwylBbGo9QvLCa2T/6vJkM/Rdz6+d2Pjk4gJFrQJg93rgiB31WzPIfio+AaaP1xAr4HMZ/G8TYVdxcTmk+1aKzbA80Hkrkl8FERP5Tg0LsbNjdmWfOxBzFlt4E9C6cG7DmZgWoub0tTxgSdsBmjhnob7c6mnEAyVebww2RNd8mtd9ZvUSoEKtxQKXViH7AZ4lE3MI2JouMV1c3LY+LP8VASTKg58s4OokU96Td60KLSgSTvJyRhtK5sj7QyKDlOaPJKtRm+NnDmajkgFKiTZLgXcVkeA9oV0SU0vupwXYiuTIL4iuuKP+Y7VSgATElJ9DEt9McD1N1VrkU9g/Ptyh+0Ay9jS6gFhpvaiwk9QsLfdMuJnU1bUdVtrf5VC/dTUKv8vPIm4v0XkqBQtOjp7swW4lvyW7gemdbYJRZs691IeYTzg91ZMprUvftlI7X9YXBemzpSl3WPyT/B4cAGWd0mwOfYS7m3gea7P+mkBqinXFI6Iyiz/Di4BL+jpHA37MPXdEL7WrfynT8M+e/UWL6AF4BQR8oXZzHhdrOT0SZpfH9wr0niEbXVmnHM7dtdAPDOQaJvtX2GLjnoS3yc7xCQkuIOL/67agNH9x9jDCHzWTWqdmOuaU8jEg243A7zyfk1qm9bGSuRdtseZSrI7CTubS/6KeB2gcEzzgZpiky7ziIqGPiUX1WOVgAP+Pd/64bwKr7qszthHeLr/GTERIKEP+k0t70DSMfd50roKDBtflZgZD5GOIXkTXkywloXBwammwTmnRuHlA3kZ8hzIdPV4Gn1LBs34GzPRC90ZWfRRqwFPiLXFEjee9VZ2J6H3e0//Hvw5oxWpzJyFCt4a6IS9m9PBNcgGZo2RuZwm8nPi49tVVx9Mb+KLDz2Kll+lEA+h6lcJ90Z3Fga1/nzEGOa6XOftYUhOOxxX5xMHcmRO7JwPTbfN01dyH+PGRU+eCHWD2FCnoZ6sKjOM3P6HrMbnqF/wZqqz6t3lYJeW9QQvBa8R6uOJiLZTxUnIUnqUBIRe0Oiug5xZhtEbTciyG0j2vtGukl5q/hSz0H+GlwgfxevY4a0XGHcJXgigU9MvfHCh+KnSMpWzWL4wprnHdgl6KDLzJa3eRUi/6tK7hV+t9qJnkgdo48K3hwwA4J9W98kWzZaLixPqJ6F/ZcPILAbWi7hptIrr7AeN50AtSrp1Ns2YS0b8hnRuHSYU/BaZ9ixbp06GJgGSBs0bFOAjOerj8sciDVuVSuV+mvYJJAqXLCzmr5ZXcscbLdrfYkU8+6z4XaFRNZ6zYnxiCXfXGnwHHOWpNZvp4=#
C:\WINDOWS\tasks\6fe9931a-f2a5-4563-a8ad-0ffb0525aaba-2.job - C:\Program Files (x86)\SavePass 1.1\6fe9931a-f2a5-4563-a8ad-0ffb0525aaba-2.exe# /rawdata=szLgCq8bsrLoAbxBgK3S8PbPugWfVWV7+so9uKEihX46S/rQo8Z8sgWfhh1N1L1BEut5/jLHapA2twP08YIoU4fFlR6fnq2UP4ZEmq/0/dn6vuw4qVOAdFQxYO5+68YL1chgbkzv8H8UD12saQjcWhqfIScnQ22Y+iFYB0pyjvsiJzhQWzzmzJa6J5go9m4VWUnq2ojkUnKpwWuPK0omMgUJD2J4R5qcd+mCmpVMy7zTd30yfHXrzc8G+1NzkG/YMGSETHnbiIXsf/laRl5pTjPK6HZhNk+ETzEP7Y+JQsYCi40y0AFMP+mDbdgjjT5cRnky5bIAPoeQUDumOMR7WgmGfLnST5ssk0UrLhf8kzb7kaeWKDk1p2tm88ntkk/v6sS0AOsBvbDaNC/D5Cez+aKdWcEDBFan6ClGqivbf9fYdvwi23Mn4mJQiD7wOuVh2I6LXZCoi6xuwIZ1KMm/30KeTek9Vru21c9PYAt9V3M0j7CUfB/9rOSAsN6fXu+xvwFzGGw4B7Hw9rq0MBnZiQG2+1ScjBWTW/9YEki5Iww3yFDMAc+dzn4uJS2VuHE5oVWnblFWOhSK7TvbvKWFJDxHuyVHhZ1nwB+YPOd60SMJBZS1RSSQCgCm7HKrkYA8qvU6FiUxIR8apybAdhNZXdYIWnQ29MNa+CGIwErodbeaHpfzwy4jVCDLPt7JJK9Lx02um9z9sykCuu9Y1ZVpgTGgJ6gxKJ5aYeeJtsS3NREFVEwI8FIFeu58lFjRvytMxK1aaVazVF0FgxvgzcFGeezqq+qhbSpmkGdu4xyzyixelLZjVoRNo/GRGjDZ3P26lsfa3o7G9fr9zt/yy1/sJQ==#
C:\WINDOWS\tasks\6fe9931a-f2a5-4563-a8ad-0ffb0525aaba-4.job - C:\Program Files (x86)\SavePass 1.1\6fe9931a-f2a5-4563-a8ad-0ffb0525aaba-4.exe# /rawdata=FCnCdBRlc2/9DYy6R3RWJvT1zgyEc4PmUdN5MGvJLK9Fhpm7jp+2npjKn/CqYBwJqIVpmLnksRMSYV8U/4bd/pv5s3F6331vM5b4QeDpiZu4poh3fJHBsL/Z4mS5YJ6eVlzpTS+hUmQopY7jsb7f7sZ2G/ZMRZ6m/bcButPcBacCO5uEzI2fg92vOtxJis78ZtxC7dcVVmVU2oO/iiDCMxFpEQ+thB+eP2t1e6jnE3t0nHT0LC5iKnfHSiGwGsMt02wS8K8JfYjuKhQtooLK2c5XuAW0Aowi45exU5uEUHfEoN9pDS4GUC9N821MRydEKBlT6m5zT7/ThkbornxTx5Wcvp/NU1xcHoTAMCDOdjAyAWGCYiZNPa3lK/fwaB6pEULEovhPJsUJBu4tqSSNJN5LQGN/xNIgkTOKw/qnKDI06zNcSWDaJDmiJVPWbcXREE3vUA3ndLIaN+eVQRlgLZbrqhqrI2jQ4NLhklwgUSm6igzSgGqFTEb5CqBStPGXjf2iwZeNYD6eUsr5M7q5OQMn8aVbPg16X/RvHsXS/tWr6f6PzrUQ2s23ietJ9mk+RzM0G1zfiELfhvMsZQMgnwik9a2pf4ZTqMeFJNdm6Y27LGSzDSEvPUTIBj5zROC/fI9IM42WK/5caU7mJs5KUI+4XhZy7ixix4FzdRb31sGz6eQ9A03OQX78lXhNLdylNrQkAcY5yd3uTlehqztYGhlzIx2wKyG2ZnjIeT64AmFbR4up7Rm13D8FTvP8AspFqpPbIG5+PKR+WZrRjebsKiUxfMCyvy0ykqtCLXYOn7m4VHFXtuYitPHtdCWFMPM+Wr9NLo8RBOkQtXS7ZTOvt2bexNr896di/HcPUolIDLedcw8HdGhBgzbemJ9NV7+9tIqMyFRO0Uk0w80nShyBMZc7y0O/uGC80PkyAxBEWKGZZfJ+SDCy3w5mCRgtoy1Eu6e6Al1L2+gE93KIOaGQmAt4K+U0TEZhO63JxoMINza6APiOyOJCT6sshBdKAUrYJxexDNQHjtn30dhYSI2WYqDFP2BtKbOKbXFSPVPP+74G6pTSEXt78aP1m2Ipl7V3vk9o9MLAD9ouaEoJhMjNKfqwWLIaZqTAUmm8koVMneIHurSDAkucLilFayoWeapDyIo/fZs1C1GNxS9fe/Xs04j4ECdLX004woLXIlmUkb+7p0oReCutp5V7ZRBUZ2ORLS4hJFK2OvfRDKuYRGSu19Y0cgPsUQDU3SKCzfEZVK+tqVvgrP9B0qCkdgbPBeWLBkZyGs03C9UrviQEMdvYO1y3iiQImmfSRwyq4hp7+bxThlExOZLV0Wbg8bLfOjsYNw+MrgSxTxyMgLqwlaqb8y60gUy9YwTBxeizRKoMxZCL9AV4KMa+5pQISHhcZAxIRrkjOqteGJy2idHUkdeS92L9WmzUFRRQk+s5ifrNrS2JHqfZ75+epHHn5zAVdk1YETkWKkbdMopSnsyk8WkwHtBdelwdbFmm3Wa5R6hHzHVn8PT9uN4hGEoOyiqOfhuQLiRzHYRR8/P+uOmq+5M5oDCNTCz8WNQI+UKBnAWSGtQDTkD1sXvBd7X5kgIXhiVKrvvm0Ap2zkXE6fCsD7vJCn5EtxG20oKWATRg5vlo/v7O3WzwP/EmhIvXTBDVeDHl5VLcMmOVT+B66eYdorFUrlmbfsZxBu8UI4naBDTCTxFmEGLfFZpOOxWD4fyVhGaxBLsE/VYkP67APq8QiNd1pOhjBcncXhnzOCwdzOOjTyhuMMLQlT2RItrENvITr7kY82ZejHwQsH/Ki0AvfAQwuLbeBlUctuyDQ7U8vC8Z+pRlMlKZpfDhX2iG0nKNuzYlee1Y89Q2GK2y4afFN/II3w==#
C:\WINDOWS\tasks\6fe9931a-f2a5-4563-a8ad-0ffb0525aaba-5.job - C:\Program Files (x86)\SavePass 1.1\6fe9931a-f2a5-4563-a8ad-0ffb0525aaba-5.exe# /rawdata=T5VNHCJRsTrFr5INWpeDamKMA/EXIjVjxJDElQINOWv0AUoRn80ZcHsTC+3zu0A5BOX2zW4tIc/DElsrALqZUKV/C2fp7fnRhOf9OcvEH420rQOE/HlxqJUfJE21O6FP8zYZmv2+Yw6q/meCbz0xD9iW+vbIx8n8iaH3QFFyU5m7o6EXnL6npqXH0b7mEEh6U2DR6/BoDaCvPzAASolxj1evznbnIC/a6u3KpZS1ZErb6DZEozwaa81F96s/WHQm1OnGNbZyMLJo8LojptOk6Ee49ecyeMLtt2DfgLEvfOKDPFqmRGTjsYOlGT1hfGHDQt3HtVYjUbbXjHdTqvHOsEddfaAGH3r2Xl4+8SoImKD1mVX2fFKPXcaevM1acmjwKx2QXTPjtS6q2mksROODUu6TCV5DtOhKVmZGa7bjO7OPNZluUT4Dco1lRs48UoHEW8s4ChkGFlAg8Wl5mFCSGHaoGwVV6ZTpsvcMdOOygof/oyFRxkkyqEoan5cqEgz+anB6QcC6xGfKdB+MyPxJHdgJxK9iAtSNIiTKc4/dXoMkdb1o8oVYSRk+CFQ+bEGYCM1WAqKWyqpUV5shpaZKji42mKO8VDU+WWeqqAHHJGXKCwuFAW5i7IquM76biFdCp9kb5+MZAWNqlcRMFE3iQSIeKz7aHlIz0I1qzNunUUPE18DlnpXeQ3H+EIF8rtEEUdhxC2/L7a2EIe0WzBwA+x+JuO05TzVeCykPpIZMI/jBAinstTYxG0hHjg/+HUT4OYOXGC+6+I0OowPxe01nzdpugOiRviYFrWcBKAyxDo3rDqGqmV2ERD/GtcHjpFmKQolNBTNE4SArJmUF8yaksan16JMsVrGPPV3+cKkZPf69z/KEXdWk4n+mHoYUO2vtL5VSGMRxj+GghcFgY3defgO5f2lh55O9R00an7rpd0y+yei/Xo61TIOLv4MNrzFioYcUXnm00mI0V70waL7R6XLU1JyWwrKti+F9MoHFIr2n4f4Up9BEmY6/lbVLhqXO#
C:\WINDOWS\tasks\6fe9931a-f2a5-4563-a8ad-0ffb0525aaba-5_user.job - C:\Program Files (x86)\SavePass 1.1\6fe9931a-f2a5-4563-a8ad-0ffb0525aaba-5.exe# /rawdata=T5VNHCJRsTrFr5INWpeDamKMA/EXIjVjxJDElQINOWv0AUoRn80ZcHsTC+3zu0A5BOX2zW4tIc/DElsrALqZUKV/C2fp7fnRhOf9OcvEH420rQOE/HlxqJUfJE21O6FP8zYZmv2+Yw6q/meCbz0xD9iW+vbIx8n8iaH3QFFyU5m7o6EXnL6npqXH0b7mEEh6U2DR6/BoDaCvPzAASolxj1evznbnIC/a6u3KpZS1ZErb6DZEozwaa81F96s/WHQm1OnGNbZyMLJo8LojptOk6Ee49ecyeMLtt2DfgLEvfOKDPFqmRGTjsYOlGT1hfGHDQt3HtVYjUbbXjHdTqvHOsEddfaAGH3r2Xl4+8SoImKD1mVX2fFKPXcaevM1acmjwKx2QXTPjtS6q2mksROODUu6TCV5DtOhKVmZGa7bjO7OPNZluUT4Dco1lRs48UoHEW8s4ChkGFlAg8Wl5mFCSGHaoGwVV6ZTpsvcMdOOygof/oyFRxkkyqEoan5cqEgz+anB6QcC6xGfKdB+MyPxJHdgJxK9iAtSNIiTKc4/dXoMkdb1o8oVYSRk+CFQ+bEGYCM1WAqKWyqpUV5shpaZKji42mKO8VDU+WWeqqAHHJGXKCwuFAW5i7IquM76biFdCp9kb5+MZAWNqlcRMFE3iQSIeKz7aHlIz0I1qzNunUUPE18DlnpXeQ3H+EIF8rtEEUdhxC2/L7a2EIe0WzBwA+x+JuO05TzVeCykPpIZMI/jBAinstTYxG0hHjg/+HUT4OYOXGC+6+I0OowPxe01nzdpugOiRviYFrWcBKAyxDo3rDqGqmV2ERD/GtcHjpFmKQolNBTNE4SArJmUF8yaksRRDCqYxxFpQhJsS8I2ere+HmPM4Wx3bZvHRHWH909WagIG6Pe8AcRf5wZf3NeMhyxl63Tx5vFQwGUP5+bpr2rVASj+vj6Zk919TTBrjVokkx4V5BF/dJvFfVhIakll2696FBUb1oFq2I5AgvL+7HknQd0rDjItDa67CmkG/JjCK#
C:\WINDOWS\tasks\6fe9931a-f2a5-4563-a8ad-0ffb0525aaba-6.job - C:\Program Files (x86)\SavePass 1.1\6fe9931a-f2a5-4563-a8ad-0ffb0525aaba-6.exe# /rawdata=mXKBeDKBItL3swDd+YSnqH7Xq44izh16NIdLN4FpIL6DdHADkKVrjdk1jEL7+3Vo+AOVD5BDJNTrYhIuzUyjKeU2OsXwFx6z3bhgC4IXoObORwQL3WiWHuvv6JyOmOi0YHiraVM4++bjgCN4FEXeUKVeP/lheFBJNE3zniDL7SvDumgIkYDUvTnvf29dULyOQuuspJTC1+sE0fXX7zDoc1LKmYJL7+ZLdL+kLZy8KBi0/vBMtUmffRUhppNL2CqNvTgcJB3v+MPQs1JkrTlgYC8YXgdgMbv5jC7RiFvRrCta+jJyKPJDtwdUd35NI+iPXDyfeMqtZH0M5Jj/26DtrQg5cjmk732HpI3NcpS1d18dFKGd7Zl7UFyR9beu96zPt35XUi4xdaKZxMuAihaJKl5nimr04ZOV7AxAFsysqhKx4QxnzIrnPitFf8nCYl5Yrcmgz7TcVro7H0DdpkLGwM1PkPvvFGze8CTHBozCPK4BRfqlnvNk7xiQCT3NX/y7uZbSLi4RG9tVTQZ7M4U1hTIqtGByDGg9Ok51j162fmLJLZgd2+0QsRx1uHFVexQR6QgB/aBRbB8Fu0iUzOwXbmTVckBNCltdBHSkVihqv2nCSy3Ye/n9HHuvA223aPjjhdUocih+5rNZFcE7hlza0TvuJhYRsdmGzYUEWLufH2h2GpnkZ++653oeNpEGWUNqprwkIv4kIt0A52G/l+xSgjUo+WRSzG66ey35jSgNSuVmv3AoveZmygk4KBTj8AMqAK3vbDDDUKq+Ery+oJOetE2dTv+qbhbTH435JCPAOArZDPCXqI2hvZtDk0M2e7j6PskesFjesBy8nR2OLdWSdLwxvNnyzWawvV6Pyl6+oim+ahCyu5XckLDAEpm/A3dfYwEvb6/nKbdj3yMRdYpwnegskSxVJ1JEGwCPXkXpF+/Pu192DW+dvQ1xzg81Fo8FrHaVODyDzX3g+kuIEW55GuPLJBkan02NoSfwFy7JkSSYTzf4T9bV/btPfz9WyLG7eLoWvUFeVsrKDAePPeTa+ViQ7wrfiHYT4OA1MsEDWbcjJHRJ7Mvw8QL4UOzbs0WjX+X6R1IQeGrEK30gN5IG4EhIP4aiXJdGPYU+5MJncp0lIQHqiphffTZ/78bfL58TE84MJfMMrd7QL/BZDg3jz0BAKL0qpRnLN+PgcNqW3YmK+FX7hx/vOh72lNKSqexoBYSqBq/ZLtTlZDOa99eIWMDtUXMhbbcrR3o11MqX1T4OXBBJ4Fy50dLA6kpHN9Sp13Dv6x/BYCDVcPg/FcSqiuEK7VbrkPvVHBzB19Nq/9GbrTpYEi/5SUR1I/szBJ5oyrpgcxSxWfCL5Bhy0RNvtnNonqiYANq92bLuishCYmS4RC+fI9VLBf4plipj5xFWXFGhvcvcdn+6GjA9DYdSEEqMCv1Jc5t/S8UYSbOdgOdh83STfz17Huu3qdOyn7vngvjJ6YkH41U9EKOAhQzuaC0wylE1u7LVjBrh5DBQqnI51bsy6zSfh3U7M8Emd4z6NTUFwYNYllSFX3NtwJvuBH0/J2sZUHd23ux8ezUxn6QFxhXGyRGT2+r50uzN0bEbyACMLSXPKO8jhB/5KkGCQV0Oz2FMwhMGTTGAnEdM4gLppUS7H6xf9RFsQuCw8as9kav3yIWZKI5KFOFaYbm8Z4hex51HH2o2P4skwYHd/E0QCfC+CFvGRT5k77Y+RhtT7r6+KOknkLaKwCKH9Wk8uNAp6BhqkmQS5kuc7ofxSbNohyTIgIY+evHEa5PXPwVQ2Ow124TSmOCxBGeKWs7tyTrC5zYq3EntFzjfVT57+kfcO/W9R6bd99EHiusWrAqkq+ogXwEwtpesibuF500ZgQ==#
C:\WINDOWS\tasks\6fe9931a-f2a5-4563-a8ad-0ffb0525aaba-7.job - C:\Program Files (x86)\SavePass 1.1\6fe9931a-f2a5-4563-a8ad-0ffb0525aaba-7.exe# /rawdata=OQa98FAFB1thad6OAMW60Ci+qvNGWWTEtVCdXrl9lfu0UKMz4m/Hh+2Xxyxt/P3T4JH7xDrBFKCJVLBah558pkA1a/Nbu2vTbSS8D/jOgPX1Tvt0T92DZc+tsT3KfjSQ3+FxV6xQ2wf8Bq7MPz8viAHnkuBhrvTSnHdc8LnPbJoL6lTqK2m0rY+lAhjmB8KDURgH0sGoSIsuG25CncLybiRT8En+lFJGXz3Z2288c3K2+cexTyyO73woRvD1u5Zrfo9F/ONGZCi9apLQa1HNSIG99iQjcTfmugNA6wNVjPBQnwIXxVm22IpdM9PtpBhc8I5e22D4FSp5nPFNIbcMwmf3o/pkTT2/FR6fjblQv8bMlzDUR+3Px8nlTO4yifnFVY8SQZu6GKyozqVcjcLulqt0PI88Po7KLOY3ajDNhVFVuFc0qugc3zKe+1p/g3+9a91OxyQurtw4nGuAlZ0Rd+YUMEdUHbAEqem/HIBzp1GxPZzH6sH9AmqRHb8Y14uTEbXkHTWeETqsMTJ9iSP5AnjZ59SK8uNAz/PO/O2ZoM9oRei5RK5B8DQ7IsM0i2tcRsO0WVIiY95I+x/QVG5KUiO8UcHM/X1OGD4lxWIJCW6apcAc3a364+ANVFwcVXHi8Xm6rSRbn8Mo4KkjZZHR8/Ig4sDVpgLZodrdnsGXcCphTzdV02L1yDDgAjrJ37NP8dFX2n3jOMjfw/Ivhz9ebsgUvi6Qy3AI1RzhteDfkdUbi2UjjDxIYMocaMyT2NJ4daGuOflqJfa7BiCsDBuoHnMzBC9GcMFxRnQt9RaX9h1Zn8FwNNJRgT5fCP+nnkdBMIHMEe5GKhaIh/Chf5Sv4w8EPPtOYSHw4cfT0SAywOO8JmJUBlN/roBXNn5vcDKNUEFabqBRB3v9qhx2bxdEBl0rksZDhFwlmaTh88qPVRcpwXfnVComkImgjoeJdeFHwt7ldvaDDwITqqi9DmMoWB3T+mzq1t9x7AbFCbPPBeTPUGY7O6d6as4ZjkFK7Jhaab0j65JSb69k0Cxu2oPWiiAw3lm39DA3E98NHKip1Ut6pzGrcHmLJ7MslXfngmMSs1PRJsSdq6BiUYLM8/D3WB1O/fk8pPL7ItUg9cB0cfvUhViNuZ4NxE9qvKgYI3JOAV8xDDG/QACbYuRPkCpT2TJiz4DOdGLVo4vOPjLcbe++IcnsKlk/N7YkOYz6d1D5xXhty79jO55zZJQ9HEwFYmdUOf+Ydj07MglWyomnwHAQp3l/oxodwA/MDwyZysY9/rb1jnfsmGrnGtpJYNYum9Rii9NNRdIDJijezNe0hPzYb0H8l9OGATYV73DHtWBfFyEXbklY/BgKR7hIFe+0KjLBEjiScwEoXtDWRUSxNkL180HpvPq7ngOrgGXgJQJ06uQlYN/bFQzpoMpLq1un71q8RC6Pcd3ie68Bcgiy+kfDVVu2ddp29w17qksvrNJxR28+FooYQxLdSwyEOzXIB5uA0t+oU7gL/ynz+//luRNWTZmVSOMh2IBT3Eqv9RnLcmHyjvtJXZKx9FnL+2MNNBS7UHPz9eqw84jvk+jgXljsbSAqzwh780XTwlZIMdGkGqoIbTDEpl7nZk/8dI3+kGDZEkGjYdHUBfR7nV7Y6/YJNvHC3haW6yLVkDpjk9CiU1RQtLwDuD99UFzXycRmWrwIpjevnR31nbgufl+Xv48=#
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe# /c#
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe# /ua /installsource scheduler#
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe# /c#
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe# /ua /installsource scheduler#

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611341129}]
SavePass 1.1 - C:\Program Files (x86)\SavePass 1.1\SavePass 1.1-bho64.dll [2014-10-18 826784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-03 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-06-13 66176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-03 210856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-08-12 715016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611341129}]
SavePass 1.1 - C:\Program Files (x86)\SavePass 1.1\SavePass 1.1-bho.dll [2014-10-18 608672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31264a33-a653-46c4-af49-1232c59a7da5}]
BS Player ControlBar B Toolbar - C:\Users\Marek\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll [2014-04-10 423744]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - D:\Program Files (x86)\java\bin\ssv.dll [2014-09-26 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25 1253144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files (x86)\java\bin\jp2ssv.dll [2014-09-26 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-08-12 606472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{31264A33-A653-46C4-AF49-1232C59A7DA5} - BS Player ControlBar B Toolbar - C:\Users\Marek\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll [2014-04-10 423744]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25 1253144]
{31264a33-a653-46c4-af49-1232c59a7da5} - BS Player ControlBar B Toolbar - C:\Users\Marek\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll [2014-04-10 423744]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-06-25 13626072]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-06-05 1311304]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2013-04-11 2890128]
"UMonit64"=C:\Windows\SysWOW64\UMonit64.exe [2013-03-14 40960]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2014-08-09 1283136]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-08-09 2403288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-06-13 132736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=D:\program files\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"Zoner Photo Studio Service 16"=D:\Program Files (x86)\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-06-16 833024]
"Zoner Photo Studio Autoupdate"=D:\Program Files (x86)\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-06-16 833024]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-08-27 22041192]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-09-26 6482200]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2013-05-01 3187360]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [2012-12-19 3576784]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2013-03-08 95192]
"ROGNB"=C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [2011-09-19 466944]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-04-23 311616]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-06-13 132736]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
ImageBrowser EX Agent.lnk - C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe

C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Name Grabber.lnk - C:\Program Files (x86)\Apteryx\Apteryx Imaging\Name Grabber.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-10-24 09:28:58 ----D---- C:\rsit
2014-10-24 09:28:58 ----D---- C:\Program Files\trend micro
2014-10-18 08:32:27 ----D---- C:\Program Files (x86)\globalUpdate
2014-10-18 08:32:09 ----D---- C:\Program Files (x86)\SavePass 1.1
2014-10-17 19:59:44 ----A---- C:\WINDOWS\SYSWOW64\ispnet.dll
2014-10-17 18:23:16 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_39.dll
2014-10-17 18:23:16 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2014-10-17 18:23:15 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_39.dll
2014-10-17 18:23:15 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2014-10-17 18:23:13 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_39.dll
2014-10-17 18:23:13 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2014-10-17 18:22:29 ----A---- C:\WINDOWS\SYSWOW64\javaws.exe
2014-10-17 18:22:19 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2014-10-17 18:22:19 ----A---- C:\WINDOWS\SYSWOW64\javaw.exe
2014-10-17 18:22:19 ----A---- C:\WINDOWS\SYSWOW64\java.exe
2014-10-17 18:13:33 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2014-10-15 16:47:36 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2014-10-15 16:45:39 ----A---- C:\WINDOWS\system32\win32k.sys
2014-10-15 16:45:24 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2014-10-15 16:45:24 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2014-10-15 16:45:23 ----A---- C:\WINDOWS\system32\winbici.dll
2014-10-15 16:45:14 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-10-15 16:45:14 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-10-15 16:45:14 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-10-15 16:45:14 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-10-15 16:45:13 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-10-15 16:45:13 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-10-15 16:45:13 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-10-15 16:45:13 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-10-15 16:45:13 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-15 16:45:13 ----A---- C:\WINDOWS\system32\wups2.dll
2014-10-15 16:45:13 ----A---- C:\WINDOWS\system32\wups.dll
2014-10-15 16:45:13 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-10-15 16:45:13 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-10-15 16:45:13 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-10-15 16:45:09 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-10-15 16:45:08 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-10-15 16:44:57 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-10-15 16:44:54 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-10-15 16:44:52 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-10-15 16:44:51 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-10-15 16:44:50 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-10-15 16:44:49 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-10-15 16:44:49 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-10-15 16:44:49 ----A---- C:\WINDOWS\system32\wininet.dll
2014-10-15 16:44:49 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-10-15 16:44:48 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-10-15 16:44:48 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-10-15 16:44:48 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2014-10-15 16:44:48 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-10-15 16:44:48 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-10-15 16:44:48 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-10-15 16:44:47 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2014-10-15 16:44:47 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-10-15 16:44:47 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2014-10-15 16:44:47 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-10-15 16:44:47 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-10-15 16:44:47 ----A---- C:\WINDOWS\system32\vbscript.dll
2014-10-15 16:44:47 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-10-15 16:44:47 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2014-10-15 16:44:47 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2014-10-15 16:44:47 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-10-15 16:44:47 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-10-15 16:42:57 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2014-10-15 16:42:57 ----A---- C:\WINDOWS\SYSWOW64\packager.dll
2014-10-15 16:42:57 ----A---- C:\WINDOWS\system32\rastls.dll
2014-10-15 16:42:57 ----A---- C:\WINDOWS\system32\packager.dll
2014-10-15 16:42:34 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2014-10-15 16:42:34 ----A---- C:\WINDOWS\system32\authui.dll
2014-10-15 16:42:34 ----A---- C:\WINDOWS\system32\appinfo.dll
2014-10-15 16:42:30 ----A---- C:\WINDOWS\system32\shell32.dll
2014-10-15 16:42:28 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-15 16:42:27 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-10-15 16:42:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2014-10-15 16:42:25 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2014-10-15 16:42:25 ----A---- C:\WINDOWS\system32\mstscax.dll
2014-10-15 16:42:24 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2014-10-15 16:42:24 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-10-15 16:42:23 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2014-10-15 16:42:23 ----A---- C:\WINDOWS\system32\ntdll.dll
2014-10-15 16:42:22 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2014-10-15 16:42:22 ----A---- C:\WINDOWS\system32\propsys.dll
2014-10-15 16:42:22 ----A---- C:\WINDOWS\system32\KernelBase.dll
2014-10-15 16:42:21 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2014-10-15 16:42:21 ----A---- C:\WINDOWS\SYSWOW64\Wldap32.dll
2014-10-15 16:42:21 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2014-10-15 16:42:21 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2014-10-15 16:42:21 ----A---- C:\WINDOWS\system32\WSShared.dll
2014-10-15 16:42:21 ----A---- C:\WINDOWS\system32\Wldap32.dll
2014-10-15 16:42:21 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2014-10-15 16:42:20 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2014-10-15 16:42:20 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-15 16:42:20 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-15 16:42:20 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2014-10-15 16:42:20 ----A---- C:\WINDOWS\system32\bisrv.dll
2014-10-15 16:42:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 16:42:19 ----A---- C:\WINDOWS\SYSWOW64\SkyDriveShell.dll
2014-10-15 16:42:19 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 16:42:19 ----A---- C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-15 16:42:19 ----A---- C:\WINDOWS\system32\ProximityService.dll
2014-10-15 16:42:19 ----A---- C:\WINDOWS\system32\pcsvDevice.dll
2014-10-15 16:42:19 ----A---- C:\WINDOWS\system32\httpprxm.dll
2014-10-15 16:42:19 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-10-15 16:42:19 ----A---- C:\WINDOWS\system32\adhsvc.dll
2014-10-15 16:39:47 ----A---- C:\WINDOWS\system32\generaltel.dll
2014-10-15 16:39:47 ----A---- C:\WINDOWS\system32\aepdu.dll
2014-10-15 16:39:46 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2014-10-15 16:39:46 ----A---- C:\WINDOWS\system32\msi.dll
2014-10-15 16:39:46 ----A---- C:\WINDOWS\system32\aeinv.dll
2014-10-12 20:09:45 ----RD---- C:\Program Files (x86)\Skype

======List of files/folders modified in the last 1 month======

2014-10-24 09:29:06 ----D---- C:\WINDOWS\Prefetch
2014-10-24 09:28:58 ----RD---- C:\Program Files
2014-10-24 09:28:45 ----SHD---- C:\WINDOWS\Installer
2014-10-24 09:28:45 ----D---- C:\WINDOWS\Temp
2014-10-24 09:28:38 ----HD---- C:\Config.Msi
2014-10-24 09:28:35 ----D---- C:\Program Files\Adblock Plus for IE
2014-10-24 09:28:01 ----SHD---- C:\System Volume Information
2014-10-24 09:25:53 ----D---- C:\Users\Marek\AppData\Roaming\Skype
2014-10-24 09:00:01 ----D---- C:\WINDOWS\system32\sru
2014-10-24 08:59:59 ----D---- C:\Program Files (x86)\Google
2014-10-23 14:38:52 ----RD---- C:\Program Files (x86)
2014-10-23 14:38:49 ----D---- C:\WINDOWS\Tasks
2014-10-23 09:09:04 ----D---- C:\WINDOWS\SoftwareDistribution
2014-10-23 09:09:03 ----D---- C:\Windows
2014-10-22 19:43:17 ----D---- C:\WINDOWS\Inf
2014-10-22 19:43:17 ----D---- C:\WINDOWS\debug
2014-10-22 18:50:40 ----D---- C:\Program Files (x86)\Dialog MIS
2014-10-22 13:47:42 ----D---- C:\WINDOWS\system32\config
2014-10-22 13:44:52 ----D---- C:\WINDOWS\Microsoft.NET
2014-10-22 10:29:53 ----HD---- C:\Program Files\WindowsApps
2014-10-22 10:29:38 ----D---- C:\WINDOWS\AppReadiness
2014-10-21 19:14:06 ----D---- C:\ProgramData\Origin
2014-10-21 18:42:15 ----D---- C:\WINDOWS\system32\Tasks
2014-10-21 14:43:22 ----D---- C:\ProgramData\NVIDIA
2014-10-21 13:32:31 ----RD---- C:\WINDOWS\System32
2014-10-21 13:32:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-20 17:14:59 ----D---- C:\WINDOWS\system32\DriverStore
2014-10-20 15:18:48 ----RSD---- C:\WINDOWS\assembly
2014-10-20 15:17:49 ----D---- C:\WINDOWS\rescache
2014-10-20 15:13:05 ----D---- C:\WINDOWS\WinSxS
2014-10-18 08:44:16 ----D---- C:\Users\Marek\AppData\Roaming\DAEMON Tools Lite
2014-10-18 08:44:09 ----D---- C:\WINDOWS\Logs
2014-10-17 19:59:44 ----D---- C:\WINDOWS\SysWOW64
2014-10-17 19:19:41 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-10-17 18:22:43 ----D---- C:\ProgramData\Oracle
2014-10-17 18:22:34 ----D---- C:\Program Files (x86)\Common Files
2014-10-17 18:09:19 ----D---- C:\WINDOWS\MediaViewer
2014-10-17 18:09:18 ----D---- C:\WINDOWS\FileManager
2014-10-17 18:09:18 ----D---- C:\WINDOWS\Camera
2014-10-17 18:09:14 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-17 18:09:13 ----D---- C:\Program Files\Internet Explorer
2014-10-17 18:09:10 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-10-17 18:09:08 ----D---- C:\WINDOWS\system32\cs-CZ
2014-10-17 18:09:03 ----RD---- C:\WINDOWS\ToastData
2014-10-17 18:08:59 ----D---- C:\WINDOWS\WinStore
2014-10-17 18:08:56 ----D---- C:\WINDOWS\system32\drivers
2014-10-17 18:05:40 ----DC---- C:\WINDOWS\system32\DRVSTORE
2014-10-17 10:50:53 ----D---- C:\WINDOWS\CbsTemp
2014-10-16 21:12:05 ----D---- C:\Program Files\CCleaner
2014-10-16 14:14:45 ----D---- C:\WINDOWS\system32\catroot
2014-10-15 16:48:42 ----D---- C:\WINDOWS\system32\MRT
2014-10-15 16:48:26 ----A---- C:\WINDOWS\system32\MRT.exe
2014-10-15 16:47:47 ----SD---- C:\WINDOWS\system32\CompatTel
2014-10-15 16:40:30 ----D---- C:\WINDOWS\system32\catroot2
2014-10-15 15:03:01 ----D---- C:\WINDOWS\system32\NDF
2014-10-14 14:10:21 ----SD---- C:\ProgramData\Microsoft
2014-10-12 20:09:53 ----D---- C:\ProgramData\Skype
2014-10-01 07:51:43 ----D---- C:\Program Files\Windows Journal
2014-10-01 07:51:42 ----D---- C:\WINDOWS\SYSWOW64\wbem
2014-10-01 07:51:42 ----D---- C:\WINDOWS\SYSWOW64\setup
2014-10-01 07:51:38 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-10-01 07:51:38 ----D---- C:\WINDOWS\system32\wbem
2014-10-01 07:51:38 ----D---- C:\WINDOWS\system32\setup
2014-10-01 07:51:38 ----D---- C:\WINDOWS\system32\oobe
2014-10-01 07:51:38 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2014-10-01 07:51:38 ----D---- C:\WINDOWS\system32\Boot
2014-10-01 07:51:35 ----RSD---- C:\WINDOWS\Fonts
2014-10-01 07:51:35 ----D---- C:\WINDOWS\apppatch
2014-10-01 07:51:34 ----D---- C:\WINDOWS\SYSWOW64\migration
2014-10-01 07:51:34 ----D---- C:\WINDOWS\SYSWOW64\InputMethod
2014-10-01 07:51:33 ----D---- C:\WINDOWS\system32\migration

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-05-03 677360]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 dtsoftbus01;@oem1.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-02-08 283064]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 plctrl;plctrl; \??\C:\Program Files\ASUS\P4G\plctrl.sys [2013-06-19 18232]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-09-18 17152]
R3 AthBTPort;@oem10.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2013-06-13 89800]
R3 athr;@oem24.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-06-21 3873792]
R3 BTATH_A2DP;@oem9.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2013-06-13 347336]
R3 btath_avdt;@oem9.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2013-06-13 115912]
R3 BTATH_BUS;@oem6.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-06-13 34384]
R3 BTATH_HCRP;@oem12.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2013-06-13 179432]
R3 BTATH_LWFLT;@oem15.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2013-06-13 77464]
R3 BTATH_RCP;@oem17.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2013-06-13 136784]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-01-28 593000]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;SluĹľba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-08-22 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2014-05-07 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;OvladaÄŤ rozhranĂ­ USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-01-31 81920]
R3 dot4;@oem26.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
R3 Dot4Print;@oem27.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
R3 dot4usb;@oem26.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
R3 ETD;@oem14.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2013-04-11 363920]
R3 HIDSwitch;@oem18.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2012-05-31 21152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-06-25 3462616]
R3 kbfiltr;@oem16.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 L1C;@oem4.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-04-26 129224]
R3 MEIx64;@oem13.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-05-15 64624]
R3 NVHDA;@oem87.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-07-02 12866008]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-08-09 20440]
R3 nvvad_WaveExtensible;@oem83.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2014-05-07 167424]
R3 usbscan;@sti.inf,%usbscan.SvcDesc%;OvladaÄŤ skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;OvladaÄŤ portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-07-24 1200640]
S3 dg_ssudbus;@oem67.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-04-11 110336]
S3 ssudmdm;@oem70.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-04-11 206080]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2013-01-15 107320]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files\ASUS\P4G\InsOnSrv.exe [2013-06-19 277120]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [2012-12-19 72192]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-06-13 312448]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 cgm.ebooking-1;cgm.ebooking-1; D:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe [2014-06-16 42896]
R2 cgm.servercore;cgm.servercore; D:\CGMSERVER\bin\core\cgm.servercore.exe [2014-05-13 59280]
R2 HCS.MEDCONNECT.SERVICEMANAGER;HCS.MEDCONNECT.SERVICEMANAGER; D:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe [2013-11-19 84480]
R2 hpqddsvc;SluĹľba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 HPSLPSVC;HP Network Devices Support; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-02-13 731648]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-05-15 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-05-15 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-05-15 366552]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-08-09 1720792]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-08-09 18973144]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-07-02 935368]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 411936]
R2 TBSrv;Toolbar Service; C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe [2014-04-10 350528]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2013-02-19 2417504]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe [2012-01-25 240408]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe [2012-01-25 192792]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-10-18 68608]
S2 gupdate;SluĹľba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-26 116648]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-10-18 68608]
S3 gupdatem;SluĹľba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-26 116648]
S3 HCS.MedConnect.Service;HCS.MedConnect.Service; D:\CGMSERVER\bin\medical-net\MedConnect\HCS.MedConnect.Service.exe [2013-11-19 45568]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-02-13 820184]

-----------------EOF-----------------

[altrok]

Zdravim Vas,

hned na uvod Vas pozadam o presne dodrzeni postupu

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

• Stahnete a ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/,
• ukoncete vsechny programy,
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem),
• kliknete na Scan, pote na Clean,
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi.

dejte novy log FRST (prilozte i Addition.txt) - http://forum.viry.cz/viewtopic.php?f=30&t=133101

stale vyskakuji reklamni okna?

[daymaker]

zde log, díky

# AdwCleaner v4.001 - Report created 24/10/2014 at 13:10:07
# DB v2014-10-23.2
# Updated 20/10/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Marek - MAREKNB
# Running from : C:\Users\Marek\Desktop\adwcleaner_4.001.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : TBSrv

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Users\Marek\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Marek\AppData\LocalLow\PriceGong
Folder Deleted : C:\ProgramData\Tbccint
Folder Deleted : C:\Program Files (x86)\Tbccint
Folder Deleted : C:\Users\Marek\AppData\Local\Tbccint
Folder Deleted : C:\Users\Marek\AppData\LocalLow\Tbccint
Folder Deleted : C:\Users\Marek\AppData\LocalLow\BS_Player_ControlBar_B
Folder Deleted : C:\Program Files (x86)\SavePass 1.1
File Deleted : C:\END

***** [ Scheduled Tasks ] *****

Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : 6fe9931a-f2a5-4563-a8ad-0ffb0525aaba-1
Task Deleted : 6fe9931a-f2a5-4563-a8ad-0ffb0525aaba-11
Task Deleted : 6fe9931a-f2a5-4563-a8ad-0ffb0525aaba-2
Task Deleted : 6fe9931a-f2a5-4563-a8ad-0ffb0525aaba-4
Task Deleted : 6fe9931a-f2a5-4563-a8ad-0ffb0525aaba-5
Task Deleted : 6fe9931a-f2a5-4563-a8ad-0ffb0525aaba-5_user
Task Deleted : 6fe9931a-f2a5-4563-a8ad-0ffb0525aaba-6
Task Deleted : 6fe9931a-f2a5-4563-a8ad-0ffb0525aaba-7

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT3329621
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3329621
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31264A33-A653-46C4-AF49-1232C59A7DA5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611341129}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622342229}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655345529}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666346629}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644344429}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31264A33-A653-46C4-AF49-1232C59A7DA5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611341129}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31264A33-A653-46C4-AF49-1232C59A7DA5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611341129}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31264A33-A653-46C4-AF49-1232C59A7DA5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611341129}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31264A33-A653-46C4-AF49-1232C59A7DA5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611341129}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622342229}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655345529}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666346629}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611341129}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\Tbccint
Key Deleted : HKCU\Software\Tbccint_HKLM
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SavePass 1.1
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Tbccint
Key Deleted : HKCU\Software\AppDataLow\Software\TbccintSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player_ControlBar_B
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKLM\SOFTWARE\SavePass 1.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SavePass 1.1
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - domino.dent.cz:3128

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344


*************************

AdwCleaner[R0].txt - [13991 octets] - [24/10/2014 13:07:54]
AdwCleaner[S0].txt - [12494 octets] - [24/10/2014 13:10:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12555 octets] ##########

[altrok]

stale vyskakuji reklamni okna?

dejte novy log FRST (prilozte i Addition.txt) - http://forum.viry.cz/viewtopic.php?f=30&t=133101

[daymaker]

Okna zmizela...

log

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-10-2014
Ran by Marek (administrator) on MAREKNB on 24-10-2014 13:38:55
Running from C:\Users\Marek\Desktop
Loaded Profile: Marek (Available profiles: Marek)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft) D:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe
(Microsoft) D:\CGMSERVER\bin\core\cgm.servercore.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(HCS GmbH) D:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe
() D:\CGMSERVER\nginx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
() D:\CGMSERVER\nginx.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
() C:\Windows\SysWOW64\UMonit64.exe
(ZONER software) D:\Program Files (x86)\Photo Studio 16\Program32\ZPSTray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Apteryx, Inc.) C:\Program Files (x86)\Apteryx\Apteryx Imaging\Name Grabber.exe
() C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(DIALOG MIS LTD.) C:\Program Files (x86)\Dialog MIS\Doktor.EXE
(Micronetics Design Corporation) C:\Program Files (x86)\Dialog MIS\msmws002.dll
(Compu Group Medical Česká republika s.r.o.) C:\Program Files (x86)\Dialog MIS\dialog.goblin.exe
(CompuGroup Medical) C:\Program Files (x86)\Dialog MIS\cgmassist\wkflsr32.exe
(CompuGroup Medical) C:\Program Files (x86)\Dialog MIS\cgmassist\wkflbu32.exe
(Apteryx, Inc.) C:\Program Files (x86)\Apteryx\Apteryx Imaging\DrSuni.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13626072 2013-06-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1311304 2013-06-05] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890128 2013-04-11] (ELAN Microelectronics Corp.)
HKLM\...\Run: [UMonit64] => C:\Windows\SysWOW64\UMonit64.exe [40960 2013-03-14] ()
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403288 2014-08-09] (NVIDIA Corporation)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [ROGNB] => C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [466944 2011-09-19] ()
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-04-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-06-13] ( (Qualcomm®Atheros®))
HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\...\Run: [DAEMON Tools Lite] => D:\program files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\...\Run: [Zoner Photo Studio Service 16] => D:\Program Files (x86)\Photo Studio 16\Program32\ZPSService.exe [27648 2014-06-16] ()
HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\...\Run: [Zoner Photo Studio Autoupdate] => D:\Program Files (x86)\Photo Studio 16\Program32\ZPSTRAY.EXE [833024 2014-06-16] (ZONER software)
HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\...\MountPoints2: {67ce5ad7-2b96-11e3-be7b-240a6474b392} - "F:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\...\MountPoints2: {f6a724d8-90ee-11e3-be8b-240a6474b392} - "F:\AutoRun.exe"
HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\...\MountPoints2: {f71aae25-4873-11e4-bea1-240a6474b392} - "H:\LaunchU3.exe" -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Name Grabber.lnk
ShortcutTarget: Name Grabber.lnk -> C:\Program Files (x86)\Apteryx\Apteryx Imaging\Name Grabber.exe (Apteryx, Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
SearchScopes: HKCU - DefaultScope {91260B3B-C372-40B5-8CDA-E3E4176959D4} URL = http://search.zonealarm.com/search?src= ... ver=&&r=78
SearchScopes: HKCU - {91260B3B-C372-40B5-8CDA-E3E4176959D4} URL = http://search.zonealarm.com/search?src= ... ver=&&r=78
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm®Atheros®)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files (x86)\java\bin\ssv.dll (Oracle Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files (x86)\java\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> D:\Program Files (x86)\java\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> D:\Program Files (x86)\java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-06-19] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-06-13] (Windows (R) Win 7 DDK provider)
R2 cgm.ebooking-1; D:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe [42896 2014-06-16] (Microsoft)
R2 cgm.servercore; D:\CGMSERVER\bin\core\cgm.servercore.exe [59280 2014-05-13] (Microsoft)
S3 HCS.MedConnect.Service; D:\CGMSERVER\bin\medical-net\MedConnect\HCS.MedConnect.Service.exe [45568 2013-11-19] (HCS GmbH) [File not signed]
R2 HCS.MEDCONNECT.SERVICEMANAGER; D:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe [84480 2013-11-19] (HCS GmbH) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-15] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-15] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720792 2014-08-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18973144 2014-08-09] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-06-13] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-06-13] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2014-05-07] (Microsoft Corporation)
R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-02-08] (Disc Soft Ltd)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20440 2014-08-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [18232 2013-06-19] (ASUSTek Computer Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-24 13:38 - 2014-10-24 13:39 - 00020863 _____ () C:\Users\Marek\Desktop\FRST.txt
2014-10-24 13:38 - 2014-10-24 13:39 - 00000000 ____D () C:\FRST
2014-10-24 13:38 - 2014-10-24 13:38 - 02112000 _____ (Farbar) C:\Users\Marek\Desktop\FRST64.exe
2014-10-24 13:36 - 2014-10-24 13:36 - 00029696 _____ () C:\Users\Marek\AppData\Local\MSGBOX.EXE
2014-10-24 13:36 - 2014-10-24 13:36 - 00000856 _____ () C:\Users\Marek\Downloads\Hudba – zástupce.lnk
2014-10-24 13:10 - 2014-10-24 13:10 - 00000546 _____ () C:\WINDOWS\PFRO.log
2014-10-24 13:07 - 2014-10-24 13:23 - 00000000 ____D () C:\AdwCleaner
2014-10-24 12:06 - 2014-10-24 12:06 - 01962496 _____ () C:\Users\Marek\Desktop\adwcleaner_4.001.exe
2014-10-24 09:28 - 2014-10-24 10:22 - 00000000 ____D () C:\rsit
2014-10-24 09:28 - 2014-10-24 09:29 - 00000000 ____D () C:\Program Files\trend micro
2014-10-24 09:27 - 2014-10-24 09:27 - 01222144 _____ () C:\Users\Marek\Desktop\RSITx64.exe
2014-10-24 08:59 - 2014-10-24 08:59 - 00000000 __SHD () C:\Users\Marek\AppData\Local\EmieUserList
2014-10-24 08:59 - 2014-10-24 08:59 - 00000000 __SHD () C:\Users\Marek\AppData\Local\EmieSiteList
2014-10-23 09:09 - 2014-10-24 13:38 - 00236002 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-21 11:42 - 2014-10-21 11:42 - 00000000 _____ () C:\Users\Marek\Desktop\připravit plán.txt
2014-10-21 08:52 - 2014-10-21 08:52 - 00007153 _____ () C:\Users\Marek\Downloads\231917349_1_CSSZ_Protokol_o_zpracovani_e-Podani_CSSZ_PVPOJ-B5BB269092CC418FA2BC49F4A3E1AB5E-231662545.html
2014-10-21 08:51 - 2014-10-21 08:51 - 00006002 _____ () C:\Users\Marek\Downloads\231917349_0_CSSZ_Protokol_o_zpracovani_e-Podani_CSSZ_PVPOJ-B5BB269092CC418FA2BC49F4A3E1AB5E-231662545.xml
2014-10-18 08:46 - 2014-10-18 08:49 - 00000000 ____D () C:\Users\Marek\Documents\FIFA 15
2014-10-18 08:27 - 2014-10-18 08:27 - 01015879 _____ () C:\Users\Marek\Downloads\Installer (Right Click then select extract all).zip
2014-10-17 19:59 - 2014-10-17 19:59 - 00674930 _____ (Key Customizer,Inc. ) C:\Users\Marek\Downloads\kcsetup.exe
2014-10-17 19:59 - 2014-10-17 19:59 - 00000003 _____ () C:\WINDOWS\SysWOW64\ispnet.dll
2014-10-17 18:29 - 2014-10-17 18:29 - 00000000 ____D () C:\Users\Marek\Documents\My Games
2014-10-17 18:23 - 2008-07-12 08:18 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2014-10-17 18:23 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2014-10-17 18:23 - 2008-07-12 08:18 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2014-10-17 18:23 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2014-10-17 18:23 - 2008-07-12 08:18 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2014-10-17 18:23 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2014-10-17 18:22 - 2014-09-26 18:42 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-10-17 18:22 - 2014-09-26 18:36 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-10-17 18:22 - 2014-09-26 18:36 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-10-17 18:22 - 2014-09-26 18:35 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-10-17 18:21 - 2014-10-17 18:22 - 00004621 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_71-b14.log
2014-10-17 18:13 - 2014-09-30 00:45 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-10-17 18:13 - 2014-09-30 00:45 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-16 21:11 - 2014-10-16 21:11 - 04965896 _____ (Piriform Ltd) C:\Users\Marek\Downloads\ccsetup418.exe
2014-10-16 19:02 - 2014-10-16 19:02 - 05045422 _____ () C:\Users\Marek\Downloads\archive.zip
2014-10-15 16:47 - 2014-10-15 16:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-10-15 16:45 - 2014-09-28 00:25 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-15 16:45 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-15 16:45 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-15 16:45 - 2014-09-08 05:15 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-15 16:45 - 2014-09-08 03:46 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-15 16:45 - 2014-09-08 03:46 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-15 16:45 - 2014-09-08 02:08 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-15 16:45 - 2014-09-08 02:07 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-15 16:45 - 2014-09-08 02:05 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-15 16:45 - 2014-09-08 02:04 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-15 16:45 - 2014-09-08 02:04 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-15 16:45 - 2014-09-08 02:03 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-15 16:45 - 2014-09-08 02:03 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-15 16:45 - 2014-09-08 01:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-15 16:45 - 2014-09-08 01:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-15 16:45 - 2014-09-08 01:56 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-15 16:45 - 2014-09-08 01:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-15 16:45 - 2014-09-04 02:10 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-15 16:45 - 2014-09-04 01:57 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-15 16:45 - 2014-09-04 01:49 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-15 16:44 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-15 16:44 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-15 16:44 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-15 16:44 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-15 16:44 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-15 16:44 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-15 16:44 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-15 16:44 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-15 16:44 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-15 16:44 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-15 16:44 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-15 16:44 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-15 16:44 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-15 16:44 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-15 16:44 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-15 16:44 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-15 16:44 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-15 16:44 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-15 16:44 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-15 16:44 - 2014-09-19 02:42 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-15 16:44 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-15 16:44 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-15 16:44 - 2014-09-19 02:20 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-15 16:44 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-15 16:44 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-15 16:44 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-15 16:44 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-15 16:44 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-15 16:42 - 2014-09-13 08:29 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-15 16:42 - 2014-09-13 07:49 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-15 16:42 - 2014-09-04 02:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-15 16:42 - 2014-09-04 02:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-15 16:42 - 2014-08-29 03:58 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-15 16:42 - 2014-08-29 01:56 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-15 16:42 - 2014-08-29 01:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-15 16:42 - 2014-08-16 06:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-15 16:42 - 2014-08-16 06:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-15 16:42 - 2014-08-16 06:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-15 16:42 - 2014-08-16 05:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-15 16:42 - 2014-08-16 05:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-15 16:42 - 2014-08-16 05:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-15 16:42 - 2014-08-16 05:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-15 16:42 - 2014-08-16 05:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-10-15 16:42 - 2014-08-16 05:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-15 16:42 - 2014-08-16 03:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-15 16:42 - 2014-08-16 03:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-15 16:42 - 2014-08-16 02:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-15 16:42 - 2014-08-16 02:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-15 16:42 - 2014-08-16 02:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-15 16:42 - 2014-08-16 02:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-15 16:42 - 2014-08-16 02:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-15 16:42 - 2014-08-16 02:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-15 16:42 - 2014-08-16 02:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-15 16:42 - 2014-08-16 02:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-15 16:42 - 2014-08-16 02:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 16:42 - 2014-08-16 02:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-15 16:42 - 2014-08-16 02:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-15 16:42 - 2014-08-16 02:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-15 16:42 - 2014-08-16 02:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 16:42 - 2014-08-16 02:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-15 16:42 - 2014-08-16 02:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-15 16:42 - 2014-08-16 02:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-15 16:42 - 2014-08-16 02:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-15 16:42 - 2014-08-16 02:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-15 16:42 - 2014-08-16 02:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-15 16:42 - 2014-08-16 02:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-15 16:42 - 2014-08-16 02:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-15 16:42 - 2014-08-16 02:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-15 16:42 - 2014-08-16 02:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-15 16:42 - 2014-08-01 01:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-15 16:39 - 2014-10-10 00:16 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-10-15 16:39 - 2014-10-09 00:09 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-10-15 16:39 - 2014-09-19 03:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-10-15 16:39 - 2014-09-13 08:02 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-15 16:39 - 2014-09-13 07:30 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-14 14:09 - 2012-10-15 08:58 - 00000478 ____N () C:\WINDOWS\hpomdl47.dat.temp
2014-10-14 14:08 - 2014-10-14 14:08 - 00000000 ____D () C:\Users\Marek\Documents\Fax
2014-10-12 20:09 - 2014-10-12 20:09 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-12 20:09 - 2014-10-12 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-08 19:41 - 2014-10-08 19:41 - 00000000 ____D () C:\Users\Marek\Downloads\Subs
2014-10-05 22:10 - 2014-10-05 22:14 - 285676685 _____ () C:\Users\Marek\Downloads\zasilka-BAP5ZE3K9IJ796BH.zip
2014-10-03 14:47 - 2014-10-03 14:47 - 00000110 ____H () C:\Users\Marek\Desktop\1.JPG.uid-zps
2014-09-30 11:01 - 2014-09-30 11:01 - 00006911 _____ () C:\Users\Marek\Downloads\2141539159.txt
2014-09-30 11:00 - 2014-09-30 11:00 - 00004566 _____ () C:\Users\Marek\Downloads\2141526282.txt
2014-09-30 10:57 - 2014-09-30 10:57 - 00003985 _____ () C:\Users\Marek\Downloads\1143524385.txt
2014-09-30 10:52 - 2014-09-30 10:52 - 00000179 _____ () C:\Users\Marek\Downloads\DOPIS1 (11).TXT
2014-09-30 10:52 - 2014-09-30 10:52 - 00000175 _____ () C:\Users\Marek\Downloads\DOPIS1 (10).TXT
2014-09-30 10:50 - 2014-09-30 10:50 - 00000175 _____ () C:\Users\Marek\Downloads\DOPIS1 (9).TXT

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-24 13:36 - 2013-09-27 08:10 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\Skype
2014-10-24 13:19 - 2013-12-05 15:51 - 00000000 ___DO () C:\Users\Marek\SkyDrive
2014-10-24 13:18 - 2013-09-02 14:37 - 00003474 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update1
2014-10-24 13:18 - 2013-09-02 14:37 - 00003464 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update2
2014-10-24 13:14 - 2013-09-25 19:06 - 00000074 _____ () C:\Users\Marek\AppData\Roaming\sp_data.sys
2014-10-24 13:12 - 2013-09-26 02:02 - 00000972 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-24 13:11 - 2013-12-05 15:10 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-24 13:11 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-24 13:10 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-24 13:05 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-24 11:43 - 2013-09-26 02:02 - 00000976 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-24 09:28 - 2013-09-25 19:53 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2014-10-24 09:10 - 2013-09-26 02:59 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3328339923-2747926138-1126850117-1002
2014-10-24 08:59 - 2013-09-26 02:02 - 00000000 ____D () C:\Users\Marek\AppData\Local\Google
2014-10-24 08:59 - 2013-09-26 02:02 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-24 07:28 - 2013-12-10 13:21 - 00003966 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A96A36D2-DB0B-4C3A-8A94-C4DD9F80F2D2}
2014-10-23 14:38 - 2013-09-26 02:02 - 00003948 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-23 14:38 - 2013-09-26 02:02 - 00003712 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-22 18:50 - 2013-09-26 20:51 - 00000000 ____D () C:\Program Files (x86)\Dialog MIS
2014-10-22 10:29 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-21 19:14 - 2013-09-30 08:19 - 00000000 ____D () C:\ProgramData\Origin
2014-10-21 13:32 - 2013-12-05 15:26 - 01745984 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-21 13:32 - 2013-09-30 05:56 - 00739924 _____ () C:\WINDOWS\system32\perfh005.dat
2014-10-21 13:32 - 2013-09-30 05:56 - 00151610 _____ () C:\WINDOWS\system32\perfc005.dat
2014-10-20 15:17 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-20 13:36 - 2014-01-10 20:56 - 00000000 ___RD () C:\Users\Marek\Desktop\odkazy
2014-10-18 08:44 - 2013-10-04 22:07 - 00000000 ____D () C:\Users\Marek\AppData\Roaming\DAEMON Tools Lite
2014-10-18 08:44 - 2013-09-25 19:19 - 00000000 ____D () C:\Users\Marek\AppData\Local\CrashDumps
2014-10-17 19:19 - 2013-09-02 14:18 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-17 18:22 - 2013-09-30 17:47 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-17 18:12 - 2013-08-22 16:44 - 00511288 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-17 18:09 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-17 18:09 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-17 18:09 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-17 18:09 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-17 18:08 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-17 18:05 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-10-17 18:04 - 2013-09-25 19:58 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-17 10:50 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-16 21:12 - 2013-09-25 19:35 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-16 12:10 - 2014-02-17 18:28 - 00000000 ____D () C:\Users\Marek\Desktop\galmed
2014-10-15 16:48 - 2013-09-25 19:58 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-15 16:47 - 2014-07-16 11:48 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-10-15 15:03 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-10-14 14:09 - 2014-07-21 15:14 - 00249033 _____ () C:\WINDOWS\hpoins47.dat
2014-10-14 14:09 - 2014-07-21 15:14 - 00001179 _____ () C:\ProgramData\hpzinstall.log
2014-10-12 20:09 - 2013-09-27 08:10 - 00000000 ____D () C:\ProgramData\Skype
2014-10-01 21:18 - 2013-09-26 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CompuGroup Medical
2014-10-01 07:51 - 2013-09-30 05:58 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-01 07:51 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-10-01 07:51 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-01 07:51 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-01 07:51 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-10-01 07:51 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-10-01 07:51 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-10-01 07:51 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some content of TEMP:
====================
C:\Users\Marek\AppData\Local\Temp\Quarantine.exe
C:\Users\Marek\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-22 13:44

==================== End Of Log ============================

druhý

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-10-2014
Ran by Marek at 2014-10-24 13:40:17
Running from C:\Users\Marek\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{CB320215-F4BD-40FD-A209-62B131DA1B82}) (Version: 99.9 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{1ce01891-839b-4ad1-b629-2e608ba0c6ba}) (Version: 1.0 - )
Adobe Reader XI (11.0.09) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Aktualizace NVIDIA 15.3.36 (Version: 15.3.36 - NVIDIA Corporation) Hidden
ASUS FaceKey (HKLM-x32\...\{ACE24C70-743B-43B0-8045-817FF050800B}) (Version: 4.1.0.0 - )
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.3 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.4 - ASUS)
ASUS ROG Gaming Mouse (HKLM-x32\...\{3B9E171F-A955-4834-B877-447C0A437260}) (Version: 2.00.020 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0010 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS Video DSP (HKLM-x32\...\{B80DB514-46E5-43AA-B68C-1EBBF5CF7D34}) (Version: 1.0.000 - )
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5230.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5230.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0030 - ASUS)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
B110 (x32 Version: 140.0.353.000 - Hewlett-Packard) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.67.1076 - AB Team, d.o.o.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.13.10.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.13.10.0 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.0.6 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.13.10.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
CompuGroup Medical - (PC DOKTOR / PC DENT) (HKLM-x32\...\{81F07A4F-A47E-4E0F-A75D-D24BD09BB2D8}) (Version: 3.3.50.5516 - CompuGroup Medical Česká republika s.r.o.)
CompuGroup Medical - CGM SERVER (HKLM-x32\...\{8FE2C676-72E8-4024-9066-710FE32112E8}) (Version: 1.0.0.297 - CompuGroup Medical Česká republika s.r.o.)
CompuGroup Medical - Kniha objednávek (HKLM-x32\...\{CF314AF7-682B-4C77-B164-6FB0080D2726}) (Version: 1.0.0.246 - CompuGroup Medical Česká republika s.r.o.)
CompuGroup Medical - MEDICAL NET (HKLM-x32\...\{0726B7A2-A8F4-4BE1-A086-A93E9A5BA5BC}) (Version: 4.4.2.281 - CompuGroup Medical Česká republika s.r.o.)
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
Cyklotrasy 2.33 (HKLM-x32\...\Cyklotrasy 2.33) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DrSuni (HKCU\...\InstallShield_{59853C1A-86CB-41AB-B4CB-DCBD00263859}) (Version: 3.5.0000 - Apteryx)
DrSuni (x32 Version: 3.5.0000 - Apteryx) Hidden
DSPlayer v0.889 lite (HKLM-x32\...\DSPlayer v0.889 lite_is1) (Version: - DSPlayer - Martin Offenwager)
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.3.0.0 - Electronic Arts)
ETDWare PS/2-X64 11.5.9.1_WHQL (HKLM\...\Elantech) (Version: 11.5.9.1 - ELAN Microelectronic Corp.)
Fotogaléria (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.3 - Genesys Logic)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{C63184F3-8343-408F-A948-DDB0AC969A99}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.710 - Oracle)
Java Auto Updater (x32 Version: 2.1.71.14 - Oracle, Inc.) Hidden
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
NVIDIA GeForce Experience 2.1.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.160.1244 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Ovladač 3D Vision 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA ShadowPlay 15.3.36 (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systémový software PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Update Core (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{220C463A-2890-4C7F-B97C-C49FE175B849}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.0.13.2141 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.365.000 - Hewlett-Packard) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.229 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.17 - Qualcomm Atheros Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6954 - Realtek Semiconductor Corp.)
Rome - Total War(TM) (HKLM-x32\...\InstallShield_{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}) (Version: 1.0 - Activision)
Rome - Total War(TM) (x32 Version: 1.0 - Activision) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14034.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14034.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TeamViewer 6 (HKLM-x32\...\TeamViewer 6) (Version: 6.0.17222 - TeamViewer GmbH)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Driver Package - SDR Manufacturer Digital Radiography Device (01/06/2010 3.0.0.02) (HKLM\...\09341179C0DFE2C8F48A778ED0FF90CA0CCE7359) (Version: 01/06/2010 3.0.0.02 - SDR Manufacturer)
Windows Driver Package - SDR Manufacturer Digital Radiography Device (01/06/2010 3.0.0.02) (HKLM\...\425F37DB6F22566F0ABC3968E26CFF42E6B90650) (Version: 01/06/2010 3.0.0.02 - SDR Manufacturer)
Windows Driver Package - SDR Manufacturer SDR303 Download Driver (01/06/2010 3.0.0.02) (HKLM\...\2A9EE45FA8D1CB214D0506317CD9DEAF40AC9F45) (Version: 01/06/2010 3.0.0.02 - SDR Manufacturer)
Windows Driver Package - SDR Manufacturer SDR303 Download Driver (01/06/2010 3.0.0.02) (HKLM\...\2DD4B9E5BF2DAAE186FB20250869101BCEF8FBDE) (Version: 01/06/2010 3.0.0.02 - SDR Manufacturer)
Windows Driver Package - SDR Manufacturer USB2000 Download Driver (01/06/2010 3.0.0.02) (HKLM\...\1716B010DC7307F3A94C5402040DA5CF3A061141) (Version: 01/06/2010 3.0.0.02 - SDR Manufacturer)
Windows Driver Package - SDR Manufacturer USB2000 Download Driver (01/06/2010 3.0.0.02) (HKLM\...\6F2F49222A3ABDC5EF5652EA31632277D41A8482) (Version: 01/06/2010 3.0.0.02 - SDR Manufacturer)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
Worms Revolution (HKLM-x32\...\Worms Revolution_is1) (Version: - )
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_EN_is1) (Version: 16.0.1.7 - ZONER software)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3328339923-2747926138-1126850117-1002_Classes\CLSID\{31264A33-A653-46C4-AF49-1232C59A7DA5}\InprocServer32 -> C:\Users\Marek\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll No File
CustomCLSID: HKU\S-1-5-21-3328339923-2747926138-1126850117-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Marek\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3328339923-2747926138-1126850117-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Marek\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3328339923-2747926138-1126850117-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Marek\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3328339923-2747926138-1126850117-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Marek\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

01-10-2014 13:19:55 Naplánovaný kontrolní bod
13-10-2014 12:06:12 Naplánovaný kontrolní bod
17-10-2014 08:42:54 Instalační služba modulů systému Windows
17-10-2014 08:43:30 Instalační služba modulů systému Windows
24-10-2014 07:27:38 Installed Adblock Plus for IE (32-bit and 64-bit)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {05B7CABB-C03E-4630-8CB3-D24A99933D63} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-05-07] (Microsoft Corporation)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {126FBF50-D117-497F-A9FF-F190B02E4F06} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-06-03] (ASUSTeK Computer Inc.)
Task: {1D7469BF-F1EB-453B-9EEC-1282734D868A} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {1E29D936-56AB-46C6-B2B4-08375B6C7C0E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-26] (Google Inc.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {218DEAF2-701D-4ED9-BA80-FD5EB73DD5F7} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-04] ()
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2D3B05BE-47E3-43D5-89E7-3901341B1664} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3EC8DB97-56BC-4444-BA06-74FF9AB88B03} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5A0EDDE1-462B-4F4E-9CA9-0848336938EE} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-06-19] (ASUS)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {73C6DC86-542D-4470-BDEC-B21D3AE6113A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-26] (Google Inc.)
Task: {744D53B0-8FB3-4129-BDCA-2959F2A81B50} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {820A4206-B809-4196-B67C-06244FF50113} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-06-03] (ASUS)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8BA3F52A-4C26-4C21-B6C8-15C0D8E604C8} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-05-21] (ASUSTeK Computer Inc.)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B9648A59-0403-4C2A-88BC-3FE6D077424A} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {C78F9D56-EC29-4C13-9095-F9B1359F310E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-10-15] (Microsoft Corporation)
Task: {CB77AD4A-04C8-44E1-A7F7-5AED6D373B2B} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D7BEE8A7-C228-4A5A-B914-74C28C26F242} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F25AC010-317F-4E40-AC6F-2F4599261674} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-05-21] (ASUSTeK Computer Inc.)
Task: {F78BC04B-6803-4A06-8449-33AC68D54F90} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-12-05 15:09 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-12-19 08:10 - 2012-12-19 08:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2014-04-30 15:43 - 2014-04-30 15:43 - 02705296 _____ () D:\CGMSERVER\nginx.exe
2013-06-19 21:49 - 2013-06-19 21:49 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-06-13 13:44 - 2013-06-13 13:44 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-06-13 13:40 - 2013-06-13 13:40 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-06-13 13:47 - 2013-06-13 13:47 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2013-09-02 14:32 - 2013-03-14 11:46 - 00040960 _____ () C:\Windows\SysWOW64\UMonit64.exe
2012-08-30 13:46 - 2014-04-08 09:13 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
2013-09-02 14:38 - 2011-09-19 11:40 - 00466944 _____ () C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
2014-09-25 20:44 - 2014-09-25 20:44 - 00043008 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2011-12-02 02:31 - 2011-12-02 02:31 - 00987136 _____ () D:\CGMSERVER\bin\pgsql\bin\libxml2.dll
2011-12-02 02:31 - 2011-12-02 02:31 - 00100352 _____ () D:\CGMSERVER\bin\pgsql\bin\zlib1.dll
2013-04-29 15:17 - 2013-04-29 15:17 - 00587264 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2012-08-30 13:39 - 2014-04-08 09:08 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2013-09-02 14:26 - 2013-05-15 20:08 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-04-27 11:24 - 2013-04-27 11:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
2014-08-26 08:58 - 2014-08-26 08:58 - 05578752 _____ () C:\PROGRAM FILES (X86)\DIALOG MIS\DIALOG_BITMAPS.DLL
2014-05-07 09:34 - 2014-05-07 09:34 - 00200704 _____ () C:\Program Files (x86)\Dialog MIS\DialogCom.dll
2014-10-20 15:08 - 2014-10-20 15:08 - 00338432 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MSQLsrvo\7ab4bc0eb95acb852788eecd72866ae6\MSQLsrvo.ni.dll
2010-04-18 14:34 - 2010-04-18 14:34 - 00904704 _____ () C:\Program Files (x86)\Dialog MIS\system.data.sqlite.dll
2014-03-05 08:00 - 2014-03-05 08:00 - 01359872 _____ () C:\Program Files (x86)\Dialog MIS\DialogVbImage.ocx
2005-07-20 11:48 - 2005-07-20 11:48 - 00059904 _____ () C:\Program Files (x86)\Dialog MIS\zlib1.dll
2013-11-08 08:09 - 2013-11-08 08:09 - 00868352 _____ () C:\Program Files (x86)\Dialog MIS\DialogVbRichEdit.ocx
2008-04-17 11:41 - 2008-04-17 11:41 - 00040960 _____ () C:\Program Files (x86)\Dialog MIS\DialogVbPedal.ocx
2014-06-26 16:39 - 2014-06-26 16:39 - 00167936 _____ () C:\Program Files (x86)\Dialog MIS\cgmassist\wkflsr32core.dll
2006-11-10 10:49 - 2006-11-10 10:49 - 00282624 _____ () C:\Program Files (x86)\Apteryx\Apteryx Imaging\ApteryxINI.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Marek\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKCU\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKCU\...\StartupApproved\Run: => "KiesPreload"

========================= Accounts: ==========================

Administrator (S-1-5-21-3328339923-2747926138-1126850117-500 - Administrator - Disabled)
Guest (S-1-5-21-3328339923-2747926138-1126850117-501 - Limited - Disabled)
Marek (S-1-5-21-3328339923-2747926138-1126850117-1002 - Administrator - Enabled) => C:\Users\Marek

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/24/2014 09:27:37 AM) (Source: MsiInstaller) (EventID: 1002) (User: MAREKNB)
Description: Neočekávaná nebo chybějící hodnota (název: PackageCode, hodnota: GUID) v klíči HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219

Error: (10/24/2014 09:01:18 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2005) (User: NT AUTHORITY)
Description: There was an error communicating to the Orion DCS server

Error: (10/23/2014 02:43:02 PM) (Source: MsiInstaller) (EventID: 1002) (User: NT AUTHORITY)
Description: Neočekávaná nebo chybějící hodnota (název: PackageCode, hodnota: GUID) v klíči HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219

Error: (10/23/2014 02:43:01 PM) (Source: MsiInstaller) (EventID: 1002) (User: NT AUTHORITY)
Description: Neočekávaná nebo chybějící hodnota (název: PackageCode, hodnota: GUID) v klíči HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219

Error: (10/21/2014 07:12:29 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/21/2014 02:42:37 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNetworkStreamService did not shut down when asked, terminating. [18]

Error: (10/20/2014 09:59:04 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/20/2014 11:02:17 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.20605 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 3330

Čas spuštění: 01cfec448158f242

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe

ID hlášení: c3596e5f-5837-11e4-bea5-240a6474b392

Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1

Error: (10/19/2014 01:35:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Origin.exe verze 9.4.23.2817 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 13c8

Čas spuštění: 01cfea9f11d4bc8e

Čas ukončení: 4294967295

Cesta k aplikaci: D:\program files\Origin\Origin.exe

ID hlášení: ff8e0f36-5783-11e4-bea5-240a6474b392

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (10/19/2014 01:31:25 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005


System errors:
=============
Error: (10/24/2014 01:10:29 PM) (Source: DCOM) (EventID: 10010) (User: MAREKNB)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (10/24/2014 01:10:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) ME Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/24/2014 01:10:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (10/24/2014 01:10:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/24/2014 01:10:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application Local Management Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/24/2014 01:10:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba BBUpdate byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/24/2014 01:10:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba cgm.ebooking-1 byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/24/2014 01:10:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba cgm.servercore byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/24/2014 01:10:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Asus WebStorage Windows Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/24/2014 01:10:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HCS.MEDCONNECT.SERVICEMANAGER byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.


Microsoft Office Sessions:
=========================
Error: (10/24/2014 09:27:37 AM) (Source: MsiInstaller) (EventID: 1002) (User: MAREKNB)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)

Error: (10/24/2014 09:01:18 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2005) (User: NT AUTHORITY)
Description: -2147012889

Error: (10/23/2014 02:43:02 PM) (Source: MsiInstaller) (EventID: 1002) (User: NT AUTHORITY)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)

Error: (10/23/2014 02:43:01 PM) (Source: MsiInstaller) (EventID: 1002) (User: NT AUTHORITY)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)

Error: (10/21/2014 07:12:29 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/21/2014 02:42:37 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNetworkStreamService did not shut down when asked, terminating. [18]

Error: (10/20/2014 09:59:04 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/20/2014 11:02:17 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20605333001cfec448158f2424294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exec3596e5f-5837-11e4-bea5-240a6474b392microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (10/19/2014 01:35:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Origin.exe9.4.23.281713c801cfea9f11d4bc8e4294967295D:\program files\Origin\Origin.exeff8e0f36-5783-11e4-bea5-240a6474b392

Error: (10/19/2014 01:31:25 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005


CodeIntegrity Errors:
===================================
Date: 2014-10-20 17:27:57.403
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-10-20 17:27:57.097
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-10-20 17:27:26.459
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-10-20 17:27:26.143
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-10-20 17:27:25.706
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-10-20 17:27:25.397
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-10-20 17:27:24.945
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-10-20 17:27:24.350
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-10-20 17:19:38.653
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-10-20 17:19:38.338
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4700HQ CPU @ 2.40GHz
Percentage of memory in use: 35%
Total physical RAM: 6061.51 MB
Available physical RAM: 3919.27 MB
Total Pagefile: 7021.51 MB
Available Pagefile: 4588.9 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:279.11 GB) (Free:217.14 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:398.07 GB) (Free:252.61 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 5B98F280)

Partition: GPT Partition Type.

==================== End Of Log ============================

[altrok]

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho bole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu na Vas vyskoci fixlog, jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\...\Run: [DAEMON Tools Lite] => D:\program files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\...\Run: [Zoner Photo Studio Autoupdate] => D:\Program Files (x86)\Photo Studio 16\Program32\ZPSTRAY.EXE [833024 2014-06-16] (ZONER software)
HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\...\MountPoints2: {67ce5ad7-2b96-11e3-be7b-240a6474b392} - "F:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\...\MountPoints2: {f6a724d8-90ee-11e3-be8b-240a6474b392} - "F:\AutoRun.exe"
HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\...\MountPoints2: {f71aae25-4873-11e4-bea1-240a6474b392} - "H:\LaunchU3.exe" -a

SearchScopes: HKCU - DefaultScope {91260B3B-C372-40B5-8CDA-E3E4176959D4} URL = http://search.zonealarm.com/search?src= ... &Lan=en&q={searchTerms}&gu=266beda1066144b1be7fde0ddc8df4ad&tu=10G9z00BS2C01g0&sku=&tstsId=&ver=&&r=78
SearchScopes: HKCU - {91260B3B-C372-40B5-8CDA-E3E4176959D4} URL = http://search.zonealarm.com/search?src= ... &Lan=en&q={searchTerms}&gu=266beda1066144b1be7fde0ddc8df4ad&tu=10G9z00BS2C01g0&sku=&tstsId=&ver=&&r=78
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
C:\Program Files (x86)\Microsoft\BingBar
C:\Program Files\McAfee
DisableService: BBUpdate
DisableService: BBSvc

2014-10-24 13:36 - 2014-10-24 13:36 - 00029696 _____ () C:\Users\Marek\AppData\Local\MSGBOX.EXE
2014-10-16 21:11 - 2014-10-16 21:11 - 04965896 _____ (Piriform Ltd) C:\Users\Marek\Downloads\ccsetup418.exe
2014-10-14 14:09 - 2012-10-15 08:58 - 00000478 ____N () C:\WINDOWS\hpomdl47.dat.temp
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
C:\Users\Marek\AppData\Local\Temp\Quarantine.exe
C:\Users\Marek\AppData\Local\Temp\sqlite3.dll
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End

[daymaker]

zde je...

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-10-2014
Ran by Marek at 2014-10-24 15:33:50 Run:1
Running from C:\Users\Marek\Desktop
Loaded Profile: Marek (Available profiles: Marek)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\...\Run: [DAEMON Tools Lite] => D:\program files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\...\Run: [Zoner Photo Studio Autoupdate] => D:\Program Files (x86)\Photo Studio 16\Program32\ZPSTRAY.EXE [833024 2014-06-16] (ZONER software)
HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\...\MountPoints2: {67ce5ad7-2b96-11e3-be7b-240a6474b392} - "F:\setup\rsrc\Autorun.exe"
HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\...\MountPoints2: {f6a724d8-90ee-11e3-be8b-240a6474b392} - "F:\AutoRun.exe"
HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\...\MountPoints2: {f71aae25-4873-11e4-bea1-240a6474b392} - "H:\LaunchU3.exe" -a

SearchScopes: HKCU - DefaultScope {91260B3B-C372-40B5-8CDA-E3E4176959D4} URL = http://search.zonealarm.com/search?src= ... &Lan=en&q={searchTerms}&gu=266beda1066144b1be7fde0ddc8df4ad&tu=10G9z00BS2C01g0&sku=&tstsId=&ver=&&r=78
SearchScopes: HKCU - {91260B3B-C372-40B5-8CDA-E3E4176959D4} URL = http://search.zonealarm.com/search?src= ... &Lan=en&q={searchTerms}&gu=266beda1066144b1be7fde0ddc8df4ad&tu=10G9z00BS2C01g0&sku=&tstsId=&ver=&&r=78
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
C:\Program Files (x86)\Microsoft\BingBar
C:\Program Files\McAfee
DisableService: BBUpdate
DisableService: BBSvc

2014-10-24 13:36 - 2014-10-24 13:36 - 00029696 _____ () C:\Users\Marek\AppData\Local\MSGBOX.EXE
2014-10-16 21:11 - 2014-10-16 21:11 - 04965896 _____ (Piriform Ltd) C:\Users\Marek\Downloads\ccsetup418.exe
2014-10-14 14:09 - 2012-10-15 08:58 - 00000478 ____N () C:\WINDOWS\hpomdl47.dat.temp
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
C:\Users\Marek\AppData\Local\Temp\Quarantine.exe
C:\Users\Marek\AppData\Local\Temp\sqlite3.dll
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\RemoteControl10 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value deleted successfully.
HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
"HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{67ce5ad7-2b96-11e3-be7b-240a6474b392}" => Key deleted successfully.
"HKCR\CLSID\{67ce5ad7-2b96-11e3-be7b-240a6474b392}" => Key not found.
"HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f6a724d8-90ee-11e3-be8b-240a6474b392}" => Key deleted successfully.
"HKCR\CLSID\{f6a724d8-90ee-11e3-be8b-240a6474b392}" => Key not found.
"HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f71aae25-4873-11e4-bea1-240a6474b392}" => Key deleted successfully.
"HKCR\CLSID\{f71aae25-4873-11e4-bea1-240a6474b392}" => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{91260B3B-C372-40B5-8CDA-E3E4176959D4}" => Key deleted successfully.
"HKCR\CLSID\{91260B3B-C372-40B5-8CDA-E3E4176959D4}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}" => Key deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => value deleted successfully.
C:\Program Files (x86)\Microsoft\BingBar => Moved successfully.
"C:\Program Files\McAfee" => File/Directory not found.
BBUpdate service was disabled
BBSvc service was disabled
C:\Users\Marek\AppData\Local\MSGBOX.EXE => Moved successfully.
C:\Users\Marek\Downloads\ccsetup418.exe => Moved successfully.
C:\WINDOWS\hpomdl47.dat.temp => Moved successfully.
C:\ProgramData\SetStretch.exe => Moved successfully.
C:\ProgramData\SetStretch.VBS => Moved successfully.
C:\Users\Marek\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Marek\AppData\Local\Temp\sqlite3.dll => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 23.9 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====

[altrok]

Vyborne, jak se chova PC?

[daymaker]

Myslím, že OK. Subjektivně mám pocit, že se i trochu zrychlilo. Děkuji!!!

[altrok]

To rad slysim! Takze ted posledni vec - uklid.

• Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
• Oznacte jen moznost "Remove disinfection tools"
• kliknete na Run

A pokud nejsou dalsi dotazy, je to ode mne vse

[daymaker]

ještě jednou díky!!!

[altrok]

Nemate zac, rad jsem pomohl.

Preji hezky zbytek vikendu