Strong signal jak usunąć?

**Posty:** 4 · przez **lilka122** 21 Maj 2015, 20:53

Witam, mam problem. Ostatnio pojawiły mi się reklamy na całym ekranie, zasilane przez Strong Signal, na początku wystarczało, że usuwałam te rozszerzenie, nie zdawałam sobie sprawy, iż złapałam wirusa. Nie mam pojęcia jak to się stało, ale cóż. Próbowałam wszystiego, ale problem wraca

Jak mogę usunąć Strong Signal raz na zawsze bez oddawania do informatyka czy naprawy?
Frst

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05-2015
Ran by Lila (administrator) on KASIA on 21-05-2015 16:14:56
Running from C:\Users\Lila\Downloads
Loaded Profiles: Lila (Available profiles: Lila)
Platform: Windows 8.1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\cenzura!.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce\Updater.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\PluginContainer.exe
() C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\2\Plugin.exe
() C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\8\Plugin.exe
() C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\5\Plugin.exe
() C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\6\Plugin.exe
() C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\3\Plugin.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
() C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\3\Plugin.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Dropbox, Inc.) C:\Users\Lila\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSPanel.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [114048 2013-10-18] (Intel Corporation)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-12] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ASUSWSLoader.exe [63296 2013-08-16] ()
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1653467997-2443256879-1804901199-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3619160 2015-01-28] (Electronic Arts)
HKU\S-1-5-21-1653467997-2443256879-1804901199-1001\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-1653467997-2443256879-1804901199-1001\...\MountPoints2: {0738469c-83ae-11e4-826a-543530cdcd06} - "F:\LG_PC_Programs.exe"
Startup: C:\Users\Lila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-21]
ShortcutTarget: Dropbox.lnk -> C:\Users\Lila\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lila\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lila\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lila\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lila\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lila\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lila\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lila\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lila\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://q.search-simple.com/?affID=bl_01ed4d3c-7e5c-450c-9aa3-6a8657a11fa7
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1653467997-2443256879-1804901199-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-1653467997-2443256879-1804901199-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://q.search-simple.com/?affID=bl_01ed4d3c-7e5c-450c-9aa3-6a8657a11fa7
HKU\S-1-5-21-1653467997-2443256879-1804901199-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://q.search-simple.com/?affID=bl_01ed4d3c-7e5c-450c-9aa3-6a8657a11fa7&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://q.search-simple.com/?affID=bl_01ed4d3c-7e5c-450c-9aa3-6a8657a11fa7&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1653467997-2443256879-1804901199-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://q.search-simple.com/?affID=bl_01ed4d3c-7e5c-450c-9aa3-6a8657a11fa7&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1653467997-2443256879-1804901199-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://q.search-simple.com/?affID=bl_01ed4d3c-7e5c-450c-9aa3-6a8657a11fa7&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: No Name -> {c723a437-2eaf-466d-a95b-3fa0966bf88c} -> No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-03-18] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2014-04-25] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2014-04-25] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-06-11]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_616_bl-is-17__alt__ddc_dsssyc_bd_com", "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_616_bl-is-20__alt__ddc_dsssyc_bd_com"
CHR DefaultSearchKeyword: Default -> search.yahoo.com
CHR DefaultNewTabURL: Default -> http://search.yahoo.com/?fr=hp-ddc-bd-tab&type=bg_616_bl-is-21__alt__ddc_dsssyctab_bd_com
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Lila\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bookmark Manager) - C:\Users\Lila\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-20]
CHR Extension: (Google Wallet) - C:\Users\Lila\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-15]
CHR Extension: (Strong Signal) - C:\Users\Lila\AppData\Local\Google\Chrome\User Data\Default\Extensions\odckdhimhjidiihnkmocngdngkngjjka [2015-05-20]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
R2 cenzura!; C:\Windows\system32\cenzura!.exe [117704 2013-10-18] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2013-10-18] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148160 2013-10-18] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [126952 2013-10-18] (Intel Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282072 2014-03-18] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-29] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-01] (Electronic Arts)
R2 Service Mgr StrongSignal; C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\PluginContainer.exe [556304 2015-05-20] ()
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1026432 2015-05-13] (Enigma Software Group USA, LLC.)
R2 Update Mgr StrongSignal; C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce\Updater.exe [478992 2015-05-20] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69904 2014-03-31] (ASUS Corporation)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [145640 2013-10-18] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [116752 2013-10-18] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-18] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494296 2013-10-18] (Intel Corporation)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-05-13] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-05-13] ()
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-01-03] (Windows (R) Win 7 DDK provider)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204936 2014-02-12] (Ralink Technology, Corp.)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [423128 2013-07-24] (Realsil Semiconductor Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-21 16:14 - 2015-05-21 16:15 - 00023158 _____ () C:\Users\Lila\Downloads\FRST.txt
2015-05-21 16:14 - 2015-05-21 16:14 - 02107904 _____ (Farbar) C:\Users\Lila\Downloads\FRST64.exe
2015-05-21 16:04 - 2015-05-21 16:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-05-20 19:06 - 2015-05-20 19:06 - 00000000 ____D () C:\Program Files (x86)\Strong Signal
2015-05-15 14:59 - 2015-05-21 16:15 - 00000000 ____D () C:\FRST
2015-05-15 14:40 - 2015-05-15 14:42 - 00000000 ____D () C:\AdwCleaner
2015-05-14 19:57 - 2015-05-14 19:57 - 00002287 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-14 19:57 - 2015-05-14 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-14 19:55 - 2015-05-21 16:03 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-14 19:55 - 2015-05-20 19:38 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-14 19:55 - 2015-05-20 17:33 - 00004040 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-14 19:55 - 2015-05-20 17:33 - 00003804 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 18:45 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 18:45 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 17:21 - 2015-05-13 17:21 - 00003316 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2015-05-13 17:21 - 2015-05-13 17:21 - 00000000 ____D () C:\Users\Lila\AppData\Roaming\Enigma Software Group
2015-05-13 17:21 - 2015-05-13 17:21 - 00000000 _____ () C:\autoexec.bat
2015-05-13 17:20 - 2015-05-13 17:21 - 00000000 ____D () C:\sh4ldr
2015-05-13 17:19 - 2015-05-13 17:19 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2015-05-13 17:19 - 2015-05-13 17:19 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-05-13 17:11 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 17:11 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 17:11 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 17:11 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 17:11 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 17:11 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 17:11 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 17:11 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 17:11 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-13 17:11 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 17:11 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-13 17:11 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 17:11 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-05-13 17:11 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-13 17:11 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-05-13 17:11 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-05-13 17:11 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-05-13 17:11 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-05-13 17:11 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-13 17:11 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 17:11 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 17:11 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 17:11 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-05-13 17:11 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-05-13 17:11 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-05-13 17:11 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-05-13 17:11 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-05-13 17:11 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-05-13 17:11 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-05-13 17:11 - 2015-03-13 02:29 - 00410017 _____ () C:\Windows\system32\ApnDatabase.xml
2015-05-13 17:11 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 17:11 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 17:11 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-05-13 17:11 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 17:11 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-05-13 17:11 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-13 17:11 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 17:11 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-05-13 17:11 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-13 17:11 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-05-13 17:11 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-05-13 17:11 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-05-13 17:10 - 2015-05-21 16:05 - 00003464 _____ () C:\Windows\System32\Tasks\ASUS Live Update2
2015-05-13 17:10 - 2015-05-21 16:04 - 00003474 _____ () C:\Windows\System32\Tasks\ASUS Live Update1
2015-05-13 17:10 - 2015-05-13 17:10 - 00003382 _____ () C:\Windows\System32\Tasks\Update Checker
2015-05-13 17:10 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 17:10 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 17:10 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 17:10 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 17:10 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 17:10 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 17:10 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-13 17:10 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 17:10 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 17:10 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 17:10 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-13 17:10 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 17:10 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 17:10 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-13 17:10 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 17:10 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-13 17:10 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 17:10 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 17:10 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 17:10 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 17:10 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 17:10 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 17:10 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-13 17:10 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 17:10 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-13 17:10 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 17:10 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-13 17:10 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 17:10 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 17:10 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 17:10 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 17:10 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 17:10 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 17:10 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 17:10 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 17:10 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 17:10 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-22 13:39 - 2015-04-22 13:40 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-04-22 13:39 - 2015-04-22 13:40 - 00000000 ____D () C:\Windows\system32\vbox
2015-04-21 20:35 - 2015-05-21 16:03 - 00000000 ___RD () C:\Users\Lila\Dropbox
2015-04-21 20:32 - 2015-05-15 14:53 - 00000000 ____D () C:\Users\Lila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-21 20:30 - 2015-05-21 16:03 - 00000000 ____D () C:\Users\Lila\AppData\Roaming\Dropbox
2015-04-21 20:28 - 2015-04-21 20:28 - 00003270 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-1653467997-2443256879-1804901199-1001
2015-04-21 20:13 - 2015-05-20 17:51 - 00000000 ____D () C:\ProgramData\AVAST Software

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-21 16:14 - 2014-06-11 22:34 - 01390928 _____ () C:\Windows\WindowsUpdate.log
2015-05-21 16:09 - 2014-08-24 00:46 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1653467997-2443256879-1804901199-1001
2015-05-21 16:04 - 2014-08-24 01:27 - 00003968 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B60964A6-F88A-45C1-9F3B-C0CDE96B8718}
2015-05-21 16:04 - 2014-08-24 00:42 - 00000074 _____ () C:\Users\Lila\AppData\Roaming\sp_data.sys
2015-05-21 16:03 - 2015-01-14 19:50 - 00005088 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for KASIA-Lila Kasia
2015-05-21 16:03 - 2014-08-24 21:31 - 00000000 __RDO () C:\Users\Lila\SkyDrive
2015-05-21 16:03 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-20 17:58 - 2015-03-21 17:56 - 00000000 ____D () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce
2015-05-20 17:58 - 2013-08-22 16:46 - 00035598 _____ () C:\Windows\setupact.log
2015-05-20 17:52 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-20 17:51 - 2013-12-12 22:47 - 00513028 _____ () C:\Windows\PFRO.log
2015-05-20 17:51 - 2013-08-22 15:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-05-20 17:30 - 2015-01-14 19:42 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-05-19 20:10 - 2014-08-25 14:42 - 00000000 ____D () C:\ProgramData\Origin
2015-05-19 19:43 - 2014-08-24 00:40 - 00000000 ____D () C:\Users\Lila
2015-05-19 19:39 - 2013-08-22 16:44 - 00482320 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-19 19:32 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-05-19 19:30 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-05-19 19:30 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-18 15:35 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-05-17 15:43 - 2014-08-25 20:10 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-17 15:43 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-05-17 14:41 - 2014-08-25 20:10 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-15 14:44 - 2014-11-10 23:06 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-15 14:44 - 2014-11-10 23:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 19:57 - 2014-08-30 12:59 - 00000000 ____D () C:\Users\Lila\AppData\Local\Google
2015-05-14 19:57 - 2014-08-30 12:59 - 00000000 ____D () C:\Program Files (x86)\Google
2015-05-14 19:55 - 2014-08-30 12:58 - 00000000 ____D () C:\Users\Lila\AppData\Local\Deployment
2015-05-14 18:38 - 2014-11-10 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-14 18:32 - 2013-08-22 22:59 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 17:10 - 2013-12-12 23:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-05-13 17:10 - 2013-12-12 23:00 - 00000000 ____D () C:\Program Files (x86)\ASUS
2015-05-09 16:37 - 2014-10-14 13:11 - 00003088 _____ () C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1653467997-2443256879-1804901199-1001
2015-05-09 16:37 - 2014-10-14 13:11 - 00000000 ___RD () C:\Users\Lila\OneDrive
2015-05-07 23:36 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2015-05-05 19:59 - 2015-03-14 16:36 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2015-03-14 16:36 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-21 20:09 - 2014-10-14 13:13 - 00000000 ____D () C:\Program Files (x86)\Windows Live

==================== Files in the root of some directories =======

2014-08-24 00:42 - 2015-05-21 16:04 - 0000074 _____ () C:\Users\Lila\AppData\Roaming\sp_data.sys
2014-06-11 22:38 - 2014-06-11 22:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-12-12 23:00 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-12-12 23:00 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-12-12 23:00 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS

Some content of TEMP:
====================
C:\Users\Lila\AppData\Local\Temp\COMAP.EXE
C:\Users\Lila\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwvz5fn.dll
C:\Users\Lila\AppData\Local\Temp\MovieStudio.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-05-04 19:08

==================== End Of Log ============================

Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05-2015
Ran by Lila at 2015-05-21 16:16:08
Running from C:\Users\Lila\Downloads
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1653467997-2443256879-1804901199-500 - Administrator - Disabled)
Gość (S-1-5-21-1653467997-2443256879-1804901199-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1653467997-2443256879-1804901199-1003 - Limited - Enabled)
Lila (S-1-5-21-1653467997-2443256879-1804901199-1001 - Administrator - Enabled) => C:\Users\Lila

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.7 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.2 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.14 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5712.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5712.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0033 - ASUS)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-1653467997-2443256879-1804901199-1001\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LG United Mobile Drivers (HKLM-x32\...\{55031CEF-CE75-4A5C-8DEA-60577820529B}) (Version: 3.10.1.0 - LG Electronics)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.988 - McAfee, Inc.)
Mediatek Bluetooth (HKLM\...\{F10FA818-DF9D-B070-DD53-94B07238F5DA}) (Version: 11.0.753.0 - Mediatek)
Microsoft Office 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1653467997-2443256879-1804901199-1001\...\OneDriveSetup.exe) (Version: 17.3.5849.0427 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NVIDIA Graphics Driver 332.85 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.85 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
OpenFM (HKU\S-1-5-21-1653467997-2443256879-1804901199-1001\...\OpenFM) (Version: 2 - GG Network S.A.)
Origin (HKLM-x32\...\Origin) (Version: 9.4.20.386 - Electronic Arts, Inc.)
Poczta usługi Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 5.0.46.0 - Ralink)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7224 - Realtek Semiconductor Corp.)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.19.13.4482 - Enigma Software Group, LLC)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims™ 3 Cztery pory roku (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Pokolenia (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Zwierzaki (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.0.3.226 - ASUS Cloud Corporation)
Windows Driver Package - ASUS (ATP) Mouse (03/18/2014 6.0.0.35) (HKLM\...\DAA6E0EEB715139C1CEA332C78AB4609FB3C211B) (Version: 03/18/2014 6.0.0.35 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1653467997-2443256879-1804901199-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Lila\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1653467997-2443256879-1804901199-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1653467997-2443256879-1804901199-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Lila\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll No File
CustomCLSID: HKU\S-1-5-21-1653467997-2443256879-1804901199-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Lila\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1653467997-2443256879-1804901199-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Lila\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1653467997-2443256879-1804901199-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lila\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1653467997-2443256879-1804901199-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lila\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1653467997-2443256879-1804901199-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lila\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1653467997-2443256879-1804901199-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lila\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1653467997-2443256879-1804901199-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lila\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1653467997-2443256879-1804901199-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lila\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1653467997-2443256879-1804901199-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lila\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1653467997-2443256879-1804901199-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lila\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points =========================

11-03-2015 20:01:06 Windows Update
19-03-2015 21:06:57 Zaplanowany punkt kontrolny
23-03-2015 21:22:21 WinThruster Pn, mar 23, 15 20:22
27-03-2015 18:05:22 Windows Update
01-04-2015 22:20:16 Windows Update
16-04-2015 04:34:45 Windows Update
21-04-2015 20:14:30 avast! antivirus system restore point
14-05-2015 17:44:22 Windows Update
20-05-2015 17:39:31 avast! antivirus system restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03F56CBA-595C-44C0-8F0B-A2650D398EFC} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {049CAE21-3970-4224-A4AC-04CEA2039C8E} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: {07E71CAC-0AF6-482B-AE00-7E060E5B1CF2} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.)
Task: {09C079DB-CDF4-450A-8989-A40759C44581} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] ()
Task: {09DDDB66-F430-4F5F-811C-110DB9A38753} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {185B9542-41B0-4096-BF81-8FF915639B5F} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {1F3F8C90-188C-4308-82ED-AFBFC38127E0} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {354A9B3E-2C68-464C-83E9-9CB20FE89216} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2014-01-03] ()
Task: {3FD20B72-E063-4D56-862D-41E57320E400} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-14] (Google Inc.)
Task: {47E7CCE6-E0A3-4B2F-9636-D69B4DF0D698} - System32\Tasks\Microsoft Office 15 Sync Maintenance for KASIA-Lila Kasia => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-03-10] (Microsoft Corporation)
Task: {51BF4A87-39D3-4EF7-AA86-F7D05F1A2E6B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-05-19] (Microsoft Corporation)
Task: {536671E8-C2B4-4AF6-A59A-4AAC3EB90F61} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {570E6CCF-C7AF-480F-990B-DA7051A28B17} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-03-31] (AsusTek)
Task: {579C3856-1BDC-4AA8-874F-1D8F49E0927F} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS)
Task: {66625264-5171-41CD-AD3B-EE9F1EF30149} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.)
Task: {735BD059-0ABA-44BC-AEA4-5368B8ED4D5B} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-04-10] (Realtek Semiconductor)
Task: {77B89412-56C0-4DF4-8499-26B9C93948A2} - System32\Tasks\avastBCLRestartS-1-5-21-1653467997-2443256879-1804901199-1001 => Chrome.exe
Task: {7DC8AE52-D853-4684-A061-3CADEAA9BF29} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-17] (Microsoft Corporation)
Task: {83ED7FE6-6D8D-4797-92C9-813D8A4048DB} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-04-15] (Realtek Semiconductor)
Task: {88DDA272-BE47-4F88-9DB7-4A7E08E875C6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-14] (Google Inc.)
Task: {9F2EF6C3-2341-4CFF-8DB6-454F52305838} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {A0FCA01A-9BDE-4C22-BED2-A57D401AD2A0} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1653467997-2443256879-1804901199-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {ADBD0F32-8B29-40AA-A668-0DA925DB1520} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {B72CE565-2853-4F61-A11D-7CFFC1EEDB7E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {B7F07FE3-6204-415F-9B13-8B3DBBAD51F9} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {BC6DADC2-6876-446F-9795-9DEA4657FBEC} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2014-01-03] (ASUS)
Task: {E8DD653A-CE63-42C5-9F29-BCFE709781DA} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-04-06 13:45 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-04-23 14:48 - 2015-05-20 17:53 - 00478992 _____ () C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce\Updater.exe
2015-03-21 16:35 - 2015-05-20 17:58 - 00556304 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\PluginContainer.exe
2015-05-20 17:53 - 2015-05-20 17:53 - 01274640 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\2\plugin.exe
2015-05-20 17:53 - 2015-05-20 17:53 - 00641296 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\8\plugin.exe
2015-05-20 17:53 - 2015-05-20 17:53 - 00664336 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\5\plugin.exe
2015-05-20 17:53 - 2015-05-20 17:53 - 00486160 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\6\plugin.exe
2015-05-20 17:53 - 2015-05-20 17:53 - 00480528 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\3\plugin.exe
2014-06-11 22:35 - 2014-03-13 21:26 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-01-03 18:26 - 2014-01-03 18:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2014-01-03 18:26 - 2014-01-03 18:26 - 00028672 _____ () C:\Program Files\ASUS\P4G\plctrl.dll
2014-04-30 04:31 - 2014-03-18 05:10 - 00080312 _____ () C:\Windows\system32\igfxexps.dll
2014-06-11 22:30 - 2013-10-23 14:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-09-09 19:23 - 2013-09-09 19:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2013-10-08 21:41 - 2013-10-08 21:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-05-21 16:02 - 2015-05-21 16:02 - 00043008 _____ () c:\users\lila\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwvz5fn.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Lila\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Lila\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Lila\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Lila\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-05-14 19:57 - 2015-05-05 06:06 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libglesv2.dll
2015-05-14 19:57 - 2015-05-05 06:06 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libegl.dll
2013-04-27 10:24 - 2013-04-27 10:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Lila\SkyDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1653467997-2443256879-1804901199-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lila\Pictures\Kotek.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{42AC7EDE-D5B0-4645-828B-0A8F84E6F5EE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{62DE0643-0DFD-4394-9741-A659CAB50210}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{827EE14A-C44D-4F1D-9C68-BF09BCBE9DFB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{3E874F7B-53E4-4C1A-AE6F-263439C97D25}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{B11AEC6C-03D0-42F1-ABAA-23BB5296EAC9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{EED1AF92-E0C8-4315-AD9D-F4773B127CD7}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{7F9A7BEB-4BA9-4753-8E61-5313B718B5FF}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{C2BE5067-C5C2-46D5-BC82-CDBB26CCB0B3}] => (Allow) C:\Users\Lila\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{C807F4DD-633C-4E27-95E5-DB38ED00501E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{066FA91E-6881-4026-A4AE-2F6FE32C8D75}] => (Allow) LPort=2869
FirewallRules: [{01360814-DED5-4711-B3A1-D742BB652462}] => (Allow) LPort=1900
FirewallRules: [{63A07E7E-9068-4FE1-A727-F08669A25747}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{22496229-A97E-4292-852C-CD7FE7CBFA61}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{FCA65A5F-69F2-4F6E-9681-6A3D6ED0BD5E}] => (Allow) C:\Users\Lila\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{EAC45BBF-727C-4C5B-BAF5-5EC48307D9E8}] => (Allow) C:\Users\Lila\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{E12575B0-D153-4DBF-9940-4EDAF5E9739C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (05/21/2015 04:11:30 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (05/20/2015 10:43:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KASIA)
Description: Aktywacja aplikacji 8E153979.Demotywatory_t670f21447s0j!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (05/20/2015 10:43:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KASIA)
Description: Aktywacja aplikacji 8E153979.Wiedzabezuyteczna_t670f21447s0j!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (05/20/2015 10:43:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KASIA)
Description: Aktywacja aplikacji Redefine.ipla_wezn46m95z9ge!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (05/20/2015 05:40:27 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (05/20/2015 05:38:00 PM) (Source: MsiInstaller) (EventID: 1002) (User: ZARZĄDZANIE NT)
Description: Nieoczekiwana lub brakująca wartość (nazwa: „PackageCode”, wartość: „GUID”) w kluczu „HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219”

Error: (05/20/2015 05:38:00 PM) (Source: MsiInstaller) (EventID: 1002) (User: ZARZĄDZANIE NT)
Description: Nieoczekiwana lub brakująca wartość (nazwa: „PackageCode”, wartość: „GUID”) w kluczu „HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219”

Error: (05/20/2015 05:34:32 PM) (Source: MsiInstaller) (EventID: 1002) (User: ZARZĄDZANIE NT)
Description: Nieoczekiwana lub brakująca wartość (nazwa: „PackageCode”, wartość: „GUID”) w kluczu „HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219”

Error: (05/20/2015 05:34:27 PM) (Source: MsiInstaller) (EventID: 1002) (User: ZARZĄDZANIE NT)
Description: Nieoczekiwana lub brakująca wartość (nazwa: „PackageCode”, wartość: „GUID”) w kluczu „HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219”

Error: (05/20/2015 05:34:20 PM) (Source: MsiInstaller) (EventID: 1002) (User: ZARZĄDZANIE NT)
Description: Nieoczekiwana lub brakująca wartość (nazwa: „PackageCode”, wartość: „GUID”) w kluczu „HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219”

System errors:
=============
Error: (05/20/2015 10:43:44 PM) (Source: DCOM) (EventID: 10010) (User: KASIA)
Description: App.AppXq6mz0qes5hh29p1wfffysf8b8qjnpwz7.wwa

Error: (05/20/2015 10:43:44 PM) (Source: DCOM) (EventID: 10010) (User: KASIA)
Description: App.AppXntrazknj7sa392rh9418atyf3epaef3j.wwa

Error: (05/20/2015 10:43:44 PM) (Source: DCOM) (EventID: 10010) (User: KASIA)
Description: App.AppXwn9r5wa4k1tdphe90dfxwxd9ggyyxarc.mca

Error: (05/20/2015 07:43:46 PM) (Source: DCOM) (EventID: 10010) (User: KASIA)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (05/20/2015 07:43:46 PM) (Source: DCOM) (EventID: 10010) (User: KASIA)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (05/20/2015 05:34:01 PM) (Source: DCOM) (EventID: 10010) (User: KASIA)
Description: App.AppX54xz6wnkhmw763c2y8tb018n7d71dtx7.wwa

Error: (05/20/2015 05:32:07 PM) (Source: DCOM) (EventID: 10001) (User: KASIA)
Description: "C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppXq7mjhvarqddvxb3446mh713mzs6xdqyq.mca31App.AppXwn9r5wa4k1tdphe90dfxwxd9ggyyxarc.mcaNiedostępnyNiedostępny

Error: (05/20/2015 05:01:54 PM) (Source: DCOM) (EventID: 10001) (User: KASIA)
Description: "C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppX4325622ft6437f3xfywcfxgbedfvpn0x.mca31App.AppXvwgnrrhcka99admvy9fqan3zpdmgg69a.mcaNiedostępnyNiedostępny

Error: (05/19/2015 07:45:16 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (05/19/2015 07:34:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Centrum zabezpieczeń z powodu następującego błędu:
%%1069

Microsoft Office Sessions:
=========================
Error: (05/21/2015 04:11:30 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (05/20/2015 10:43:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KASIA)
Description: 8E153979.Demotywatory_t670f21447s0j!App-2144927141

Error: (05/20/2015 10:43:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KASIA)
Description: 8E153979.Wiedzabezuyteczna_t670f21447s0j!App-2144927141

Error: (05/20/2015 10:43:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KASIA)
Description: Redefine.ipla_wezn46m95z9ge!App-2144927141

Error: (05/20/2015 05:40:27 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (05/20/2015 05:38:00 PM) (Source: MsiInstaller) (EventID: 1002) (User: ZARZĄDZANIE NT)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)

Error: (05/20/2015 05:38:00 PM) (Source: MsiInstaller) (EventID: 1002) (User: ZARZĄDZANIE NT)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)

Error: (05/20/2015 05:34:32 PM) (Source: MsiInstaller) (EventID: 1002) (User: ZARZĄDZANIE NT)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)

Error: (05/20/2015 05:34:27 PM) (Source: MsiInstaller) (EventID: 1002) (User: ZARZĄDZANIE NT)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)

Error: (05/20/2015 05:34:20 PM) (Source: MsiInstaller) (EventID: 1002) (User: ZARZĄDZANIE NT)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)

CodeIntegrity Errors:
===================================
Date: 2015-04-09 17:31:18.832
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-04-09 17:31:18.613
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-04-09 17:31:18.429
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-04-09 17:29:40.714
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-04-09 17:29:40.458
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-03-31 22:22:40.796
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-03-31 16:07:14.042
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-03-31 16:07:13.714
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-03-31 16:07:13.189
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-03-31 16:07:12.906
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 41%
Total physical RAM: 6027.4 MB
Available physical RAM: 3507.27 MB
Total Pagefile: 6987.4 MB
Available Pagefile: 4308.23 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:279.45 GB) (Free:170.97 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:398.07 GB) (Free:366.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 42317B45)

Partition: GPT Partition Type.

==================== End Of Log ============================

**Posty:** 4765 · przez **ordynat** 21 Maj 2015, 21:22

1) SpyHunter jest na czarnej liście - nie wolno go instalować.
Odinstaluj go, ale w ten sposób:
kliknij na tę ikonkę C:\Users\nazwa Użytkownika\Start Menu\Programs\SpyHunter\Uninstall.lnk (czyli >>START >>Programy>>Spy Hunter>>Unnistal)
wyskoczy okienko, ale zamiast klikać wielki zielony guzik "continue" kliknij "no, thanks". To drugie odinstalowuje.

2) Otwórz Notatnik i wklej w nim:

C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce\Updater.exe
C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\PluginContainer.exe
C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\2\plugin.exe
C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\8\plugin.exe
C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\5\plugin.exe
C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\6\plugin.exe
C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\3\plugin.exe
C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce
C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce
C:\Program Files (x86)\Strong Signal
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-05-13] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-05-13] ()
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
C:\Windows\System32\Tasks\SpyHunter4Startup
C:\Users\Lila\AppData\Roaming\Enigma Software Group
C:\sh4ldr
C:\Windows\system32\Drivers\EsgScanner.sys
C:\Program Files\Enigma Software Group
R2 Service Mgr StrongSignal; C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\PluginContainer.exe [556304 2015-05-20] ()
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1026432 2015-05-13] (Enigma Software Group USA, LLC.)
R2 Update Mgr StrongSignal; C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce\Updater.exe [478992 2015-05-20] ()
CHR Extension: (Strong Signal) - C:\Users\Lila\AppData\Local\Google\Chrome\User Data\Default\Extensions\odckdhimhjidiihnkmocngdngkngjjka [2015-05-20]
CHR StartupUrls: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_616_bl-is-17__alt__ddc_dsssyc_bd_com", "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_616_bl-is-20__alt__ddc_dsssyc_bd_com"
CHR DefaultSearchKeyword: Default -> search.yahoo.com
CHR DefaultNewTabURL: Default -> http://search.yahoo.com/?fr=hp-ddc-bd-t ... tab_bd_com
BHO-x32: No Name -> {c723a437-2eaf-466d-a95b-3fa0966bf88c} -> No File
SearchScopes: HKU\S-1-5-21-1653467997-2443256879-1804901199-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://q.search-simple.com/?affID=bl_01 ... 7a11fa7&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1653467997-2443256879-1804901199-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://q.search-simple.com/?affID=bl_01 ... 7a11fa7&q={searchTerms}
Reg: reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://q.search-simple.com/?affID=bl_01 ... 7a11fa7&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://q.search-simple.com/?affID=bl_01 ... 7a11fa7&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://q.search-simple.com/?affID=bl_01 ... 8657a11fa7
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.exe
Uruchom FRST i kliknij przycisk Fix.

----------------------
Jeśli będzie OK, to będziemy kończyć:
Otwórz Notatnik i wklej w nim:

DeleteQuarantine:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST. Uruchom FRST i kliknij w Fix.
przez SHIFT+DEL usuń pozostały folder C:\FRST.
.

**Posty:** 4 · przez **lilka122** 24 Maj 2015, 13:23

Przepraszam że tak późno odpowiadam, ale nie było mnie w domu.
Zapisałam jako fixlist.txt, jednakże gdy uruchamiam FRST i klikam na FIX, pojawia się komunikat po angielsku, że nie może znaleźć takiego pliku, i że powienien być on tam gdzie narzędzie.
Spyhunter nie daję rady odinstalować, w programach gdy klikam na niego pojawia się komunikat, iż ,,Installer failed with error code :14,,

**Posty:** 4765 · przez **ordynat** 24 Maj 2015, 13:44

C:\Users\Lila\Downloads

w tym folderze masz FRST.exe, więc i "fixlist.txt" musi być umieszczony w tym samym folderze.

Spy Hunter - dalem jego poszczególne elementy do "fixlist", więc jesli nawet nie da się go odinstalować, to i tak fizycznie go juz nie bedzie.
.

**Posty:** 4 · przez **lilka122** 24 Maj 2015, 13:50

Na szczęście ze Spyhunter dałam sobie radę, musiałam jeszcze raz zainstalować i dopiero wtedy odinstalować. Już go nie ma.

A w Mój Komputer, OS (C:) mam folder ,, FRST ,, a w nim foldery : Hives , Logs , Quarantine . I dokument fixlist.txt
Jednak jak otwieram program FRST i klikam na Fix , wyskakuje okienko, iż nie może znaleźć fixlist.txt ..

**Posty:** 4765 · przez **ordynat** 24 Maj 2015, 13:52

napisałem w swoim poprzednim logu, gdzie masz umieścić "fixlist"

**Posty:** 4 · przez **lilka122** 24 Maj 2015, 14:00

Dziękuję bardzo. Żle zrozumiałam jaki folder - no coż, jestem tylko dziewczyną..

Zrobiłam Fix, wszystko poszło dobrze, i mam nadzieję że tak zostanie. Od dziś będę uważała co instaluje, i wgl..

Jeszcze raz bardzo dziękuję za pomoc!

Kto jest na forum