zasekaný ntb + přesměrování na XXX a reklamy

[lukas424]

Dobrý den,

poslední dobou se mi razantně zpomalil ntb a začal se zasekávat, vir eset detekoval a uložil do karantény, problém s registrem jsem odstranil přes regedit nicméně zpomalená zůstává a v mozille jsem vždy přesměrován na různé reklamy nebo XXX stránky...Zkoušel jsem jí reinstall, ale nepomohlo to.Mám již spousty nástrojů na malware atd ale nepodařilo se mi pc vyčistit, jestli tedy mohu poprosit ještě o radu jaký antivir + program na údržbu je vhodný a nezatíží výkon pc, ntb by si již zasloužil přeinstalovat, ale sám si na to netroufám ...

Děkuji,

Logfile of random's system information tool 1.10 (written by random/random)
Run by Luke at 2014-11-25 11:23:50
Microsoft Windows 8.1 Pro
System drive C: has 290 GB (63%) free of 459 GB
Total RAM: 3689 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:24:06, on 25.11.2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Luke.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://vaioportal.sony.eu
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://vaioportal.sony.eu
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Connectify - Unknown owner - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: DCDhcpService - Atheros Communication Inc. - C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 11200 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe"
"dwm.exe"
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files (x86)\Connectify\ConnectifyService.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"ConnectifyD.exe"
dashost.exe {e8a22abf-3545-4fdd-9dd5b3e158b3978a}
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
C:\WINDOWS\system32\mqsvc.exe
"c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe"
"c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe"
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
"C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe"
C:\WINDOWS\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
C:\WINDOWS\SysWOW64\DllHost.exe /Processid:{CB45D4CA-8A34-4EF1-9957-6134E5270E83}
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
atieclxx
taskhostex.exe
taskeng.exe {429FF3E1-1813-4D64-ADA2-621750A3FB2A}
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
taskeng.exe {E6D2802F-D2EE-4F39-8EE2-485AA944317B}
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Sony\VAIO Smart Network\VSNService.exe"
/Device:000031a1
C:\Windows\System32\skydrive.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{B32DAC50-97B2-4BF7-A8DB-418294621529}
"C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" /Start
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe" /RunCurUs
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=5000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "&_" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\%C3 &_ Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=C:\ProgramData\Sony Corporation\VAIO Care\inteldata"
C:\Program Files\Sony\VAIO Care/listener.exe /silent /slot=0
"C:\Program Files\Sony\VAIO Care\VCSystemTray.exe" -create_disc -vssurunning
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe"
"C:\Program Files\Sony\VAIO Power Management\SPMService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Sony\VAIO Improvement\vim.exe" -System
"C:\Program Files\Sony\VAIO Improvement\vim.exe" -User
taskhost.exe $(Arg0)
"C:\Program Files\Sony\VAIO Care\VCService.exe"
"C:\Program Files\Sony\VAIO Care\VCAgent.exe"
C:\WINDOWS\System32\vds.exe
"C:\Program Files\Sony\VAIO Update Common\VUAgent.exe"
"C:\Program Files\Sony\VAIO Care\VCAdmin.exe"
"C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5448.0.271249410\1611627545" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17,38 --gpu-vendor-id=0x1002 --gpu-device-id=0x9808 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.251.9001.1001 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group18 pct:1i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Control/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_66/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5448.3.1461601077\1421433738" /prefetch:673131151
"C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group18 pct:1i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Control/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_66/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5448.4.179058370\1020718759" /prefetch:673131151
"C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group18 pct:1i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Control/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_66/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5448.5.1796143260\603110484" /prefetch:673131151
"C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group18 pct:1i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Control/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_66/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5448.13.635024334\1149382459" /prefetch:673131151

"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 584 588 596 65536 592
"C:\Users\Luke\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\ASC7_SkipUac_Luke.job - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe /SkipUac
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-992671368-3402663352-420794235-1001Core.job - C:\Users\Luke\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-992671368-3402663352-420794235-1001UA1ce820d41a5f20d.job - C:\Users\Luke\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Uninstaller_SkipUac_Administrator.job - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer

=========Mozilla firefox=========

ProfilePath - C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\1o789fln.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.223 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.223 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL


C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\1o789fln.default\extensions\
VJKPXI46039420@JMZUIOB85844870.com
{746505DC-0E21-4667-97F8-72EA6BCF5EEF}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-05-04 2471744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-05-08 75656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-03-29 52352]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2014-02-20 669504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2013-12-18 40312]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-25 11:23:52 ----D---- C:\Program Files\trend micro
2014-11-25 11:23:50 ----D---- C:\rsit
2014-11-24 18:54:48 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2014-11-24 18:54:48 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2014-11-24 18:54:48 ----A---- C:\WINDOWS\system32\pku2u.dll
2014-11-24 18:54:48 ----A---- C:\WINDOWS\system32\kerberos.dll
2014-11-24 18:36:32 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2014-11-16 18:24:52 ----AC---- C:\WINDOWS\system32\drivers\sdbus.sys
2014-11-16 18:23:54 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2014-11-16 18:23:53 ----A---- C:\WINDOWS\system32\schannel.dll
2014-11-16 18:23:52 ----A---- C:\WINDOWS\SYSWOW64\ncryptsslp.dll
2014-11-16 18:23:52 ----A---- C:\WINDOWS\system32\ncryptsslp.dll
2014-11-16 18:23:52 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2014-11-16 18:22:00 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2014-11-16 18:22:00 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2014-11-16 18:21:57 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2014-11-16 18:21:56 ----A---- C:\WINDOWS\system32\certcli.dll
2014-11-16 18:21:53 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-11-16 18:21:49 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2014-11-16 18:21:38 ----A---- C:\WINDOWS\system32\adtschema.dll
2014-11-16 18:21:35 ----A---- C:\WINDOWS\SYSWOW64\adtschema.dll
2014-11-16 18:21:31 ----A---- C:\WINDOWS\system32\rfxvmt.dll
2014-11-16 18:21:26 ----A---- C:\WINDOWS\system32\drivers\rdpvideominiport.sys
2014-11-16 18:20:57 ----A---- C:\WINDOWS\SYSWOW64\msaudite.dll
2014-11-16 18:20:56 ----A---- C:\WINDOWS\system32\rdpudd.dll
2014-11-16 18:20:56 ----A---- C:\WINDOWS\system32\msaudite.dll
2014-11-16 18:16:48 ----A---- C:\WINDOWS\system32\oleaut32.dll
2014-11-16 18:16:47 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2014-11-16 18:16:45 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2014-11-16 18:16:44 ----A---- C:\WINDOWS\system32\msi.dll
2014-11-16 18:16:44 ----A---- C:\WINDOWS\system32\authui.dll
2014-11-16 18:16:42 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2014-11-16 18:16:41 ----A---- C:\WINDOWS\SYSWOW64\msihnd.dll
2014-11-16 18:16:41 ----A---- C:\WINDOWS\system32\msihnd.dll
2014-11-16 18:16:40 ----A---- C:\WINDOWS\system32\consent.exe
2014-11-16 18:16:40 ----A---- C:\WINDOWS\system32\appinfo.dll
2014-11-16 18:16:22 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-11-16 18:16:19 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-11-16 18:16:19 ----A---- C:\WINDOWS\system32\wucltux.dll
2014-11-16 18:16:19 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-11-16 18:16:18 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2014-11-16 18:16:18 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2014-11-16 18:16:18 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-11-16 18:16:18 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2014-11-16 18:16:18 ----A---- C:\WINDOWS\system32\wuwebv.dll
2014-11-16 18:16:18 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-16 18:16:18 ----A---- C:\WINDOWS\system32\wups2.dll
2014-11-16 18:16:18 ----A---- C:\WINDOWS\system32\wups.dll
2014-11-16 18:16:18 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-11-16 18:16:18 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-11-16 18:16:18 ----A---- C:\WINDOWS\system32\wuapp.exe
2014-11-16 18:16:17 ----A---- C:\WINDOWS\system32\wuaext.dll
2014-11-16 18:14:53 ----A---- C:\WINDOWS\system32\user32.dll
2014-11-16 18:14:51 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2014-11-16 18:14:51 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2014-11-16 18:14:50 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2014-11-16 18:14:49 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2014-11-16 18:14:47 ----A---- C:\WINDOWS\SYSWOW64\winshfhc.dll
2014-11-16 18:14:47 ----A---- C:\WINDOWS\system32\winshfhc.dll
2014-11-16 18:14:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-11-16 18:14:00 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-11-16 18:09:56 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-11-16 18:09:16 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-11-16 18:08:33 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-11-16 18:08:22 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-11-16 18:08:16 ----A---- C:\WINDOWS\system32\wininet.dll
2014-11-16 18:08:09 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-11-16 18:07:58 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-11-16 18:07:45 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-11-16 18:07:37 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-11-16 18:07:30 ----A---- C:\WINDOWS\system32\inetcomm.dll
2014-11-16 18:07:29 ----A---- C:\WINDOWS\system32\actxprxy.dll
2014-11-16 18:07:28 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2014-11-16 18:07:27 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-11-16 18:07:25 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2014-11-16 18:07:25 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2014-11-16 18:07:25 ----A---- C:\WINDOWS\system32\jscript.dll
2014-11-16 18:07:25 ----A---- C:\WINDOWS\system32\ieui.dll
2014-11-16 18:07:23 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2014-11-16 18:07:23 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-11-16 18:07:22 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-11-16 18:07:22 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2014-11-16 18:07:22 ----A---- C:\WINDOWS\system32\vbscript.dll
2014-11-16 18:07:21 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2014-11-16 18:07:19 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-11-16 18:07:16 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2014-11-16 18:07:14 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-11-16 18:07:14 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-11-16 18:07:13 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2014-11-16 18:07:11 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-11-16 18:07:10 ----A---- C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-16 18:07:09 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2014-11-16 18:07:09 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2014-11-16 18:07:09 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2014-11-16 18:07:09 ----A---- C:\WINDOWS\system32\webcheck.dll
2014-11-16 18:07:09 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-11-16 18:07:08 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2014-11-16 18:07:08 ----A---- C:\WINDOWS\SYSWOW64\inseng.dll
2014-11-16 18:07:08 ----A---- C:\WINDOWS\SYSWOW64\ieUnatt.exe
2014-11-16 18:07:08 ----A---- C:\WINDOWS\SYSWOW64\iesysprep.dll
2014-11-16 18:07:08 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2014-11-16 18:07:08 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2014-11-16 18:07:08 ----A---- C:\WINDOWS\system32\msrating.dll
2014-11-16 18:07:08 ----A---- C:\WINDOWS\system32\ieUnatt.exe
2014-11-16 18:07:08 ----A---- C:\WINDOWS\system32\iesysprep.dll
2014-11-16 18:07:08 ----A---- C:\WINDOWS\system32\iepeers.dll
2014-11-16 18:07:08 ----A---- C:\WINDOWS\system32\ieetwcollector.exe
2014-11-16 18:07:08 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-11-16 18:07:08 ----A---- C:\WINDOWS\system32\hlink.dll
2014-11-16 18:07:07 ----A---- C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-16 18:07:07 ----A---- C:\WINDOWS\system32\inseng.dll
2014-11-16 18:07:06 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2014-11-16 18:07:05 ----A---- C:\WINDOWS\SYSWOW64\occache.dll
2014-11-16 18:07:05 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-11-16 18:07:05 ----A---- C:\WINDOWS\SYSWOW64\msfeedsbs.dll
2014-11-16 18:07:05 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2014-11-16 18:07:05 ----A---- C:\WINDOWS\SYSWOW64\IEAdvpack.dll
2014-11-16 18:07:05 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-11-16 18:07:05 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-11-16 18:07:04 ----A---- C:\WINDOWS\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-16 18:07:04 ----A---- C:\WINDOWS\SYSWOW64\iexpress.exe
2014-11-16 18:07:04 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2014-11-16 18:07:03 ----A---- C:\WINDOWS\system32\occache.dll
2014-11-16 18:07:01 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2014-11-16 18:07:01 ----A---- C:\WINDOWS\SYSWOW64\imgutil.dll
2014-11-16 18:07:01 ----A---- C:\WINDOWS\SYSWOW64\ieetwproxystub.dll
2014-11-16 18:07:01 ----A---- C:\WINDOWS\system32\imgutil.dll
2014-11-16 18:06:59 ----A---- C:\WINDOWS\SYSWOW64\wextract.exe
2014-11-16 18:06:59 ----A---- C:\WINDOWS\SYSWOW64\pngfilt.dll
2014-11-16 18:06:59 ----A---- C:\WINDOWS\SYSWOW64\licmgr10.dll
2014-11-16 18:06:59 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2014-11-16 18:06:59 ----A---- C:\WINDOWS\system32\pngfilt.dll
2014-11-16 18:06:59 ----A---- C:\WINDOWS\system32\licmgr10.dll
2014-11-16 18:06:59 ----A---- C:\WINDOWS\system32\iernonce.dll
2014-11-16 18:06:58 ----A---- C:\WINDOWS\SYSWOW64\url.dll
2014-11-16 18:06:58 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2014-11-16 18:06:57 ----A---- C:\WINDOWS\SYSWOW64\msfeedssync.exe
2014-11-16 18:06:57 ----A---- C:\WINDOWS\system32\wextract.exe
2014-11-16 18:06:57 ----A---- C:\WINDOWS\system32\url.dll
2014-11-16 18:06:57 ----A---- C:\WINDOWS\system32\iexpress.exe
2014-11-16 18:06:57 ----A---- C:\WINDOWS\system32\iesetup.dll
2014-11-16 18:06:57 ----A---- C:\WINDOWS\system32\IEAdvpack.dll
2014-11-16 18:06:56 ----A---- C:\WINDOWS\SYSWOW64\mshta.exe
2014-11-16 18:06:56 ----A---- C:\WINDOWS\system32\mshta.exe
2014-11-16 18:06:56 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2014-11-16 18:06:19 ----A---- C:\WINDOWS\system32\generaltel.dll
2014-11-16 18:06:19 ----A---- C:\WINDOWS\system32\devinv.dll
2014-11-16 18:06:19 ----A---- C:\WINDOWS\system32\aepdu.dll
2014-11-16 18:06:19 ----A---- C:\WINDOWS\system32\aeinv.dll
2014-11-16 18:06:18 ----A---- C:\WINDOWS\system32\aepic.dll
2014-11-16 18:06:17 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2014-11-16 18:06:17 ----A---- C:\WINDOWS\system32\msxml3.dll
2014-11-16 18:06:16 ----A---- C:\WINDOWS\system32\win32k.sys
2014-11-16 18:06:14 ----A---- C:\WINDOWS\SYSWOW64\packager.dll
2014-11-16 18:06:14 ----A---- C:\WINDOWS\system32\packager.dll
2014-11-16 18:06:13 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2014-11-16 18:06:13 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2014-11-16 18:06:13 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2014-11-16 18:06:13 ----A---- C:\WINDOWS\system32\audiosrv.dll
2014-11-16 18:06:13 ----A---- C:\WINDOWS\system32\AudioSes.dll
2014-11-16 18:06:13 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-16 18:06:13 ----A---- C:\WINDOWS\system32\audiodg.exe
2014-11-16 18:06:12 ----A---- C:\WINDOWS\system32\EncDump.dll
2014-11-16 18:06:12 ----A---- C:\WINDOWS\system32\AudioEng.dll
2014-11-16 18:06:12 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-10 19:16:18 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-10 19:16:11 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-11-09 13:02:35 ----AD---- C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZ.ZZ.Z.ZZ.Z
2014-11-07 20:31:01 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2014-11-03 18:12:12 ----AH---- C:\WINDOWS\system32\drivers\Hamdrv.sys
2014-10-29 21:54:53 ----ASH---- C:\pagefile.sys

======List of files/folders modified in the last 1 month======

2014-11-25 11:23:52 ----D---- C:\Program Files
2014-11-25 11:23:19 ----D---- C:\WINDOWS\Temp
2014-11-25 11:00:01 ----D---- C:\WINDOWS\system32\sru
2014-11-25 10:50:34 ----D---- C:\WINDOWS\Prefetch
2014-11-25 10:45:59 ----D---- C:\WINDOWS\Inf
2014-11-25 10:45:57 ----D---- C:\WINDOWS\system32\DriverStore
2014-11-25 10:45:46 ----RD---- C:\WINDOWS\System32
2014-11-25 10:45:46 ----D---- C:\WINDOWS\SysWOW64
2014-11-25 10:45:43 ----D---- C:\WINDOWS\system32\drivers
2014-11-25 10:45:35 ----D---- C:\Windows
2014-11-25 10:33:15 ----D---- C:\WINDOWS\system32\config
2014-11-25 10:19:56 ----D---- C:\WINDOWS\WinSxS
2014-11-24 21:20:41 ----D---- C:\WINDOWS\Microsoft.NET
2014-11-24 19:53:27 ----D---- C:\WINDOWS\AppReadiness
2014-11-24 19:53:26 ----HD---- C:\Program Files\WindowsApps
2014-11-24 19:52:50 ----D---- C:\WINDOWS\CbsTemp
2014-11-24 19:46:21 ----SHD---- C:\System Volume Information
2014-11-24 18:37:56 ----D---- C:\ProgramData\ProductData
2014-11-20 22:37:57 ----SD---- C:\WINDOWS\system32\CompatTel
2014-11-20 22:37:53 ----D---- C:\Program Files (x86)\Windows Defender
2014-11-20 22:37:52 ----D---- C:\Program Files\Windows Defender
2014-11-20 22:37:48 ----D---- C:\WINDOWS\system32\wbem
2014-11-20 22:37:45 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-11-20 22:37:45 ----D---- C:\WINDOWS\system32\cs-CZ
2014-11-20 22:37:42 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-20 22:37:41 ----D---- C:\WINDOWS\SYSWOW64\migration
2014-11-20 22:37:38 ----D---- C:\WINDOWS\system32\migration
2014-11-20 22:37:36 ----D---- C:\Program Files\Internet Explorer
2014-11-20 22:35:23 ----SHD---- C:\WINDOWS\Installer
2014-11-20 22:35:23 ----SHD---- C:\Config.Msi
2014-11-20 22:35:08 ----D---- C:\ProgramData\Microsoft Help
2014-11-20 22:28:01 ----D---- C:\WINDOWS\system32\catroot
2014-11-20 18:29:14 ----D---- C:\Program Files (x86)\WarThunder
2014-11-19 20:19:35 ----SD---- C:\ProgramData\Microsoft
2014-11-19 20:18:52 ----D---- C:\Program Files (x86)\Microsoft
2014-11-16 19:58:38 ----RSD---- C:\WINDOWS\assembly
2014-11-16 19:33:08 ----SD---- C:\Users\Luke\AppData\Roaming\Microsoft
2014-11-16 19:18:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-16 18:39:08 ----RSD---- C:\WINDOWS\Fonts
2014-11-16 18:35:00 ----D---- C:\WINDOWS\system32\MRT
2014-11-16 18:31:48 ----D---- C:\WINDOWS\Tasks
2014-11-16 18:31:48 ----D---- C:\WINDOWS\system32\Tasks
2014-11-16 18:26:32 ----A---- C:\WINDOWS\system32\MRT.exe
2014-11-16 18:18:34 ----RD---- C:\Program Files (x86)
2014-11-15 23:40:28 ----D---- C:\ProgramData\WarThunder
2014-11-10 19:01:38 ----D---- C:\Program Files\Common Files\System
2014-11-09 18:40:09 ----D---- C:\WINDOWS\system32\catroot2
2014-11-09 13:00:55 ----D---- C:\WINDOWS\debug
2014-11-09 10:57:23 ----D---- C:\WINDOWS\Minidump
2014-11-07 22:29:47 ----D---- C:\WINDOWS\rescache
2014-11-05 21:55:51 ----D---- C:\ProgramData\ShopperPro
2014-11-02 21:06:37 ----D---- C:\Program Files (x86)\BlazeVideo
2014-11-02 20:53:02 ----D---- C:\ProgramData\BlazeVideo
2014-10-30 19:56:30 ----D---- C:\Users\Luke\AppData\Roaming\Skype
2014-10-27 21:44:21 ----D---- C:\Users\Luke\AppData\Roaming\vlc

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 cnnctfy2;cnnctfy2; C:\WINDOWS\system32\DRIVERS\cnnctfy2.sys [2014-04-14 31344]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2012-10-08 211344]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2012-10-08 149592]
R2 APXACC;@oem19.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [2012-06-23 199008]
R2 epfwwfpr;epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [2012-10-08 138744]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2014-07-21 13209088]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2014-07-21 626688]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\WINDOWS\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
R3 AtiHDAudioService;@oem61.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdW86.sys [2013-06-19 91648]
R3 dtsoftbus01;@oem43.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2013-02-03 283200]
R3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2014-11-03 46136]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-04-12 4756200]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2013-11-01 173568]
R3 RSPCIESTOR;@oem24.inf,%Rts5208%;Realtek PCIE CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPStor.sys [2012-03-02 340072]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 SFEP;@oem37.inf,%SvcDesc%;Sony Firmware Extension Parser; C:\WINDOWS\System32\drivers\SFEP.sys [2012-01-16 14336]
R3 usbfilter;AMD USB Filter Driver; C:\WINDOWS\system32\DRIVERS\usbfilter.sys [2012-04-12 56448]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
S2 BstHdDrv;BlueStacks Hypervisor; C:\WINDOWS\system32\drivers\BstHdDrv.sys []
S2 sbmntr;SBMNTR; C:\WINDOWS\system32\drivers\sbmntr.sys []
S3 amd_sata;amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [2012-03-28 82048]
S3 amd_xata;amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [2012-03-28 42624]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\WINDOWS\System32\Drivers\AthDfu.sys [2012-03-29 52352]
S3 AtiDCM;AtiDCM; \??\C:\AMD\WU-CCC2\ccc2_install\Support64\atdcm64a.sys [2014-03-13 28416]
S3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-04-28 599240]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-07-24 1200640]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-01-31 81920]
S3 ggflt;@oem53.inf,%SvcFltDesc%;SOMC USB Flash Driver Filter; C:\WINDOWS\System32\drivers\ggflt.sys [2014-07-16 16088]
S3 ggsomc;@oem53.inf,%SvcDesc%;SOMC USB Flash Driver; C:\WINDOWS\System32\drivers\ggsomc.sys [2014-07-16 30424]
S3 IT9135BDA;@oem21.inf,%IT9135Devcie.FriendlyName%;IT9135 BDA Devices; C:\WINDOWS\System32\Drivers\IT9135BDA.sys [2010-02-03 113280]
S3 lehidmini;Bluetooth Low Energy Hid Device; C:\WINDOWS\system32\drivers\leath_hid.sys [2012-03-29 36608]
S3 SmbDrv;SmbDrv; C:\WINDOWS\system32\drivers\Smb_driver.sys [2012-04-12 21264]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-01-14 881952]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2014-07-21 239616]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 Connectify;Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [2011-09-29 69632]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-11-26 1329304]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-11-03 2530128]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-03-02 2429544]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-10-21 417552]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2013-11-01 25600]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-08-10 139856]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-08-10 139856]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-02-21 473960]
R2 SampleCollector;VAIO Care Performance Service; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-11-30 260768]
R2 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 uCamMonitor;CamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe [2012-04-12 65464]
R2 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2012-01-10 535688]
R3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2012-01-20 54432]
S2 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12 267440]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-08-10 50784]
S3 DCDhcpService;DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [2012-03-21 112256]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-28 114288]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2007-11-07 4466688]

-----------------EOF-----------------

[vyosek]

Zdravim a pekne dopoledne preji
Vas log se studuje a pracuje se na nem .
Prosim o strpeni!

[vyosek]

Predpokladam ze na ESET mate radne zakoupenou licenci??

Odinstalujte Advanced SystemCare a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Styl pokus-omyl a natahat do PC co nejvice antiviru a ruznych cisticu neni dobry - dochazi pak mezi nimi ke kolizi a padum PC.

Stahnete SecurityCheck http://screen317.spywareinfoforum.org/SecurityCheck.exe

• Ulozte nejlepe na Plochu
• Spustte tradicne dvouklikem a postupujte dle pokynu utility
• Po dokonceni skenu se vytvori a otevre log, ten mi sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[lukas424]

šmejdi odinstalovány, ja vím že to není správné, byla to tak trochu zoufalost 5min po 12té

Eset placený nemám, je aktivován kódem, který dostávám jednou za čas od kolegy v práci.

zde jsou logy:

Results of screen317's Security Check version 0.99.90
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
ESET NOD32 Antivirus 6.0
Windows Defender
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 67
Java version out of Date!
Adobe Flash Player 15.0.0.223
Adobe Reader 10.1.9 Adobe Reader out of Date!
Mozilla Firefox (33.0.2)
Google Chrome (38.0.2125.111)
Google Chrome (39.0.2171.65)
Google Chrome (chrome.exe..)
Google Chrome (debug.log..)
Google Chrome (Dictionaries...)
Google Chrome (First Run...)
Google Chrome (master_preferences...)
````````Process Check: objlist.exe by Laurent````````
ESET NOD32 Antivirus egui.exe
ESET NOD32 Antivirus ekrn.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````






---------------------------------------------------------------------------------------------------------------------------------------------------



# AdwCleaner v4.102 - Report created 25/11/2014 at 12:20:01
# Updated 23/11/2014 by Xplode
# Database : 2014-11-23.7 [Local]
# Operating System : Windows 8.1 Pro (64 bits)
# Username : Luke - LUKE-VAIO
# Running from : C:\Users\Luke\Downloads\adwcleaner_4.102.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : sbmntr

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\RegClean
Folder Deleted : C:\ProgramData\ShopperPro
Folder Deleted : C:\ProgramData\iolo
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\iSafe
Folder Deleted : C:\Program Files (x86)\SmartTweak
Folder Deleted : C:\Program Files (x86)\apps hat
Folder Deleted : C:\Users\Luke\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Luke\AppData\Local\CrashRpt
Folder Deleted : C:\Users\Luke\AppData\Roaming\eCyber
Folder Deleted : C:\Users\Luke\AppData\Roaming\iSafe
Folder Deleted : C:\Users\Luke\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Luke\AppData\Roaming\iolo
Folder Deleted : C:\Users\Luke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
Folder Deleted : C:\Users\Luke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\1o789fln.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
Folder Deleted : C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\1o789fln.default\Extensions\VJKPXI46039420@JMZUIOB85844870.com
File Deleted : C:\WINDOWS\System32\log\iSafeKrnlCall.log

***** [ Scheduled Tasks ] *****

Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : SMupdate1

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Luke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D\Sweet Home 3D.lnk

***** [ Registry ] *****

Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D4506CE-F855-4657-AA38-DB6B1F733982}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A31295B6-3C46-4E18-94CB-D8B8CEB8535A}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\smarttweak
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\SavePass 1.1
Key Deleted : HKCU\Software\AppDataLow\Software\Search Protection
Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\ShopperPro
Key Deleted : HKLM\SOFTWARE\Vittalia
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Protection
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v33.0.2 (x86 cs)

[1o789fln.default\prefs.js] - Line Deleted : user_pref("extensions.aVJKPXI46039420JMZUIOB85844870com63429.63429.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%22amazon.com%22%2C%22ant[...]
[1o789fln.default\prefs.js] - Line Deleted : user_pref("extensions.aVJKPXI46039420JMZUIOB85844870com63429.63429.internaldb.__ICM_LITE__fifty_test_rules.value", "%7B%22BR%22%3A%7B%22ALL%22%3A%5B%22tam.com.br%22%2C%22gol.com.br%22%2C%22walmart.com[...]
[1o789fln.default\prefs.js] - Line Deleted : user_pref("extensions.aVJKPXI46039420JMZUIOB85844870com63429.63429.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22[...]
[1o789fln.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "1498bbe6df0d2d5ef7256874d3929017");

-\\ Google Chrome v

[C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=65496797-544D-4756-921B-E1172E17A994&apn_ptnrs=U3&apn_sauid=8AC02D5D-F8C7-41AC-B54D-478FE21F3841&apn_dtid=OSJ000YYCZ&q={searchTerms}
[C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=65496797-544D-4756-921B-E1172E17A994&apn_ptnrs=U3&apn_sauid=8AC02D5D-F8C7-41AC-B54D-478FE21F3841&apn_dtid=OSJ000YYCZ&q={searchTerms}
[C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

*************************

AdwCleaner[R0].txt - [12021 octets] - [25/11/2014 12:17:26]
AdwCleaner[S0].txt - [11993 octets] - [25/11/2014 12:20:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12054 octets] ##########

[vyosek]

Takze pokud chcete pomoci, tak odinstalujte ten nelegalni ESET a nainstalujte nejake free reseni - napr. Avast http://www.avast.com/get/gWR5mo92

Nase forum nepodporuje piratsky SW, zejmena pak bezpecnostni...

[lukas424]

odinstalováno a již se instaluje Avast, mám udělat screen pro důkaz?

[vyosek]

Neni treba, verim Vam a ono se to promitne v dalsim postupu

Nechte Avast nainstalovat a vse potrebne probehnout

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[lukas424]

zde je log



Zoek.exe v5.0.0.0 Updated 24-11-2014
Tool run by Luke on Łt 25.11.2014 at 13:56:23,30.
Microsoft Windows 8.1 Pro 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Luke\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

25.11.2014 14:00:52 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\BlazeVideo deleted successfully
C:\PROGRA~2\City Interactive deleted successfully
C:\PROGRA~2\DsNET Corp deleted successfully
C:\PROGRA~2\Seznam.cz deleted successfully
C:\PROGRA~3\AMD deleted successfully
C:\PROGRA~3\BlazeVideo deleted successfully
C:\PROGRA~3\Freemake deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\TmForever deleted successfully
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully
C:\Users\Luke\AppData\Roaming\Dev-Cpp deleted successfully
C:\Users\Luke\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\Luke\AppData\Roaming\WinRAR deleted successfully
C:\Users\Luke\AppData\Local\Axialis deleted successfully
C:\Users\Luke\AppData\Local\CrashDumps deleted successfully
C:\Users\Luke\AppData\Local\WarThunder deleted successfully
C:\Users\Luke\AppData\Local\WMTools Downloaded Files deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-992671368-3402663352-420794235-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-992671368-3402663352-420794235-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_USERS\S-1-5-21-992671368-3402663352-420794235-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4d5f4846-377d-433c-9fbd-1a9d3caf6013} deleted successfully
HKEY_USERS\S-1-5-21-992671368-3402663352-420794235-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6EC50EF8-3E59-4762-B632-D3EE5B739D3B} deleted successfully
HKEY_USERS\S-1-5-21-992671368-3402663352-420794235-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9eb611bc-e407-4239-acda-17aed99a4174} deleted successfully
HKEY_USERS\S-1-5-21-992671368-3402663352-420794235-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8EBD9D9-C231-41AF-9420-C579D1DA7573} deleted successfully
HKEY_USERS\S-1-5-21-992671368-3402663352-420794235-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b4931536-e082-4eed-8d41-c7e4ddc8b0bc} deleted successfully
HKEY_USERS\S-1-5-21-992671368-3402663352-420794235-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C33EF6B7-509C-43E8-AC9A-107CA6585718} deleted successfully
HKEY_USERS\S-1-5-21-992671368-3402663352-420794235-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{db1c7c38-37b0-4a45-8a51-9ba3c0b8fb56} deleted successfully
HKEY_USERS\S-1-5-21-992671368-3402663352-420794235-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F2871F79-552D-4AB5-9BD9-962CF5422D28} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4d5f4846-377d-433c-9fbd-1a9d3caf6013} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9eb611bc-e407-4239-acda-17aed99a4174} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b4931536-e082-4eed-8d41-c7e4ddc8b0bc} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{db1c7c38-37b0-4a45-8a51-9ba3c0b8fb56} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\1o789fln.default\prefs.js:

Added to C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\1o789fln.default\prefs.js:

ProfilePath: C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\1o789fln.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_25.11.2014_1440_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found
C:\Users\Luke\AppData\Roaming\FreeVideoConverter deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [25.11.2014 13:00]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\1o789fln.default
D2377C9458EFEB094E38B8C874AA214C - C:\Users\Luke\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll - Google Update
67D325B5AEB28E381B84E8DE1A90C7A8 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll - Shockwave Flash
1919A4E982A86647F79ADD23B9AC3E11 - C:\Users\Luke\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[25.11.2014 12:59]

Advanced SystemCare Surfing Protection - Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd
Photo Zoom for Facebook - Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi
Black & Gray - Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\opngpggidjbhmmlapgcmcedfgblofagi

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://vaioportal.sony.eu"
"Default_Page_URL"="http://vaioportal.sony.eu"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://vaioportal.sony.eu"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{F4307451-F364-4184-8FCE-531B931849A5} eBay Url="http://rover.ebay.com/rover/1/14361-113 ... earchTerms}"

==== Reset Google Chrome ======================

C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Luke\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Luke\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Luke\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Luke\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Luke\AppData\Local\Mozilla\Firefox\Profiles\1o789fln.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=19 folders=19 14094322 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\DefaultAppPool\AppData\Local\Temp emptied successfully
C:\Users\Luke\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Luke\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Łt 25.11.2014 at 14:58:47,55 ======================

[vyosek]

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

[lukas424]

frst a add davam do přílohy

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-11-2014 01
Ran by Luke (administrator) on LUKE-VAIO on 25-11-2014 16:35:16
Running from C:\Users\Luke\Downloads
Loaded Profile: Luke (Available profiles: Luke & DefaultAppPool)
Platform: Windows 8.1 Pro (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
() C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17246_none_fa4ae8e99b1f603c\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Luke\AppData\Local\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-25] (AVAST Software)
HKU\S-1-5-21-992671368-3402663352-420794235-1001\...\MountPoints2: {17d87667-4b19-11e4-8041-30f9edee2d6e} - "D:\Startme.exe"
HKU\S-1-5-21-992671368-3402663352-420794235-1001\...\MountPoints2: {5dbb6851-1eda-11e3-bfcc-30f9edee2d6e} - "D:\Startme.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-992671368-3402663352-420794235-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://sony.msn.com
HKU\S-1-5-21-992671368-3402663352-420794235-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://sony.msn.com
HKU\S-1-5-21-992671368-3402663352-420794235-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://vaioportal.sony.eu
SearchScopes: HKU\S-1-5-21-992671368-3402663352-420794235-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-992671368-3402663352-420794235-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-992671368-3402663352-420794235-1001 -> {F4307451-F364-4184-8FCE-531B931849A5} URL = http://rover.ebay.com/rover/1/14361-113 ... earchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\1o789fln.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-992671368-3402663352-420794235-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Luke\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-992671368-3402663352-420794235-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Luke\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-992671368-3402663352-420794235-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Luke\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-25]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: No Name - C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\1o789fln.default\extensions\ascsurfingprotection@iobit.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "chrome://newtab/", "https://www.facebook.com/"
CHR Profile: C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-25]
CHR Extension: (Disk Google) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-25]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-05-30]
CHR Extension: (YouTube) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-25]
CHR Extension: (Adblock Plus) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-25]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2012-09-18]
CHR Extension: (Tabulky Google) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-25]
CHR Extension: (Avast Online Security) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-25]
CHR Extension: (Peněženka Google) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Gmail) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-25]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-25]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-25] (AVAST Software)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [69632 2011-09-29] () [File not signed]
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [112256 2012-03-21] (Atheros Communication Inc.)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-10-21] (LogMeIn, Inc.)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25600 2013-11-01] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-07] (Microsoft Corporation)
R2 PMBDeviceInfoProvider; c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [473960 2012-02-21] (Sony Corporation)
S2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [260768 2011-11-30] (Sony Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-11-01] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2013-11-01] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [163456 2012-03-29] (Atheros)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-25] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-25] ()
S3 AtiDCM; C:\AMD\WU-CCC2\ccc2_install\Support64\atdcm64a.sys [28416 2014-03-13] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2013-06-19] (Advanced Micro Devices)
S2 BstHdDrv; No ImagePath
R1 cnnctfy2; C:\Windows\system32\DRIVERS\cnnctfy2.sys [31344 2014-04-14] (Connectify)
R3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-02-03] (DT Soft Ltd)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2014-07-16] (Sony Mobile Communications)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-11-03] (LogMeIn Inc.)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
S3 lehidmini; C:\Windows\system32\drivers\leath_hid.sys [36608 2012-03-29] (Atheros)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [173568 2013-11-01] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [21264 2012-04-12] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
U3 idsvc; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-25 16:37 - 2014-11-25 16:37 - 00112640 _____ (forum.viry.cz) C:\Users\Luke\Downloads\FRSTLauncher.exe
2014-11-25 16:37 - 2014-11-25 16:37 - 00112640 _____ (forum.viry.cz) C:\Users\Luke\Downloads\FRSTLauncher - kopie.exe
2014-11-25 16:37 - 2014-11-25 16:32 - 02118144 _____ (Farbar) C:\Users\Luke\Downloads\FRST64 - kopie.exe
2014-11-25 16:36 - 2014-11-25 16:36 - 00112640 _____ (forum.viry.cz) C:\Users\Luke\Downloads\Nepotvrzeno 928758.crdownload
2014-11-25 16:35 - 2014-11-25 16:36 - 00017394 _____ () C:\Users\Luke\Downloads\FRST.txt
2014-11-25 16:35 - 2014-11-25 16:35 - 00000000 ____D () C:\FRST
2014-11-25 16:33 - 2014-11-25 16:33 - 00112640 _____ (forum.viry.cz) C:\Users\Luke\Downloads\Nepotvrzeno 757801.crdownload
2014-11-25 16:33 - 2014-11-25 16:33 - 00112640 _____ (forum.viry.cz) C:\Users\Luke\Downloads\Nepotvrzeno 61212.crdownload
2014-11-25 16:32 - 2014-11-25 16:32 - 02118144 _____ (Farbar) C:\Users\Luke\Downloads\FRST64.exe
2014-11-25 14:48 - 2014-11-25 13:55 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2014-11-25 14:37 - 2014-11-25 14:58 - 00000000 ____D () C:\zoek
2014-11-25 13:59 - 2014-11-25 14:58 - 00011713 _____ () C:\zoek-results.log
2014-11-25 13:55 - 2014-11-25 14:40 - 00000000 ____D () C:\zoek_backup
2014-11-25 13:55 - 2014-11-25 13:55 - 01294848 _____ () C:\Users\Luke\Desktop\zoek.exe
2014-11-25 13:50 - 2014-11-25 13:50 - 00000000 ____D () C:\Users\Luke\AppData\Roaming\AVAST Software
2014-11-25 13:01 - 2014-11-25 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-25 13:00 - 2014-11-25 13:50 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-11-25 13:00 - 2014-11-25 13:00 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-11-25 13:00 - 2014-11-25 13:00 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-11-25 13:00 - 2014-11-25 13:00 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-11-25 13:00 - 2014-11-25 13:00 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-11-25 13:00 - 2014-11-25 13:00 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-11-25 13:00 - 2014-11-25 13:00 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-11-25 13:00 - 2014-11-25 13:00 - 00083280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-11-25 13:00 - 2014-11-25 13:00 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-11-25 13:00 - 2014-11-25 13:00 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-11-25 13:00 - 2014-11-25 13:00 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-11-25 12:57 - 2014-11-25 12:57 - 00000000 ____D () C:\Program Files\AVAST Software
2014-11-25 12:56 - 2014-11-25 12:57 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-25 12:23 - 2014-11-25 12:23 - 00012195 _____ () C:\Users\Luke\Desktop\AdwCleaner[S0].txt
2014-11-25 12:13 - 2014-11-25 12:20 - 00000000 ____D () C:\AdwCleaner
2014-11-25 12:12 - 2014-11-25 12:12 - 00001132 _____ () C:\Users\Luke\Desktop\checkup.txt
2014-11-25 12:10 - 2014-11-25 12:10 - 02148864 _____ () C:\Users\Luke\Downloads\adwcleaner_4.102.exe
2014-11-25 12:08 - 2014-11-25 12:08 - 00854414 _____ () C:\Users\Luke\Downloads\SecurityCheck.exe
2014-11-25 12:07 - 2014-11-25 12:07 - 00000000 ____D () C:\WINDOWS\Tasks\ImCleanDisabled
2014-11-25 11:23 - 2014-11-25 11:24 - 00000000 ____D () C:\rsit
2014-11-25 11:23 - 2014-11-25 11:24 - 00000000 ____D () C:\Program Files\trend micro
2014-11-25 11:23 - 2014-11-25 11:23 - 01222144 _____ () C:\Users\Luke\Downloads\RSITx64.exe
2014-11-25 10:45 - 2014-11-25 10:46 - 00000507 _____ () C:\WINDOWS\SynInst.log
2014-11-24 18:54 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-11-24 18:54 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-11-24 18:54 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2014-11-24 18:54 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2014-11-24 18:36 - 2014-10-30 01:55 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-11-24 18:36 - 2014-10-30 01:55 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-16 18:24 - 2014-11-16 18:24 - 00236888 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-11-16 18:23 - 2014-09-27 08:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-11-16 18:23 - 2014-09-27 06:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-11-16 18:23 - 2014-09-27 04:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-11-16 18:23 - 2014-09-27 04:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-11-16 18:23 - 2014-09-27 04:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-11-16 18:22 - 2014-10-10 02:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-11-16 18:22 - 2014-10-08 07:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-11-16 18:21 - 2014-10-10 02:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2014-11-16 18:21 - 2014-10-10 02:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-11-16 18:21 - 2014-10-08 08:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-11-16 18:21 - 2014-10-08 08:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2014-11-16 18:21 - 2014-10-08 07:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-11-16 18:21 - 2014-10-08 07:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-11-16 18:21 - 2014-10-08 07:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-11-16 18:21 - 2014-10-08 06:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-11-16 18:20 - 2014-10-08 08:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2014-11-16 18:20 - 2014-10-08 08:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-11-16 18:20 - 2014-10-08 07:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2014-11-16 18:17 - 2014-11-16 18:17 - 00000000 ____D () C:\Users\Luke\Downloads\windows-8-manager_1.0.1
2014-11-16 18:16 - 2014-10-18 10:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-11-16 18:16 - 2014-10-18 09:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-11-16 18:16 - 2014-10-18 09:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-11-16 18:16 - 2014-10-18 08:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-11-16 18:16 - 2014-10-18 07:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-11-16 18:16 - 2014-10-18 07:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-11-16 18:16 - 2014-10-18 07:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-11-16 18:16 - 2014-10-18 07:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-11-16 18:16 - 2014-10-18 07:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-16 18:16 - 2014-10-18 07:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-11-16 18:16 - 2014-10-18 07:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-11-16 18:16 - 2014-10-18 07:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-11-16 18:16 - 2014-10-18 07:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-11-16 18:16 - 2014-10-18 07:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-11-16 18:16 - 2014-10-18 07:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-11-16 18:16 - 2014-10-18 07:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-11-16 18:16 - 2014-10-17 08:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-11-16 18:16 - 2014-10-17 07:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-11-16 18:16 - 2014-10-13 03:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-11-16 18:16 - 2014-10-11 01:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-11-16 18:16 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-11-16 18:16 - 2014-10-08 08:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-11-16 18:16 - 2014-10-08 08:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-11-16 18:16 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-11-16 18:16 - 2014-10-08 06:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-11-16 18:16 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-11-16 18:15 - 2014-11-16 18:16 - 09359115 _____ () C:\Users\Luke\Downloads\windows-8-manager_1.0.1.zip
2014-11-16 18:14 - 2014-10-31 06:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-11-16 18:14 - 2014-10-31 04:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-11-16 18:14 - 2014-09-22 05:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-11-16 18:14 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-11-16 18:14 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-11-16 18:14 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-11-16 18:14 - 2014-09-19 01:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-11-16 18:14 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2014-11-16 18:14 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2014-11-16 18:09 - 2014-10-31 04:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-11-16 18:09 - 2014-10-31 03:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-11-16 18:08 - 2014-10-31 05:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-11-16 18:08 - 2014-10-31 04:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-11-16 18:08 - 2014-10-31 03:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-11-16 18:08 - 2014-10-31 03:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-11-16 18:07 - 2014-10-31 06:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-11-16 18:07 - 2014-10-31 06:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-16 18:07 - 2014-10-31 06:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-11-16 18:07 - 2014-10-31 06:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-11-16 18:07 - 2014-10-31 06:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-11-16 18:07 - 2014-10-31 05:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-11-16 18:07 - 2014-10-31 05:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2014-11-16 18:07 - 2014-10-31 05:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2014-11-16 18:07 - 2014-10-31 05:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-11-16 18:07 - 2014-10-31 05:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-11-16 18:07 - 2014-10-31 05:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-11-16 18:07 - 2014-10-31 05:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-11-16 18:07 - 2014-10-31 05:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-11-16 18:07 - 2014-10-31 05:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-16 18:07 - 2014-10-31 05:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-11-16 18:07 - 2014-10-31 05:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2014-11-16 18:07 - 2014-10-31 05:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2014-11-16 18:07 - 2014-10-31 05:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-11-16 18:07 - 2014-10-31 05:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-11-16 18:07 - 2014-10-31 05:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-11-16 18:07 - 2014-10-31 05:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-11-16 18:07 - 2014-10-31 05:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-11-16 18:07 - 2014-10-31 05:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-11-16 18:07 - 2014-10-31 05:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-11-16 18:07 - 2014-10-31 05:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-11-16 18:07 - 2014-10-31 05:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-11-16 18:07 - 2014-10-31 05:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-11-16 18:07 - 2014-10-31 05:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-11-16 18:07 - 2014-10-31 05:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-11-16 18:07 - 2014-10-31 04:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-11-16 18:07 - 2014-10-31 04:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2014-11-16 18:07 - 2014-10-31 04:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-11-16 18:07 - 2014-10-31 04:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2014-11-16 18:07 - 2014-10-31 04:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-11-16 18:07 - 2014-10-31 04:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-11-16 18:07 - 2014-10-31 04:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-11-16 18:07 - 2014-10-31 04:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-11-16 18:07 - 2014-10-31 04:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-11-16 18:07 - 2014-10-31 04:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-11-16 18:07 - 2014-10-31 04:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-11-16 18:07 - 2014-10-31 04:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2014-11-16 18:07 - 2014-10-31 04:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2014-11-16 18:07 - 2014-10-31 04:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2014-11-16 18:07 - 2014-10-31 04:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-11-16 18:07 - 2014-10-31 04:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-11-16 18:07 - 2014-10-31 04:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-11-16 18:07 - 2014-10-31 04:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-11-16 18:07 - 2014-10-31 03:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-16 18:07 - 2014-10-31 03:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2014-11-16 18:07 - 2014-10-31 03:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-11-16 18:07 - 2014-10-31 03:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2014-11-16 18:07 - 2014-10-31 03:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-11-16 18:07 - 2014-10-31 03:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2014-11-16 18:07 - 2014-10-31 03:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-11-16 18:07 - 2014-10-31 03:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-11-16 18:07 - 2014-10-31 03:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-11-16 18:07 - 2014-10-31 03:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-11-16 18:07 - 2014-10-31 03:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-11-16 18:07 - 2014-10-31 03:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-11-16 18:07 - 2014-10-31 03:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-11-16 18:07 - 2014-10-31 03:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-11-16 18:07 - 2014-10-31 03:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-11-16 18:07 - 2014-10-31 03:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-11-16 18:07 - 2014-10-31 03:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2014-11-16 18:07 - 2014-10-31 03:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-11-16 18:07 - 2014-10-31 03:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-11-16 18:06 - 2014-11-16 18:06 - 00000000 ____D () C:\Users\Luke\Downloads\Autoruns
2014-11-16 18:06 - 2014-11-05 00:38 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-11-16 18:06 - 2014-11-04 01:10 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-11-16 18:06 - 2014-10-31 06:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2014-11-16 18:06 - 2014-10-31 06:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2014-11-16 18:06 - 2014-10-31 06:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2014-11-16 18:06 - 2014-10-31 06:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2014-11-16 18:06 - 2014-10-31 06:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2014-11-16 18:06 - 2014-10-31 06:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-11-16 18:06 - 2014-10-31 06:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-11-16 18:06 - 2014-10-31 05:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-11-16 18:06 - 2014-10-31 05:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2014-11-16 18:06 - 2014-10-31 05:53 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-11-16 18:06 - 2014-10-31 05:49 - 00537088 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-11-16 18:06 - 2014-10-31 05:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-11-16 18:06 - 2014-10-31 05:24 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-11-16 18:06 - 2014-10-31 04:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2014-11-16 18:06 - 2014-10-31 04:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2014-11-16 18:06 - 2014-10-31 04:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2014-11-16 18:06 - 2014-10-31 04:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2014-11-16 18:06 - 2014-10-31 04:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2014-11-16 18:06 - 2014-10-31 04:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-11-16 18:06 - 2014-10-31 04:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-11-16 18:06 - 2014-10-31 04:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2014-11-16 18:06 - 2014-10-23 06:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-11-16 18:06 - 2014-10-23 06:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-11-16 18:06 - 2014-10-07 07:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-11-16 18:06 - 2014-10-07 07:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-11-16 18:06 - 2014-10-07 07:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-16 18:06 - 2014-10-07 07:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-11-16 18:06 - 2014-10-07 07:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2014-11-16 18:06 - 2014-10-07 04:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-11-16 18:06 - 2014-10-07 04:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-11-16 18:06 - 2014-10-07 04:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-11-16 18:06 - 2014-10-07 04:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-11-16 18:06 - 2014-10-07 02:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-16 18:06 - 2014-10-07 02:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-11-16 18:06 - 2014-08-23 06:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-11-16 18:06 - 2014-08-23 06:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-11-16 18:05 - 2014-11-16 18:05 - 00511633 _____ () C:\Users\Luke\Downloads\Autoruns.zip
2014-11-15 21:01 - 2014-11-25 14:06 - 00000978 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-992671368-3402663352-420794235-1001UA1ce820d41a5f20d.job
2014-11-15 21:01 - 2014-11-24 21:06 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-992671368-3402663352-420794235-1001Core.job
2014-11-10 19:16 - 2014-11-10 19:16 - 00001177 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-10 19:16 - 2014-11-10 19:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-10 19:16 - 2014-11-10 19:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-10 19:14 - 2014-11-10 19:14 - 36253216 _____ () C:\Users\Luke\Downloads\Firefox Setup 33.0.2.exe
2014-11-09 18:38 - 2014-11-25 14:55 - 00007434 _____ () C:\WINDOWS\PFRO.log
2014-11-09 18:37 - 2014-11-16 18:59 - 106627072 _____ () C:\WINDOWS\system32\config\SOFTWARE.rcbak
2014-11-09 18:37 - 2014-11-16 18:59 - 00507904 _____ () C:\WINDOWS\system32\config\DEFAULT.rcbak
2014-11-09 18:37 - 2014-11-16 18:59 - 00073728 _____ () C:\WINDOWS\system32\config\SAM.rcbak
2014-11-09 18:37 - 2014-11-16 18:59 - 00032768 _____ () C:\WINDOWS\system32\config\SECURITY.rcbak
2014-11-09 18:37 - 2014-11-09 18:37 - 00000000 _____ () C:\asc_rdflag
2014-11-09 16:15 - 2014-11-09 16:15 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-11-09 16:15 - 2014-11-09 16:15 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-11-09 13:02 - 2014-11-09 13:02 - 00000000 ____D () C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZ.ZZ.Z.ZZ.Z
2014-11-07 20:31 - 2014-11-07 20:31 - 00000948 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-11-07 20:31 - 2014-11-07 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-11-07 20:31 - 2014-11-07 20:31 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-11-03 18:12 - 2014-11-03 18:12 - 00046136 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2014-10-27 20:40 - 2014-10-27 20:40 - 00271230 _____ () C:\Users\Luke\Downloads\DiBcom_mod7700_v31400_coinstall_JIESHIMEI_091102.rar
2014-10-27 20:40 - 2014-10-27 20:40 - 00000000 ____D () C:\Users\Luke\Downloads\DiBcom_mod7700_v31400_coinstall_JIESHIMEI_091102
2014-10-27 20:39 - 2014-10-27 20:41 - 07589161 _____ (Siano Mobile Silicon ) C:\Users\Luke\Downloads\Setup_DVBT_DEF_4_5_2_0_41_NonWHQL_x64.exe
2014-10-27 19:35 - 2014-10-27 19:35 - 00056854 _____ () C:\Users\Luke\Downloads\Výhody produkty Skupiny pro zaměstnance ČSOB.XLSX

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-25 16:34 - 2012-11-10 19:53 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-992671368-3402663352-420794235-1001
2014-11-25 16:29 - 2013-11-19 09:52 - 00000000 __RDO () C:\Users\Luke\SkyDrive
2014-11-25 16:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-25 14:59 - 2012-05-08 11:29 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-11-25 14:56 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-25 14:54 - 2013-11-01 04:41 - 01686060 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-25 12:53 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-11-25 12:20 - 2014-04-10 17:50 - 00000000 ____D () C:\WINDOWS\system32\log
2014-11-25 12:20 - 2013-11-25 18:13 - 00000000 ____D () C:\Users\Luke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D
2014-11-25 12:07 - 2014-05-04 20:55 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-11-25 11:48 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-11-25 10:46 - 2012-09-15 22:07 - 00000000 ____D () C:\Users\Luke\AppData\Local\VirtualStore
2014-11-25 10:27 - 2013-11-03 14:49 - 00003970 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2CBCE424-96FF-4A85-9DC1-68584BC55A55}
2014-11-24 21:26 - 2013-08-22 14:25 - 01048576 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-24 19:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-11-24 19:52 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-20 22:37 - 2014-07-13 22:00 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-11-20 22:37 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-20 22:37 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-20 22:37 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-20 22:37 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-20 22:35 - 2012-09-16 14:14 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-20 18:29 - 2014-06-07 12:16 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2014-11-16 19:18 - 2013-11-01 03:49 - 02146092 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-16 19:18 - 2013-09-30 04:56 - 00880450 _____ () C:\WINDOWS\system32\perfh005.dat
2014-11-16 19:18 - 2013-09-30 04:56 - 00211460 _____ () C:\WINDOWS\system32\perfc005.dat
2014-11-16 19:01 - 2013-08-22 15:44 - 00507096 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-16 18:59 - 2013-08-22 14:25 - 12582912 _____ () C:\WINDOWS\system32\config\SYSTEM.rcbak
2014-11-16 18:35 - 2013-08-16 20:04 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-16 18:26 - 2012-09-19 10:02 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-11-16 17:51 - 2014-10-14 20:07 - 00000000 ____D () C:\Users\Luke\AppData\Local\LogMeIn Hamachi
2014-11-15 23:40 - 2014-06-07 12:16 - 00000000 ____D () C:\ProgramData\WarThunder
2014-11-15 21:01 - 2013-07-16 11:14 - 00003922 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-992671368-3402663352-420794235-1001UA1ce820d41a5f20d
2014-11-15 21:01 - 2012-09-17 09:54 - 00003542 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-992671368-3402663352-420794235-1001Core
2014-11-12 18:59 - 2012-05-08 11:29 - 00003742 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-11-10 19:01 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-11-09 18:37 - 2014-05-14 19:39 - 106627072 _____ () C:\WINDOWS\system32\config\SOFTWARE.iodefrag.bak
2014-11-09 18:37 - 2014-05-14 19:39 - 00507904 _____ () C:\WINDOWS\system32\config\DEFAULT.iodefrag.bak
2014-11-09 18:37 - 2014-05-14 19:39 - 00073728 _____ () C:\WINDOWS\system32\config\SAM.iodefrag.bak
2014-11-09 18:37 - 2014-05-14 19:39 - 00032768 _____ () C:\WINDOWS\system32\config\SECURITY.iodefrag.bak
2014-11-09 18:37 - 2013-11-01 04:02 - 00000000 ____D () C:\Users\Luke
2014-11-09 10:57 - 2014-10-24 22:47 - 00000000 ____D () C:\WINDOWS\Minidump
2014-11-02 21:21 - 2014-10-03 16:47 - 00000000 ____D () C:\Users\Luke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnvSoft
2014-10-30 19:56 - 2012-09-18 09:42 - 00000000 ____D () C:\Users\Luke\AppData\Roaming\Skype
2014-10-30 12:25 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-10-27 21:44 - 2014-08-24 18:16 - 00000000 ____D () C:\Users\Luke\AppData\Roaming\vlc
2014-10-27 20:49 - 2014-10-25 23:09 - 00002023 _____ () C:\ProgramData\PipShareTuner.log
2014-10-27 20:49 - 2014-10-25 22:44 - 00002560 _____ () C:\ProgramData\LmeZJSW.log
2014-10-27 20:49 - 2014-10-24 22:45 - 00003222 _____ () C:\ProgramData\LmeUSB.log
2014-10-27 20:49 - 2014-10-24 22:45 - 00002604 _____ () C:\ProgramData\LSDmbTH.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-25 13:07

==================== End Of Log ============================

[vyosek]

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  
  KU\S-1-5-21-992671368-3402663352-420794235-1001\...\MountPoints2: {17d87667-4b19-11e4-8041-30f9edee2d6e} - "D:\Startme.exe"
  HKU\S-1-5-21-992671368-3402663352-420794235-1001\...\MountPoints2: {5dbb6851-1eda-11e3-bfcc-30f9edee2d6e} - "D:\Startme.exe" 
  
  HKU\S-1-5-21-992671368-3402663352-420794235-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://sony.msn.com
  HKU\S-1-5-21-992671368-3402663352-420794235-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://sony.msn.com
  HKU\S-1-5-21-992671368-3402663352-420794235-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://vaioportal.sony.eu
  SearchScopes: HKU\S-1-5-21-992671368-3402663352-420794235-1001 -> {F4307451-F364-4184-8FCE-531B931849A5} URL = http://rover.ebay.com/rover/1/14361-113 ... h-Q212&kw={searchTerms}
  
  FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
  FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
  FF Extension: No Name - C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\1o789fln.default\extensions\ascsurfingprotection@iobit.com [Not Found]
  FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
  
  CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-05-30]
  
  S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
  
  C:\Program Files (x86)\IObit
  14-11-25 16:37 - 2014-11-25 16:37 - 00112640 _____ (forum.viry.cz) C:\Users\Luke\Downloads\FRSTLauncher.exe
  2014-11-25 16:37 - 2014-11-25 16:37 - 00112640 _____ (forum.viry.cz) C:\Users\Luke\Downloads\FRSTLauncher - kopie.exe
  2014-11-25 16:36 - 2014-11-25 16:36 - 00112640 _____ (forum.viry.cz) C:\Users\Luke\Downloads\Nepotvrzeno 928758.crdownload
  2014-11-25 16:35 - 2014-11-25 16:36 - 00017394 _____ () C:\Users\Luke\Downloads\FRST.txt
  2014-11-25 16:33 - 2014-11-25 16:33 - 00112640 _____ (forum.viry.cz) C:\Users\Luke\Downloads\Nepotvrzeno 757801.crdownload
  2014-11-25 16:33 - 2014-11-25 16:33 - 00112640 _____ (forum.viry.cz) C:\Users\Luke\Downloads\Nepotvrzeno 61212.crdownload
  2014-11-25 14:48 - 2014-11-25 13:55 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
  2014-11-25 14:37 - 2014-11-25 14:58 - 00000000 ____D () C:\zoek
  2014-11-25 13:59 - 2014-11-25 14:58 - 00011713 _____ () C:\zoek-results.log
  2014-11-25 13:55 - 2014-11-25 14:40 - 00000000 ____D () C:\zoek_backup
  2014-11-25 13:55 - 2014-11-25 13:55 - 01294848 _____ () C:\Users\Luke\Desktop\zoek.exe
  2014-11-25 12:23 - 2014-11-25 12:23 - 00012195 _____ () C:\Users\Luke\Desktop\AdwCleaner[S0].txt
  2014-11-25 12:13 - 2014-11-25 12:20 - 00000000 ____D () C:\AdwCleaner
  2014-11-25 12:12 - 2014-11-25 12:12 - 00001132 _____ () C:\Users\Luke\Desktop\checkup.txt
  2014-11-25 12:10 - 2014-11-25 12:10 - 02148864 _____ () C:\Users\Luke\Downloads\adwcleaner_4.102.exe
  2014-11-25 12:08 - 2014-11-25 12:08 - 00854414 _____ () C:\Users\Luke\Downloads\SecurityCheck.exe
  2014-11-25 12:07 - 2014-11-25 12:07 - 00000000 ____D () C:\WINDOWS\Tasks\ImCleanDisabled
  2014-11-25 11:23 - 2014-11-25 11:24 - 00000000 ____D () C:\rsit
  2014-11-25 11:23 - 2014-11-25 11:24 - 00000000 ____D () C:\Program Files\trend micro
  2014-11-25 11:23 - 2014-11-25 11:23 - 01222144 _____ () C:\Users\Luke\Downloads\RSITx64.exe
  2014-11-10 19:14 - 2014-11-10 19:14 - 36253216 _____ () C:\Users\Luke\Downloads\Firefox Setup 33.0.2.exe
  2014-11-09 18:38 - 2014-11-25 14:55 - 00007434 _____ () C:\WINDOWS\PFRO.log
  2014-11-09 18:37 - 2014-11-16 18:59 - 106627072 _____ () C:\WINDOWS\system32\config\SOFTWARE.rcbak
  2014-11-09 18:37 - 2014-11-16 18:59 - 00507904 _____ () C:\WINDOWS\system32\config\DEFAULT.rcbak
  2014-11-09 18:37 - 2014-11-16 18:59 - 00073728 _____ () C:\WINDOWS\system32\config\SAM.rcbak
  2014-11-09 18:37 - 2014-11-16 18:59 - 00032768 _____ () C:\WINDOWS\system32\config\SECURITY.rcbak
  2014-11-09 18:37 - 2014-11-09 18:37 - 00000000 _____ () C:\asc_rdflag
  2014-11-09 16:15 - 2014-11-09 16:15 - 00000000 _____ () C:\WINDOWS\setuperr.log
  2014-11-09 16:15 - 2014-11-09 16:15 - 00000000 _____ () C:\WINDOWS\setupact.log
  
  Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-992671368-3402663352-420794235-1001Core.job => C:\Users\Luke\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-992671368-3402663352-420794235-1001UA1ce820d41a5f20d.job => C:\Users\Luke\AppData\Local\Google\Update\GoogleUpdate.exe
  
  AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZ.ZZ.Z.ZZ.Z:1
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[lukas424]

zde je log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-11-2014 01
Ran by Luke at 2014-11-25 20:02:41 Run:1
Running from C:\Users\Luke\Desktop
Loaded Profile: Luke (Available profiles: Luke & DefaultAppPool)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:

KU\S-1-5-21-992671368-3402663352-420794235-1001\...\MountPoints2: {17d87667-4b19-11e4-8041-30f9edee2d6e} - "D:\Startme.exe"
HKU\S-1-5-21-992671368-3402663352-420794235-1001\...\MountPoints2: {5dbb6851-1eda-11e3-bfcc-30f9edee2d6e} - "D:\Startme.exe"

HKU\S-1-5-21-992671368-3402663352-420794235-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://sony.msn.com
HKU\S-1-5-21-992671368-3402663352-420794235-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://sony.msn.com
HKU\S-1-5-21-992671368-3402663352-420794235-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://vaioportal.sony.eu
SearchScopes: HKU\S-1-5-21-992671368-3402663352-420794235-1001 -> {F4307451-F364-4184-8FCE-531B931849A5} URL = http://rover.ebay.com/rover/1/14361-113 ... h-Q212&kw={searchTerms}

FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: No Name - C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\1o789fln.default\extensions\ascsurfingprotection@iobit.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]

CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-05-30]

S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)

C:\Program Files (x86)\IObit
14-11-25 16:37 - 2014-11-25 16:37 - 00112640 _____ (forum.viry.cz) C:\Users\Luke\Downloads\FRSTLauncher.exe
2014-11-25 16:37 - 2014-11-25 16:37 - 00112640 _____ (forum.viry.cz) C:\Users\Luke\Downloads\FRSTLauncher - kopie.exe
2014-11-25 16:36 - 2014-11-25 16:36 - 00112640 _____ (forum.viry.cz) C:\Users\Luke\Downloads\Nepotvrzeno 928758.crdownload
2014-11-25 16:35 - 2014-11-25 16:36 - 00017394 _____ () C:\Users\Luke\Downloads\FRST.txt
2014-11-25 16:33 - 2014-11-25 16:33 - 00112640 _____ (forum.viry.cz) C:\Users\Luke\Downloads\Nepotvrzeno 757801.crdownload
2014-11-25 16:33 - 2014-11-25 16:33 - 00112640 _____ (forum.viry.cz) C:\Users\Luke\Downloads\Nepotvrzeno 61212.crdownload
2014-11-25 14:48 - 2014-11-25 13:55 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2014-11-25 14:37 - 2014-11-25 14:58 - 00000000 ____D () C:\zoek
2014-11-25 13:59 - 2014-11-25 14:58 - 00011713 _____ () C:\zoek-results.log
2014-11-25 13:55 - 2014-11-25 14:40 - 00000000 ____D () C:\zoek_backup
2014-11-25 13:55 - 2014-11-25 13:55 - 01294848 _____ () C:\Users\Luke\Desktop\zoek.exe
2014-11-25 12:23 - 2014-11-25 12:23 - 00012195 _____ () C:\Users\Luke\Desktop\AdwCleaner[S0].txt
2014-11-25 12:13 - 2014-11-25 12:20 - 00000000 ____D () C:\AdwCleaner
2014-11-25 12:12 - 2014-11-25 12:12 - 00001132 _____ () C:\Users\Luke\Desktop\checkup.txt
2014-11-25 12:10 - 2014-11-25 12:10 - 02148864 _____ () C:\Users\Luke\Downloads\adwcleaner_4.102.exe
2014-11-25 12:08 - 2014-11-25 12:08 - 00854414 _____ () C:\Users\Luke\Downloads\SecurityCheck.exe
2014-11-25 12:07 - 2014-11-25 12:07 - 00000000 ____D () C:\WINDOWS\Tasks\ImCleanDisabled
2014-11-25 11:23 - 2014-11-25 11:24 - 00000000 ____D () C:\rsit
2014-11-25 11:23 - 2014-11-25 11:24 - 00000000 ____D () C:\Program Files\trend micro
2014-11-25 11:23 - 2014-11-25 11:23 - 01222144 _____ () C:\Users\Luke\Downloads\RSITx64.exe
2014-11-10 19:14 - 2014-11-10 19:14 - 36253216 _____ () C:\Users\Luke\Downloads\Firefox Setup 33.0.2.exe
2014-11-09 18:38 - 2014-11-25 14:55 - 00007434 _____ () C:\WINDOWS\PFRO.log
2014-11-09 18:37 - 2014-11-16 18:59 - 106627072 _____ () C:\WINDOWS\system32\config\SOFTWARE.rcbak
2014-11-09 18:37 - 2014-11-16 18:59 - 00507904 _____ () C:\WINDOWS\system32\config\DEFAULT.rcbak
2014-11-09 18:37 - 2014-11-16 18:59 - 00073728 _____ () C:\WINDOWS\system32\config\SAM.rcbak
2014-11-09 18:37 - 2014-11-16 18:59 - 00032768 _____ () C:\WINDOWS\system32\config\SECURITY.rcbak
2014-11-09 18:37 - 2014-11-09 18:37 - 00000000 _____ () C:\asc_rdflag
2014-11-09 16:15 - 2014-11-09 16:15 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-11-09 16:15 - 2014-11-09 16:15 - 00000000 _____ () C:\WINDOWS\setupact.log

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-992671368-3402663352-420794235-1001Core.job => C:\Users\Luke\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-992671368-3402663352-420794235-1001UA1ce820d41a5f20d.job => C:\Users\Luke\AppData\Local\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZ.ZZ.Z.ZZ.Z:1

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
KU\S-1-5-21-992671368-3402663352-420794235-1001\...\MountPoints2: {17d87667-4b19-11e4-8041-30f9edee2d6e} - "D:\Startme.exe" => Error: No automatic fix found for this entry.
"HKU\S-1-5-21-992671368-3402663352-420794235-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5dbb6851-1eda-11e3-bfcc-30f9edee2d6e}" => Key deleted successfully.
"HKCR\CLSID\{5dbb6851-1eda-11e3-bfcc-30f9edee2d6e}" => Key not found.
HKU\S-1-5-21-992671368-3402663352-420794235-1001\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value deleted successfully.
HKU\S-1-5-21-992671368-3402663352-420794235-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value deleted successfully.
HKU\S-1-5-21-992671368-3402663352-420794235-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
"HKU\S-1-5-21-992671368-3402663352-420794235-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F4307451-F364-4184-8FCE-531B931849A5}" => Key deleted successfully.
"HKCR\CLSID\{F4307451-F364-4184-8FCE-531B931849A5}" => Key not found.
HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value deleted successfully.
C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\1o789fln.default\extensions\ascsurfingprotection@iobit.com not found.
C:\Program Files (x86)\IObit Apps Toolbar\FF not found.
C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd => Moved successfully.
LiveUpdateSvc => Service deleted successfully.
C:\Program Files (x86)\IObit => Moved successfully.
14-11-25 16:37 - 2014-11-25 16:37 - 00112640 _____ (forum.viry.cz) C:\Users\Luke\Downloads\FRSTLauncher.exe => Error: No automatic fix found for this entry.
C:\Users\Luke\Downloads\FRSTLauncher - kopie.exe => Moved successfully.
"C:\Users\Luke\Downloads\Nepotvrzeno 928758.crdownload" => File/Directory not found.
C:\Users\Luke\Downloads\FRST.txt => Moved successfully.
"C:\Users\Luke\Downloads\Nepotvrzeno 757801.crdownload" => File/Directory not found.
"C:\Users\Luke\Downloads\Nepotvrzeno 61212.crdownload" => File/Directory not found.
C:\WINDOWS\zoek-delete.exe => Moved successfully.
C:\zoek => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Luke\Desktop\zoek.exe => Moved successfully.
C:\Users\Luke\Desktop\AdwCleaner[S0].txt => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Luke\Desktop\checkup.txt => Moved successfully.
C:\Users\Luke\Downloads\adwcleaner_4.102.exe => Moved successfully.
C:\Users\Luke\Downloads\SecurityCheck.exe => Moved successfully.
C:\WINDOWS\Tasks\ImCleanDisabled => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\Luke\Downloads\RSITx64.exe => Moved successfully.
C:\Users\Luke\Downloads\Firefox Setup 33.0.2.exe => Moved successfully.
C:\WINDOWS\PFRO.log => Moved successfully.
C:\WINDOWS\system32\config\SOFTWARE.rcbak => Moved successfully.
C:\WINDOWS\system32\config\DEFAULT.rcbak => Moved successfully.
C:\WINDOWS\system32\config\SAM.rcbak => Moved successfully.
C:\WINDOWS\system32\config\SECURITY.rcbak => Moved successfully.
C:\asc_rdflag => Moved successfully.
C:\WINDOWS\setuperr.log => Moved successfully.
C:\WINDOWS\setupact.log => Moved successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-992671368-3402663352-420794235-1001Core.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-992671368-3402663352-420794235-1001UA1ce820d41a5f20d.job => Moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZ.ZZ.Z.ZZ.Z => ":1" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 58.3 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====

[vyosek]

Tak jeste uklidime

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remote disinfection tools
• Kliknete na Run

Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

[lukas424]

log z delfixu:

# DelFix v10.8 - Logfile created 25/11/2014 at 21:08:34
# Updated 29/07/2014 by Xplode
# Username : Luke - LUKE-VAIO
# Operating System : Windows 8.1 Pro (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\Users\Luke\Desktop\Addition.txt
Deleted : C:\Users\Luke\Desktop\Fixlog.txt
Deleted : C:\Users\Luke\Desktop\FRST.txt
Deleted : C:\Users\Luke\Desktop\FRST64.exe
Deleted : C:\Users\Luke\Desktop\FRSTLauncher.exe
Deleted : C:\Users\Luke\Downloads\Addition.txt
Deleted : C:\Users\Luke\Downloads\FRST64 - kopie.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

########## - EOF - ##########



Mnohokrát děkuji, mozilla již nevykazuje problémy s přesměrováním a sekání PC je také pryč
Děkuji

[vyosek]

Log DelFixu muzete smazat

Nemate zac, rad jsem pomohl Zase nekdy

A na zaklade Pravidla o zamykani temat