Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o preventivku

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
TheLafroms
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 27 úno 2015 13:13
Bydliště: Moravskoslezský Kraj

Prosím o preventivku

#1 Příspěvek od TheLafroms »

Zdravím, chtěl bych zjistit škodlivé, nepotřebné soubory atd..
-Tohle je moje první preventivka, jinak děkuji mockrát :)
-Zde je RSIT Log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Vaio at 2015-02-27 13:18:04
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 389 GB (56%) free of 699 GB
Total RAM: 4078 MB (24% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:18:59, on 27.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
C:\Users\Vaio\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Users\Vaio\AppData\Local\Akamai\netsession_win.exe
C:\Users\Vaio\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Vaio.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source= ... 1393443704
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?utm_ ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?utm_ ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... 1393443704
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:0
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: RemoveAAdsTube - {3E36436F-86D0-6FA3-D896-2DA98074B23F} - C:\ProgramData\RemoveAAdsTube\lp.dll
O2 - BHO: ExsTraCoouipona - {63FC8E0B-A4EA-8D5C-213D-75007DAA9233} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\RunOnce: [20150107] C:\Program Files\AVAST Software\Avast\setup\emupdate\5b606269-5e60-4f72-be75-81bd70aa4d05.exe /check
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Vaio\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Vaio\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Vaio\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Vaio\AppData\Roaming\uTorrent\updates\3.4.2_37754.exe" /MINIMIZED
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_89795E3EB0F087CBFC7DD184DE478512] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
O8 - Extra context menu item: &Download All using 4shared Desktop - res://C:\Program Files (x86)\4shared Desktop\Desktop.32/D_ALL_LINK
O8 - Extra context menu item: &Download using 4shared Desktop - res://C:\Program Files (x86)\4shared Desktop\Desktop.32/D_ONE_LINK
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: YAC Service (iSafeService) - Elex do Brasil Participaçoes Ltda - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WinZiper service (winzipersvc) - Taiwan Shui Mu Chih Ching Technology Limited. - C:\Program Files (x86)\WinZipper\winzipersvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 19371 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
c:\windows\system32\svchost.exe -k dcomlaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe"
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k localservicenetworkrestricted
"C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe"
"C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted
c:\windows\system32\svchost.exe -k localservice
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k gpsvcgroup
c:\windows\system32\svchost.exe -k networkservice
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files (x86)\WinZipper\winzipersvc.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {09E09021-E974-4314-B595-2A90E8D7A7CF}
c:\windows\system32\svchost.exe -k localservicenonetwork
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe"
"C:\Windows\system32\mfevtps.exe"
"C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
c:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe"
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe"
"C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe"
"C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe"
c:\windows\system32\svchost.exe -k secsvcs
"C:\Windows\SysWOW64\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\x64\saHook.dll", saHooker_Initialize_and_Wait
C:\Windows\SysWOW64\DllHost.exe /Processid:{CB45D4CA-8A34-4EF1-9957-6134E5270E83}
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
WLIDSvcM.exe 3144
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {A5493B91-7E46-4791-B953-F64312A51F20}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\Explorer.EXE
taskeng.exe {DD53F9E4-A9AD-4D19-A1CC-0620E1659E4B}
"C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Windows\System32\TiltWheelMouse.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
szndesktop.exe default start
"C:\Users\Vaio\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "757579402655803901-1198956452-28360471418875575162072800909-644576974-2058061107
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe"
"C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5716.0.2140205501\1049295119" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17,38,46 --gpu-vendor-id=0x10de --gpu-device-id=0x1055 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4465 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/Hivemind_A3_Stable_R7_Postperiod/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_51/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5716.3.1952160800\164581127" /prefetch:673131151
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe" /Stationary
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files\Sony\VAIO Smart Network\VSNService.exe"
/Device:000000a1
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=5000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\% C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=C:\ProgramData\Sony Corporation\VAIO Care\inteldata"
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe" --parent-window=0 chrome-extension://fheoggkfdfchfphceeifdbepaooicaho/ < \\.\pipe\chrome.nativeMessaging.in.b2fe68da2acd4d5c > \\.\pipe\chrome.nativeMessaging.out.b2fe68da2acd4d5c
\??\C:\Windows\system32\conhost.exe "1133417227-287879616-535250922-523941309603794761-744551154866284617340763786
"C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe" --parent-window=0 chrome-extension://fheoggkfdfchfphceeifdbepaooicaho/
"c:\PROGRA~2\mcafee\SITEAD~1\saui.exe" -Embedding
"C:\Program Files\Sony\VAIO Update 5\VUAgent.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe"
"C:\Program Files\Sony\VAIO Care\VCsystray.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
c:\windows\system32\svchost.exe -k sdrsvc
"C:\Program Files\Sony\VAIO Care\VCService.exe"
"C:\Program Files\Sony\VAIO Care\VCAgent.exe"
C:\Windows\System32\vds.exe
StartVC*SelfHeal*silence+EU\cs-CZ
C:\Windows\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
C:\Windows\system32\vssvc.exe
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe" /SkipUac
"C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe"
c:\windows\system32\svchost.exe -k swprv
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Steam\steam.exe" "steam://rungameid/730"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\Vaio\AppData\Local\Steam\htmlcache" -steampid 28264 -buildid 1424305157 -steamid "0" --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"taskhost.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-accelerated-video-decode --disable-delegated-renderer --disable-gpu-compositing --disable-threaded-compositing --enable-pinch --enable-software-compositing --no-sandbox --enable-direct-write --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-accelerated-compositing --disable-gpu-compositing --channel="32860.4.828162764\602844086" /prefetch:673131151
"c:\PROGRA~1\mcafee\msc\mcupdmgr.exe" -Embedding

"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-accelerated-video-decode --disable-delegated-renderer --disable-gpu-compositing --disable-threaded-compositing --enable-pinch --enable-software-compositing --no-sandbox --enable-direct-write --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-accelerated-compositing --disable-gpu-compositing --channel="32860.45.105469247\984180338" /prefetch:673131151
C:\Program Files\Sony\VAIO Care/listener.exe /silent /slot=0
"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\msiexec.exe /V
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Play -Embedding
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/Hivemind_A3_Stable_R7_Postperiod/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_51/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5716.2963.2025779138\228036267" /prefetch:673131151
"c:\PROGRA~1\mcafee.com\agent\McUpdate.exe" /schedule
C:\Windows\system32\cmd.exe /c ""C:/Users/Vaio/AppData/Local/Akamai/installer_no_upload_silent.exe" & "C:/Users/Vaio/AppData/Local/Akamai/netsession_win.exe""
"C:/Users/Vaio/AppData/Local/Akamai/netsession_win.exe"
"C:/Users/Vaio/AppData/Local/Akamai/netsession_win.exe" --client
c:\PROGRA~1\mcafee.com\agent\mcagent.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/Hivemind_A3_Stable_R7_Postperiod/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_51/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5716.2980.1294877990\2023385557" /prefetch:673131151
C:\Windows\system32\wbem\WmiApSrv.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/Hivemind_A3_Stable_R7_Postperiod/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_51/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5716.2982.681252043\1766504092" /prefetch:673131151
"C:\Windows\system32\wuauclt.exe" /RunHandlerComServer
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe76_ Global\UsGthrCtrlFltPipeMssGthrPipe76 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\Vaio\Downloads\RSITx64.exe"
c:\windows\system32\svchost.exe -k wersvcgroup

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\PC SpeedUp Service Deactivator.job - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe /dev0 /idle

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-01-03 2471744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3E36436F-86D0-6FA3-D896-2DA98074B23F}]
RemoveAAdsTube - C:\ProgramData\RemoveAAdsTube\lp.x64.dll [2014-02-01 473088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6BD665FE-E37A-4626-E849-963BFE75B876}]
ExSStrraSavings - C:\ProgramData\ExSStrraSavings\27z.x64.dll [2013-12-30 475136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2015-01-03 395696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-20 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{94C7A5A0-18A9-1DD8-8B46-942876EC255D}]
DDEalExxperEss - C:\ProgramData\DDEalExxperEss\n.x64.dll [2014-03-07 475136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2015-01-28 296960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D7879E3D-6CDC-35A9-7C3F-6DAC36AB8FEF}]
AllCheeaAiPPRiicoeo - C:\ProgramData\AllCheeaAiPPRiicoeo\oIuDI.x64.dll [2013-12-30 475136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2015-01-03 54704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3E36436F-86D0-6FA3-D896-2DA98074B23F}]
RemoveAAdsTube - C:\ProgramData\RemoveAAdsTube\lp.dll [2014-02-01 423424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{63FC8E0B-A4EA-8D5C-213D-75007DAA9233}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2015-01-03 362928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-20 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2015-01-28 243912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Surfing Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2014-10-17 669984]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2015-01-03 59824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2015-01-28 296960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2015-01-28 243912]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MouseDriver"=C:\Windows\system32\TiltWheelMouse.exe [2012-12-19 241152]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2011-10-17 226672]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-04-29 657568]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-04-29 790688]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2011-03-29 518784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=C:\Users\Vaio\AppData\Local\Akamai\netsession_win.exe [2014-04-17 4672920]
"cz.seznam.software.szndesktop"=C:\Users\Vaio\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"cz.seznam.software.autoupdate"=C:\Users\Vaio\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"RGSC"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]
"uTorrent"=C:\Users\Vaio\AppData\Roaming\uTorrent\updates\3.4.2_37754.exe [2015-02-03 1374032]
"GoogleChromeAutoLaunch_89795E3EB0F087CBFC7DD184DE478512"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-12-06 856904]
"Advanced SystemCare 8"=C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2014-12-10 2427680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-12-10 472984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11 30877280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Vaio\AppData\Roaming\uTorrent\uTorrent.exe [2015-02-03 1374032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-01 4085896]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2010-11-15 35736]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-02-11 2239376]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"PMBVolumeWatcher"=C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [2010-11-27 648032]
"ISBMgr.exe"=C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2011-02-15 2757312]
"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2010-11-22 1484856]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-09-13 283160]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"20150107"=C:\Program Files\AVAST Software\Avast\setup\emupdate\5b606269-5e60-4f72-be75-81bd70aa4d05.exe [2015-02-18 183232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 3 months======

2015-02-27 13:18:05 ----D---- C:\Program Files\trend micro
2015-02-27 13:18:04 ----D---- C:\rsit
2015-02-14 10:34:55 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-02-14 10:34:54 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-14 10:34:53 ----A---- C:\Windows\system32\jscript9.dll
2015-02-14 10:34:51 ----A---- C:\Windows\system32\jscript9diag.dll
2015-02-12 15:40:03 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-12 15:39:52 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-02-12 15:39:49 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-02-12 15:39:27 ----A---- C:\Windows\system32\srcore.dll
2015-02-12 15:39:27 ----A---- C:\Windows\system32\rstrui.exe
2015-02-12 15:39:12 ----A---- C:\Windows\system32\srclient.dll
2015-02-12 15:39:11 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-02-12 15:36:14 ----A---- C:\Windows\system32\generaltel.dll
2015-02-12 15:36:14 ----A---- C:\Windows\system32\appraiser.dll
2015-02-12 15:36:13 ----A---- C:\Windows\system32\invagent.dll
2015-02-12 15:36:13 ----A---- C:\Windows\system32\aeinv.dll
2015-02-12 15:36:12 ----A---- C:\Windows\system32\devinv.dll
2015-02-12 15:36:12 ----A---- C:\Windows\system32\aitstatic.exe
2015-02-12 15:36:10 ----A---- C:\Windows\system32\aepdu.dll
2015-02-12 15:36:09 ----A---- C:\Windows\system32\aepic.dll
2015-02-12 15:29:19 ----A---- C:\Windows\system32\schannel.dll
2015-02-12 15:29:17 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-12 15:29:17 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-02-12 15:29:16 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-02-12 15:29:16 ----A---- C:\Windows\system32\kerberos.dll
2015-02-12 15:29:15 ----A---- C:\Windows\system32\wdigest.dll
2015-02-12 15:29:15 ----A---- C:\Windows\system32\ncrypt.dll
2015-02-12 15:29:15 ----A---- C:\Windows\system32\msv1_0.dll
2015-02-12 15:29:14 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-02-12 15:29:14 ----A---- C:\Windows\system32\TSpkg.dll
2015-02-12 15:29:13 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-02-12 15:29:12 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-02-12 15:29:10 ----A---- C:\Windows\system32\credssp.dll
2015-02-12 15:29:09 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-02-12 15:24:19 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-02-12 15:24:19 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-02-12 15:24:16 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-02-12 15:24:15 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-02-12 15:24:13 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-02-12 15:24:13 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-12 15:24:12 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-12 15:24:11 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-12 15:24:11 ----A---- C:\Windows\system32\iernonce.dll
2015-02-12 15:24:10 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-12 15:24:10 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-02-12 15:24:04 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-12 15:24:03 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-02-12 15:24:02 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-12 15:24:01 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-12 15:23:54 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-02-12 15:23:53 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-12 15:23:52 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-12 15:23:50 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-12 15:23:50 ----A---- C:\Windows\system32\urlmon.dll
2015-02-12 15:23:45 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-02-12 15:23:44 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-02-12 15:23:44 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-02-12 15:23:40 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-12 15:23:40 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-12 15:23:39 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-02-12 15:23:39 ----A---- C:\Windows\system32\dxtrans.dll
2015-02-12 15:23:38 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-12 15:23:37 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-12 15:23:35 ----A---- C:\Windows\system32\iesetup.dll
2015-02-12 15:23:33 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-12 15:23:27 ----A---- C:\Windows\system32\iertutil.dll
2015-02-12 15:23:25 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-02-12 15:23:22 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-12 15:23:22 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-12 15:23:21 ----A---- C:\Windows\system32\jsproxy.dll
2015-02-12 15:23:19 ----A---- C:\Windows\system32\ieUnatt.exe
2015-02-12 15:23:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-02-12 15:23:09 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-12 15:23:07 ----A---- C:\Windows\system32\ieui.dll
2015-02-12 15:23:05 ----A---- C:\Windows\system32\ieframe.dll
2015-02-12 15:23:03 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-02-12 15:23:03 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-12 15:22:59 ----A---- C:\Windows\system32\vbscript.dll
2015-02-12 15:22:56 ----A---- C:\Windows\system32\wininet.dll
2015-02-12 15:22:53 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-12 15:22:52 ----A---- C:\Windows\system32\msrating.dll
2015-02-12 15:22:49 ----A---- C:\Windows\system32\mshtml.dll
2015-02-12 15:21:03 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-12 15:21:01 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-12 15:20:11 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-12 15:20:11 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-12 15:20:09 ----A---- C:\Windows\system32\adtschema.dll
2015-02-12 15:20:08 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-02-12 15:20:07 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-12 15:20:07 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-02-12 15:20:01 ----A---- C:\Windows\system32\sspicli.dll
2015-02-12 15:20:00 ----A---- C:\Windows\system32\auditpol.exe
2015-02-12 15:19:59 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-02-12 15:19:59 ----A---- C:\Windows\system32\lsass.exe
2015-02-12 15:19:58 ----A---- C:\Windows\system32\sspisrv.dll
2015-02-12 15:19:58 ----A---- C:\Windows\system32\secur32.dll
2015-02-12 15:19:57 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-02-12 15:19:57 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-02-12 15:19:52 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-02-12 15:19:43 ----A---- C:\Windows\system32\msobjs.dll
2015-02-12 15:19:38 ----A---- C:\Windows\system32\msaudite.dll
2015-02-12 15:19:36 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-02-12 15:13:39 ----A---- C:\Windows\system32\crypt32.dll
2015-02-12 15:13:33 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-02-12 15:12:16 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-12 15:12:16 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-12 15:06:46 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-12 15:06:46 ----A---- C:\Windows\system32\scesrv.dll
2015-02-12 15:05:15 ----A---- C:\Windows\system32\win32k.sys
2015-01-16 15:02:18 ----A---- C:\Windows\system32\drivers\iSafeNetFilter.sys
2015-01-16 15:02:18 ----A---- C:\Windows\system32\drivers\iSafeKrnlBoot.sys
2015-01-16 15:02:15 ----D---- C:\Windows\system32\log
2015-01-16 15:02:00 ----D---- C:\Program Files (x86)\Elex-tech
2015-01-16 15:01:59 ----D---- C:\Users\Vaio\AppData\Roaming\Elex-tech
2015-01-14 14:30:34 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 14:30:30 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 14:30:21 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 14:30:20 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-14 14:30:18 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-14 14:30:03 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-04 00:06:30 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-01-04 00:06:30 ----D---- C:\Program Files (x86)\AGEIA Technologies
2015-01-03 23:56:50 ----A---- C:\Windows\system32\npdeployJava1.dll
2015-01-03 23:56:49 ----A---- C:\Windows\system32\javaws.exe
2015-01-03 23:56:49 ----A---- C:\Windows\system32\javaw.exe
2015-01-03 23:56:49 ----A---- C:\Windows\system32\java.exe
2015-01-03 23:56:17 ----D---- C:\Program Files\Java
2015-01-03 23:54:17 ----A---- C:\Windows\SYSWOW64\npdeployJava1.dll
2015-01-03 23:54:16 ----A---- C:\Windows\SYSWOW64\javaws.exe
2015-01-03 23:54:16 ----A---- C:\Windows\SYSWOW64\javaw.exe
2015-01-03 23:54:16 ----A---- C:\Windows\SYSWOW64\java.exe
2015-01-03 23:53:53 ----D---- C:\Program Files (x86)\Java
2015-01-03 23:47:54 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-01-03 23:47:54 ----A---- C:\Windows\system32\nvopencl.dll
2015-01-03 23:47:52 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-01-03 23:47:52 ----A---- C:\Windows\system32\nvoglv64.dll
2015-01-03 23:47:50 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-01-03 23:47:49 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-01-03 23:47:49 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-01-03 23:47:49 ----A---- C:\Windows\system32\NvIFR64.dll
2015-01-03 23:47:49 ----A---- C:\Windows\system32\NvFBC64.dll
2015-01-03 23:47:49 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-01-03 23:47:48 ----A---- C:\Windows\system32\nvdispgenco6434465.dll
2015-01-03 23:47:48 ----A---- C:\Windows\system32\nvdispco6434465.dll
2015-01-03 23:47:47 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-01-03 23:47:47 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-01-03 23:47:47 ----A---- C:\Windows\system32\nvcuvid.dll
2015-01-03 23:47:46 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-01-03 23:47:44 ----A---- C:\Windows\system32\nvcuda.dll
2015-01-03 23:47:42 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-01-03 23:47:36 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-01-03 23:47:35 ----A---- C:\Windows\system32\nvcompiler.dll
2015-01-03 23:47:34 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-01-03 23:46:50 ----A---- C:\Windows\system32\nvhdap64.dll
2015-01-03 23:46:50 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2015-01-03 23:45:33 ----A---- C:\Windows\system32\RtNicProp64.dll
2015-01-03 23:45:32 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2015-01-03 23:45:10 ----A---- C:\Windows\system32\drivers\RtsPStor.sys
2015-01-03 23:45:09 ----A---- C:\Windows\SYSWOW64\RsCRIcon.dll
2015-01-03 23:44:35 ----A---- C:\Windows\system32\drivers\btfilter.sys
2015-01-03 23:42:57 ----A---- C:\Windows\system32\drivers\athrx.sys
2015-01-03 23:21:22 ----D---- C:\Users\Vaio\AppData\Roaming\ProductData
2015-01-03 23:20:54 ----A---- C:\Windows\SYSWOW64\drivers\HWiNFO64A.SYS
2015-01-03 23:20:17 ----D---- C:\Users\Vaio\AppData\Roaming\Apple Computer
2015-01-03 23:19:23 ----D---- C:\ProgramData\ProductData
2015-01-03 23:13:51 ----D---- C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-01-03 23:13:40 ----D---- C:\ProgramData\IObit
2015-01-03 23:12:58 ----D---- C:\Program Files (x86)\IObit
2015-01-03 23:12:55 ----D---- C:\Users\Vaio\AppData\Roaming\IObit
2015-01-02 12:30:23 ----D---- C:\Program Files (x86)\DiGiSauVer
2015-01-02 11:20:43 ----D---- C:\ProgramData\WindowsMangerProtect
2014-12-18 13:42:56 ----SHD---- C:\Config.Msi
2014-12-14 20:14:59 ----D---- C:\Users\Vaio\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2014-12-11 15:45:36 ----D---- C:\Windows\system32\appraiser
2014-12-11 14:32:56 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-11 14:32:52 ----A---- C:\Windows\system32\mf.dll
2014-12-10 14:48:54 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-10 14:41:51 ----A---- C:\Windows\system32\tzres.dll
2014-12-10 14:41:50 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-12-10 14:40:35 ----A---- C:\Windows\system32\charmap.exe
2014-12-10 14:40:33 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-10 14:40:28 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-10 14:40:27 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-10 14:40:26 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-10 14:40:25 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 14:40:25 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 14:40:22 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-10 14:40:21 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-10 14:40:21 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-10 14:40:20 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-10 14:40:20 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-02 09:51:11 ----D---- C:\Users\Vaio\AppData\Roaming\Adobe Mini Bridge CS5
2014-12-02 09:51:09 ----D---- C:\Users\Vaio\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

======List of files/folders modified in the last 3 months======

2015-02-27 13:18:39 ----D---- C:\Windows\Prefetch
2015-02-27 13:18:29 ----D---- C:\Windows\Temp
2015-02-27 13:18:05 ----SHD---- C:\System Volume Information
2015-02-27 13:18:05 ----D---- C:\Program Files
2015-02-27 13:11:17 ----SHD---- C:\Windows\Installer
2015-02-27 13:07:33 ----D---- C:\Program Files (x86)\WinZipper
2015-02-27 13:07:25 ----D---- C:\Windows\winsxs
2015-02-27 13:06:45 ----D---- C:\Windows\system32\config
2015-02-25 11:31:51 ----D---- C:\Program Files (x86)\Steam
2015-02-21 06:36:52 ----D---- C:\Windows\system32\wdi
2015-02-20 14:24:23 ----D---- C:\Program Files (x86)\Origin
2015-02-18 17:23:39 ----D---- C:\Windows\rescache
2015-02-15 11:51:43 ----D---- C:\Users\Vaio\AppData\Roaming\uTorrent
2015-02-15 11:02:18 ----D---- C:\Users\Vaio\AppData\Roaming\Seznam.cz
2015-02-15 10:59:12 ----A---- C:\Windows\SYSWOW64\log.txt
2015-02-15 10:53:51 ----D---- C:\Windows
2015-02-15 10:52:18 ----D---- C:\Windows\SYSWOW64\en-US
2015-02-15 10:52:18 ----D---- C:\Windows\SysWOW64
2015-02-15 10:52:17 ----D---- C:\Windows\system32\en-US
2015-02-15 10:52:17 ----D---- C:\Windows\System32
2015-02-15 10:35:16 ----D---- C:\Windows\system32\catroot2
2015-02-14 11:54:04 ----D---- C:\Users\Vaio\AppData\Roaming\Skype
2015-02-13 19:51:40 ----D---- C:\Windows\Microsoft.NET
2015-02-13 18:39:15 ----RSD---- C:\Windows\assembly
2015-02-13 18:19:45 ----D---- C:\Windows\SoftwareDistribution
2015-02-13 17:58:05 ----D---- C:\Windows\debug
2015-02-13 16:21:07 ----D---- C:\Program Files (x86)\McAfee
2015-02-13 16:14:09 ----SD---- C:\Windows\system32\CompatTel
2015-02-13 16:13:56 ----D---- C:\Windows\system32\cs-CZ
2015-02-13 16:13:52 ----D---- C:\Program Files\Internet Explorer
2015-02-13 16:13:46 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-02-13 16:13:34 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-13 16:13:16 ----D---- C:\Windows\system32\drivers
2015-02-13 16:11:16 ----D---- C:\ProgramData\Package Cache
2015-02-13 16:07:03 ----D---- C:\ProgramData\Microsoft Help
2015-02-13 16:07:01 ----A---- C:\Windows\win.ini
2015-02-13 15:25:37 ----D---- C:\Windows\system32\MRT
2015-02-13 14:23:21 ----A---- C:\Windows\system32\MRT.exe
2015-02-13 13:56:56 ----SD---- C:\Users\Vaio\AppData\Roaming\Microsoft
2015-02-04 21:42:21 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-02-04 19:00:12 ----D---- C:\Windows\inf
2015-02-04 14:08:01 ----D---- C:\Windows\Logs
2015-02-03 18:09:10 ----D---- C:\Windows\Minidump
2015-02-02 22:38:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-31 03:05:06 ----SD---- C:\ProgramData\Microsoft
2015-01-29 13:36:26 ----D---- C:\Users\Vaio\AppData\Roaming\Origin
2015-01-29 13:36:18 ----D---- C:\ProgramData\Origin
2015-01-29 12:59:34 ----D---- C:\Program Files (x86)\Microsoft
2015-01-24 18:46:58 ----RD---- C:\Program Files (x86)
2015-01-24 18:34:33 ----D---- C:\Hry
2015-01-18 09:55:47 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-01-16 14:30:48 ----D---- C:\Users\Vaio\AppData\Roaming\WinZipper
2015-01-06 19:09:40 ----D---- C:\Windows\system32\DriverStore
2015-01-04 20:07:11 ----D---- C:\Users\Vaio\AppData\Roaming\NVIDIA
2015-01-04 11:31:43 ----D---- C:\ProgramData\DiGiSauVer
2015-01-04 11:30:21 ----D---- C:\Windows\system32\catroot
2015-01-04 00:20:08 ----D---- C:\Windows\ModemLogs
2015-01-04 00:20:07 ----D---- C:\Windows\Panther
2015-01-04 00:16:27 ----D---- C:\Users\Vaio\AppData\Roaming\Sony
2015-01-03 23:56:20 ----A---- C:\Windows\system32\deployJava1.dll
2015-01-03 23:54:51 ----D---- C:\Program Files (x86)\Common Files
2015-01-03 23:53:56 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2015-01-03 23:52:04 ----D---- C:\temp
2015-01-03 23:52:02 ----D---- C:\ProgramData\NVIDIA
2015-01-03 23:49:33 ----D---- C:\Program Files\NVIDIA Corporation
2015-01-03 23:47:56 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-01-03 23:47:35 ----A---- C:\Windows\system32\nvapi64.dll
2015-01-03 23:46:50 ----A---- C:\Windows\system32\nvhdagenco6420103.dll
2015-01-03 23:45:33 ----A---- C:\Windows\system32\RTNUninst64.dll
2015-01-03 23:25:44 ----D---- C:\Windows\system32\Tasks
2015-01-03 23:20:54 ----D---- C:\Windows\SYSWOW64\drivers
2015-01-03 23:19:23 ----D---- C:\ProgramData
2015-01-03 23:13:49 ----D---- C:\Windows\Tasks
2015-01-02 12:30:26 ----D---- C:\ProgramData\7b42119b4f829f4f
2014-12-27 15:59:14 ----D---- C:\Users\Vaio\AppData\Roaming\.minecraft
2014-12-23 00:41:02 ----N---- C:\Windows\system32\MpSigStub.exe
2014-12-20 11:59:15 ----D---- C:\ProgramData\Skype
2014-12-20 11:59:04 ----RD---- C:\Program Files (x86)\Skype
2014-12-16 15:48:31 ----RSD---- C:\Windows\Fonts
2014-12-11 15:45:39 ----D---- C:\Windows\AppCompat
2014-12-11 15:45:20 ----D---- C:\Windows\PolicyDefinitions

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-07-20 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-07-20 224896]
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2012-01-12 437272]
R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2010-10-13 529128]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2010-10-13 283360]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-07-20 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-22 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-07-20 427360]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-16 40816]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-01-03 26528]
R1 iSafeKrnl;YAC Mini-Filter Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [2015-01-15 249000]
R1 iSafeKrnlKit;YAC Kit Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [2015-01-15 99496]
R1 iSafeKrnlMon;YAC Monitor Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [2015-01-15 42152]
R1 iSafeKrnlR3;YAC Ring3 Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [2015-01-15 93352]
R1 iSafeNetFilter;YAC NDIS Driver; C:\Windows\system32\DRIVERS\iSafeNetFilter.sys [2015-01-03 52392]
R1 mfenlfk;McAfee NDIS Light Filter; C:\Windows\system32\DRIVERS\mfenlfk.sys [2010-10-13 75032]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-20 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-07-20 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-07-20 92008]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\drivers\Apfiltr.sys [2011-10-17 317776]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2015-01-03 3979776]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\drivers\btath_bus.sys [2011-04-29 29344]
R3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2010-10-13 62800]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2011-03-29 1581184]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2010-10-19 56344]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2010-10-13 121248]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2010-10-13 190136]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2010-10-13 441328]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-01-03 197408]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2015-01-03 359128]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-01-03 941784]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\drivers\SFEP.sys [2010-04-26 12032]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-04-29 36000]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2011-04-29 51872]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-04-29 259232]
S3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2011-04-29 109216]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\drivers\btath_hcrp.sys [2011-04-29 166048]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-04-29 59040]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\drivers\btath_rcp.sys [2011-04-29 283296]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2015-01-03 590024]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-12-28 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 HPMo4DE3;Mouse Suite Driver_4DE3 (WDF Version); C:\Windows\system32\DRIVERS\HPMo4DE3.sys [2011-03-09 25088]
S3 HPub4DE3;USB Mouse Low Filter Driver_4DE3 (WDF Version); C:\Windows\System32\Drivers\HPub4DE3.sys [2011-04-12 18432]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 iSafeKrnlBoot;YAC Boot Driver; C:\Windows\system32\DRIVERS\iSafeKrnlBoot.sys [2015-01-15 45224]
S3 mfeavfk01;McAfee Inc.; C:\Windows\system32\drivers\mfeavfk01.sys []
S3 mferkdet;McAfee Inc. mferkdet; C:\Windows\system32\drivers\mferkdet.sys [2010-10-13 94864]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 t_mouse.sys;HID-compliand device; C:\Windows\system32\DRIVERS\t_mouse.sys [2012-12-19 6144]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService8;Advanced SystemCare Service 8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [2014-11-04 815392]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-04-29 146592]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-04-29 91296]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-20 50344]
R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
R2 iSafeService;YAC Service; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [2015-01-15 120128]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2015-02-12 155368]
R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R2 mcmscsvc;McAfee Services; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R2 McNASvc;McAfee Network Agent; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R2 McShield;McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2010-10-13 200056]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-10-13 245352]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2010-10-13 149032]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-11-03 935232]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-03-20 76888]
R2 SampleCollector;VAIO Care Performance Service; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
R2 SOHCImp;VAIO Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [2011-03-05 64704]
R2 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-19 549616]
R2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-18 385336]
R3 SOHDs;VAIO Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-02-21 67232]
R3 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-02-19 835776]
R3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S2 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-30 116648]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-12-10 2631456]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-30 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 McAWFwk;McAfee Activation Service; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [2010-08-09 220528]
S3 McODS;McAfee Scanner; C:\Program Files\mcafee\VirusScan\mcods.exe [2010-10-07 509416]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-02-20 1910640]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
S4 McOobeSv;McAfee OOBE Service; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o preventivku

#2 Příspěvek od Márty84 »

Zdravim :)

Je tam toho dost :boxed:

:arrow: Ze vseho nejdrive odinstalujte Advanced SystemCare a pripadne vse od IObit. Dokaze to nadelat vice skody, nez uzitku :roll:

:arrow: Pokud nepouzivate, odinstalujte Akamai a Seznam Software

:arrow: Odinstalujte jeden z antiviru, bezi vam tam Avast a McAfee. Perou se mezi sebou a nedela to dobrotu.


:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
TheLafroms
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 27 úno 2015 13:13
Bydliště: Moravskoslezský Kraj

Re: Prosím o preventivku

#3 Příspěvek od TheLafroms »

Děkuju za rady, všechno jsem postupně udělal, doufám že správně...

Zde je ten dálší log:

# AdwCleaner v4.111 - Logfile created 27/02/2015 at 23:36:02
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Vaio - SONY-VAIO
# Running from : C:\Users\Vaio\Desktop\adwcleaner_4.111.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : WindowsMangerProtect
Service Deleted : winzipersvc
Service Deleted : iSafeKrnlMon

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\~Browser Manager
Folder Deleted : C:\ProgramData\Babylon
[#] Folder Deleted : C:\ProgramData\Browser Manager
Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\ProgramData\IePluginService
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\wincert
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\ProgramData\WPM
Folder Deleted : C:\ProgramData\AllCheeaAiPPRiicoeo
Folder Deleted : C:\ProgramData\DDEalExxperEss
Folder Deleted : C:\ProgramData\DiGiSauVer
Folder Deleted : C:\ProgramData\ExSStrraSavings
Folder Deleted : C:\ProgramData\safe essave
Folder Deleted : C:\ProgramData\7b42119b4f829f4f
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveAs
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zrychleni Pocitace
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\LSHunter.TV
Folder Deleted : C:\Program Files (x86)\Search Results Toolbar
Folder Deleted : C:\Program Files (x86)\SoftwareUpdater
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Program Files (x86)\Unitech LLC
Folder Deleted : C:\Program Files (x86)\WinZipper
[!] Folder Deleted : C:\Program Files (x86)\Elex-tech
Folder Deleted : C:\Program Files (x86)\DiGiSauVer
Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\okitspace
Folder Deleted : C:\Users\Vaio\AppData\Local\Conduit
Folder Deleted : C:\Users\Vaio\AppData\Local\torch
Folder Deleted : C:\Users\Vaio\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Vaio\AppData\LocalLow\Softonic
Folder Deleted : C:\Users\Vaio\AppData\LocalLow\Unitech LLC
Folder Deleted : C:\Users\Vaio\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Vaio\AppData\Roaming\SupTab
Folder Deleted : C:\Users\Vaio\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Vaio\AppData\Roaming\Unitech LLC
Folder Deleted : C:\Users\Vaio\AppData\Roaming\WinZipper
[!] Folder Deleted : C:\Users\Vaio\AppData\Roaming\Elex-tech
Folder Deleted : C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LSHunter.TV
[!] Folder Deleted : C:\Users\Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\freehdsport@freehdsport.tv.xpi
[!] Folder Deleted : C:\Users\Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\torntv@torntv.com.xpi
[!] Folder Deleted : C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx
Folder Deleted : C:\ProgramData\gjccfdcndlhigffagklmkldbdlkhoacc
File Deleted : C:\END
File Deleted : C:\Windows\System32\drivers\iSafeKrnlBoot.sys
File Deleted : C:\Windows\System32\log\iSafeKrnlCall.log
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Windows\System32\Drivers\iSafeNetFilter.sys
File Deleted : C:\Users\Vaio\daemonprocess.txt
File Deleted : C:\Users\Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\WebSearch.xml
File Deleted : C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx
File Deleted : C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
File Deleted : C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_home.sweetim.com_0.localstorage
File Deleted : C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
File Deleted : C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage

***** [ Scheduled tasks ] *****

Task Deleted : PC SpeedUp Service Deactivator

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Vaio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registry ] *****

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{B64982B1-D112-42B5-B1E4-D3867C4533F8}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [OKitSpace@OKitSpace.es]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bgnnidmnbdkmhfkjgdnngciimpdgohok
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lbidgdoiglndbjlcnnifemecdhnpeabo
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\OKitSpace.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\I
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginService
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Key Deleted : HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
Key Deleted : HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
Key Deleted : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
Key Deleted : HKCU\Software\e57d8d8b035e813
Key Deleted : HKLM\SOFTWARE\e57d8d8b035e813
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{ef0abbff}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{685F23D9-FCFD-475C-B56A-362645945C5A}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{90A52F08-64AC-4DC6-9D7D-4516670275D3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8B8B2E80-1444-451D-AC8E-EB9A847F3887}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A27F1D28-E4EE-A002-95FB-7C8F053893E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A27F1D28-E4EE-A002-95FB-7C8F053893E8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A27F1D28-E4EE-A002-95FB-7C8F053893E8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428A-92C9-0CFC28B9D1BF}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{48A95188-730A-46D5-9E9F-4174945B785B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{48A95188-730A-46D5-9E9F-4174945B785B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Conduit
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\iVIDI Plugin
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\Speedchecker Limited
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\torch
Key Deleted : HKCU\Software\Unitech LLC
Key Deleted : HKCU\Software\V9
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\delta-homesSoftware
Key Deleted : HKLM\SOFTWARE\DeviceVM
Key Deleted : HKLM\SOFTWARE\dosearchessoftware
Key Deleted : HKLM\SOFTWARE\hdcode
Key Deleted : HKLM\SOFTWARE\IePlugin
Key Deleted : HKLM\SOFTWARE\iLividSRTB
Key Deleted : HKLM\SOFTWARE\OKitSpace
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\SafetyNut
Key Deleted : HKLM\SOFTWARE\SoftwareUpdater
Key Deleted : HKLM\SOFTWARE\SP Global
Key Deleted : HKLM\SOFTWARE\SProtector
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\supWPM
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\torch
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Unitech LLC
Key Deleted : HKLM\SOFTWARE\V9
Key Deleted : HKLM\SOFTWARE\Vittalia
Key Deleted : HKLM\SOFTWARE\winzipersvc
Key Deleted : HKLM\SOFTWARE\Wpm
Key Deleted : HKLM\SOFTWARE\Elex-tech
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7223EDAC-E091-B3C1-BD91-B66CE557800F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SupTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ividi
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:0

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17631

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v

[0\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
[0\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
[0\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://isearch.avg.com/?cid={BE7C5070-9DCE-4517-B564-4FFE24461085}&mid=2f8b95ff6ab247d0be38a9cd7a192bd9-d23cb62fc772c3114ff316434bf85a48eb849805&lang=cs&ds=AVG&p[...]
[0\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://websearch.mocaflix.com/");
[0\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "WebSearch");
[0\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "WebSearch");
[0\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "WebSearch");
[0\prefs.js] - Line Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.mocaflix.com/?l=1&q=");
[0\prefs.js] - Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");
[0\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
[0\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
[0\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid={BE7C5070-9DCE-4517-B564-4FFE24461085}&mid=2f8b95ff6ab247d0be38a9cd7a192bd9-d23cb62fc772c3114ff316434bf85a48eb849805&lang=cs&ds=AVG&pr=fr&d=[...]

-\\ Google Chrome v39.0.2171.95

[C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.ividi.org/?q={searchTerms}&src=tbsp&id=ea61494b00000000000064273799a7b7&affilt=3
[C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.mocaflix.com/?l=1&q={searchTerms}
[C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.mocaflix.com/?l=1&q={searchTerms}
[C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&a ... 273799A7B7
[C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.dosearches.com/web/?utm_source=b&utm_medium=vit&utm_campaign=eXQ&utm_content=ds&from=vit&uid=HitachiXHTS547575A9E384_J2540054JPY30EJPY30EX&ts=1383050104&type=default&q={searchTerms}
[C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=209&systemid=488&v=n12521-390&apn_uid=3845210090244110&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms}
[C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1420194055&from=wpm12311&uid=HitachiXHTS547575A9E384_J2540054JPY30EJPY30EX&q={searchTerms}
[C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.v9.com/web?type=ds&ts=1423491752&fr ... Y5LmNvbQ==

*************************

AdwCleaner[R0].txt - [25631 bytes] - [27/02/2015 23:24:37]
AdwCleaner[S0].txt - [23467 bytes] - [27/02/2015 23:36:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [23527 bytes] ##########
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o preventivku

#4 Příspěvek od Márty84 »

:arrow: Postupujte podle navodu kolegy
vyosek píše: :arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

:arrow: Postupujte podle navodu kolegy
vyosek píše: :arrow: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do okna vlozte skript nize

  • Kód: Vybrat vše

    autoclean;
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
  • Nasledne kliknete na Run Script
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
TheLafroms
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 27 úno 2015 13:13
Bydliště: Moravskoslezský Kraj

Re: Prosím o preventivku

#5 Příspěvek od TheLafroms »

JRT LOG -

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Home Premium x64
Ran by Vaio on so 28.02.2015 at 10:22:19,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{1A231098-9625-453C-B07A-3152FE33095A}
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2005D524-C2E1-46F8-8C16-32D8302734E6}
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{48A95188-730A-46D5-9E9F-4174945B785B}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2005D524-C2E1-46F8-8C16-32D8302734E6}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{63FC8E0B-A4EA-8D5C-213D-75007DAA9233}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{63FC8E0B-A4EA-8D5C-213D-75007DAA9233}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{2005D524-C2E1-46F8-8C16-32D8302734E6}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{63FC8E0B-A4EA-8D5C-213D-75007DAA9233}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{63FC8E0B-A4EA-8D5C-213D-75007DAA9233}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2005D524-C2E1-46F8-8C16-32D8302734E6}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}



~~~ Files

Successfully deleted: [File] "C:\Windows\wininit.ini"



~~~ Folders

Failed to delete: [Folder] "C:\Users\Vaio\AppData\Roaming\elex-tech"
Successfully deleted: [Folder] "C:\Users\Vaio\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Vaio\appdata\locallow\datamngr"
Failed to delete: [Folder] "C:\Program Files (x86)\elex-tech"
Successfully deleted: [Empty Folder] C:\Users\Vaio\appdata\local\{ECF25BEB-F0CD-4240-A09C-8AE87A455BE6}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 28.02.2015 at 10:30:54,62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




Zoek LOG -

Zoek.exe v5.0.0.0 Updated 26-February-2015
Tool run by Vaio on so 28.02.2015 at 10:42:26,15.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Vaio\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

28.2.2015 10:45:43 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\ArcSoft deleted successfully
C:\PROGRA~2\Realtek deleted successfully
C:\PROGRA~2\Seznam.cz deleted successfully
C:\PROGRA~3\4shared Desktop deleted successfully
C:\PROGRA~3\TurboNet deleted successfully
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully
C:\Users\Vaio\AppData\Roaming\Publish Providers deleted successfully
C:\Users\Vaio\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2031072889-3319558428-2376867894-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_USERS\S-1-5-21-2031072889-3319558428-2376867894-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_USERS\S-1-5-21-2031072889-3319558428-2376867894-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} deleted successfully
HKEY_USERS\S-1-5-21-2031072889-3319558428-2376867894-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} deleted successfully
HKEY_USERS\S-1-5-21-2031072889-3319558428-2376867894-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully
HKEY_USERS\S-1-5-21-2031072889-3319558428-2376867894-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully
HKEY_USERS\S-1-5-21-2031072889-3319558428-2376867894-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully
HKEY_USERS\S-1-5-21-2031072889-3319558428-2376867894-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2031072889-3319558428-2376867894-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_USERS\S-1-5-21-2031072889-3319558428-2376867894-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} deleted successfully
HKEY_USERS\S-1-5-21-2031072889-3319558428-2376867894-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully
HKEY_USERS\S-1-5-21-2031072889-3319558428-2376867894-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully
HKEY_USERS\S-1-5-21-2031072889-3319558428-2376867894-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{2EECD738-5844-4A99-B4B6-146BF802613B} deleted successfully
HKEY_USERS\S-1-5-21-2031072889-3319558428-2376867894-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} deleted successfully
HKEY_USERS\S-1-5-21-2031072889-3319558428-2376867894-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{73d50225-04ec-4493-93c8-bf88be8dd196} deleted successfully
HKEY_USERS\S-1-5-21-2031072889-3319558428-2376867894-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully
HKEY_USERS\S-1-5-21-2031072889-3319558428-2376867894-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully
HKEY_USERS\S-1-5-21-2031072889-3319558428-2376867894-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js:

Added to C:\Users\Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

Added to C:\Users\Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\ArcSoft not found
C:\PROGRA~2\Realtek not found
C:\PROGRA~2\Seznam.cz not found
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} not found
C:\Users\Vaio\AppData\LocalLow\{3E36436F-86D0-6FA3-D896-2DA98074B23F} deleted
C:\Users\Vaio\AppData\LocalLow\{6BD665FE-E37A-4626-E849-963BFE75B876} deleted
C:\Users\Vaio\AppData\LocalLow\{87DE954C-4BB0-B4E1-AF3A-691EBE0165C9} deleted
C:\Users\Vaio\AppData\LocalLow\{D7879E3D-6CDC-35A9-7C3F-6DAC36AB8FEF} deleted
C:\Users\Vaio\AppData\Local\Packages\windows_ie_ac_001\AC\{3E36436F-86D0-6FA3-D896-2DA98074B23F} deleted
C:\Users\Vaio\AppData\Local\Packages\windows_ie_ac_001\AC\{6BD665FE-E37A-4626-E849-963BFE75B876} deleted
C:\Users\Vaio\AppData\Local\Packages\windows_ie_ac_001\AC\{87DE954C-4BB0-B4E1-AF3A-691EBE0165C9} deleted
C:\Users\Vaio\AppData\Local\Packages\windows_ie_ac_001\AC\{94C7A5A0-18A9-1DD8-8B46-942876EC255D} deleted
C:\Users\Vaio\AppData\Local\Packages\windows_ie_ac_001\AC\{D7879E3D-6CDC-35A9-7C3F-6DAC36AB8FEF} deleted
C:\PROGRA~3\RemoveAAdsTube deleted
C:\PROGRA~2\Vaio Experience Assistant deleted
C:\Combatarms_eu.exe deleted
C:\found.000 deleted
C:\found.001 deleted
C:\Users\Vaio\AppData\Roaming\eCyber deleted
C:\Users\Vaio\AppData\Roaming\ProductData deleted
C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Mobogenie deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\cache deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
C:\Windows\sysWoW64\config\systemprofile\Documents\Mobogenie deleted
"C:\PROGRA~3\ppgfpoohmldbggbpcgphbileefegeggk\ppgfpoohmldbggbpcgphbileefegeggk.crx" deleted
"C:\PROGRA~3\ppgfpoohmldbggbpcgphbileefegeggk\update.xml" deleted
"C:\PROGRA~3\ppgfpoohmldbggbpcgphbileefegeggk" deleted
"C:\Users\Vaio\AppData\LocalLow\4shared.com_WI2" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\0
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [20.07.2014 11:35]

==== Firefox Extensions ======================

ExtDir: C:\Users\Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- GoPhotoIt - %ExtDir%\gophoto@gophoto.it.xpi

==== Firefox Plugins ======================


==== Deleted Firefox Extensions ======================

C:\Users\Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\gophoto@gophoto.it.xpi deleted

==== Chromium Look ======================

Google Chrome Version: 39.0.2171.95 (Possible outdated, latest Stable version: 40.0.2214.115)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bbjhkdmplcjgfanmmlengfnnebkoigea - C:\Users\Vaio\AppData\Local\CRE\bbjhkdmplcjgfanmmlengfnnebkoigea.crx[]
egdcghingbgoolmjnogamfeaochimegh - C:\ProgramData\SaveAs\egdcghingbgoolmjnogamfeaochimegh.crx[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[20.07.2014 11:34]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14.07.2014 17:22]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
bbjhkdmplcjgfanmmlengfnnebkoigea - C:\Users\Vaio\AppData\Local\CRE\bbjhkdmplcjgfanmmlengfnnebkoigea.crx[]

Nordic Forest - Vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\amekpplpfocpmaimnmgfjoibodpjedie
AdBlock - Vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Avast Online Security - Vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

==== Chromium Fix ======================

C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_searches.qone8.com_0.localstorage deleted successfully
C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_browsetosave.info_0.localstorage deleted successfully
C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.adbutter.net_0.localstorage deleted successfully
C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.addtoany.com_0.localstorage deleted successfully
C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.adtaily.pl_0.localstorage deleted successfully
C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.earthcamcdn.com_0.localstorage deleted successfully
C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.me.zing.vn_0.localstorage deleted successfully
C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.tumblr.com_0.localstorage deleted successfully
C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_t.goadservices.com_0.localstorage deleted successfully
C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.avg.com_0.localstorage deleted successfully
C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_assassins-creed-3-trailer.en.softonic.com_0.localstorage deleted successfully
C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pes-2012.en.softonic.com_0.localstorage deleted successfully
C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_b.scorecardresearch.com_0.localstorage deleted successfully
C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_omigaplus.inspsearch.com_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.cz/?gws_rd=ssl"
"Search Page"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.delta-homes.com/?utm_source= ... 1393443704"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.delta-homes.com/?utm_source= ... 1393443704"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.google.cz/?gws_rd=ssl"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="Not_Found"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="Not_Found"
{0D2228F5-2708-4E24-B421-3DDC34C13146} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454"
{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Delta Search Url="http://www.delta-search.com/?q={searchT ... 273799A7B7"
{1A231098-9625-453C-B07A-3152FE33095A} Seznam Url="http://search.seznam.cz/?q={searchTerms ... arch_12454"
{2005D524-C2E1-46F8-8C16-32D8302734E6} Dogpile Url="http://www.dogpile.com/search/web?fcoid ... earchTerms}"
{33BB0A4E-99AF-4226-BDF6-49120163DE86} delta-homes Url="http://search.delta-homes.com/web/?type ... earchTerms}"
{425ED333-6083-428a-92C9-0CFC28B9D1BF} V9 Url="http://www.v9.com/web?type=ds&ts=142349 ... earchTerms}"
{429A3A86-3928-40C1-B2AC-3A37131DA792} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_12454"
{483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown Url="Not_Found"
{48A95188-730A-46D5-9E9F-4174945B785B} Search Url="http://search.ividi.org/?q={searchTerms ... lt=3&r=932"
{55319D9C-C1F2-4ED9-82AC-912AF0C2A5D5} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_12454"
{96EAB9F3-0A03-4869-9037-92ACA4E96AB2} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_12454"
{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Unknown Url="Not_Found"
{A4CA16F0-11DB-4EF1-9A97-2E245E9A6524} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_12454"
{D3AC24BE-67B5-426D-AE59-5B230B2A882E} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_12454"
{DB0D43DF-E73E-48D7-B5DF-3736CBF95EAE} eBay Url="http://rover.ebay.com/rover/1/14361-113 ... earchTerms}"
{DFA217F2-B634-4049-81F4-5E7683D62C0C} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_12454"
{EA2E2BA3-CC8A-4643-8B11-AB5C83483475} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_12454"

==== Reset Google Chrome ======================

C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Preferences will be reset at reboot
C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2031072889-3319558428-2376867894-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3E36436F-86D0-6FA3-D896-2DA98074B23F} deleted successfully
HKEY_USERS\S-1-5-21-2031072889-3319558428-2376867894-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3E36436F-86D0-6FA3-D896-2DA98074B23F} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E36436F-86D0-6FA3-D896-2DA98074B23F} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E36436F-86D0-6FA3-D896-2DA98074B23F} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{3E36436F-86D0-6FA3-D896-2DA98074B23F} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3E36436F-86D0-6FA3-D896-2DA98074B23F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3E36436F-86D0-6FA3-D896-2DA98074B23F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3E36436F-86D0-6FA3-D896-2DA98074B23F} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FAB3694E-AC7D-2648-C4A3-E45F21504BB8} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{53CFB8AA-9803-E7B5-B02B-4162B6202124} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8F65D99F-6A5B-A7F9-F6A3-E74020DD2AEE} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B2E201DB-E893-99EB-CF6C-6B3D53CECA06} deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bbjhkdmplcjgfanmmlengfnnebkoigea deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\egdcghingbgoolmjnogamfeaochimegh deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\bbjhkdmplcjgfanmmlengfnnebkoigea deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Vaio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Vaio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=482 folders=99 3537002548 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\SONY\AppData\Local\temp emptied successfully
C:\Users\Vaio\AppData\Local\Temp will be emptied at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Vaio\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Preferences" not found
"C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on so 28.02.2015 at 12:27:11,95 ======================
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o preventivku

#6 Příspěvek od Márty84 »

:arrow: Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
TheLafroms
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 27 úno 2015 13:13
Bydliště: Moravskoslezský Kraj

Re: Prosím o preventivku

#7 Příspěvek od TheLafroms »

Log je zde, jestli bude vadit anglický jazyk, udělám to klidně znovu v češtině ...

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 28.2.2015
Scan Time: 13:14:12
Logfile: log.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.02.28.02
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Vaio

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 789414
Time Elapsed: 6 hr, 7 min, 19 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 16
PUP.Optional.Babylon.A, HKU\S-1-5-21-2031072889-3319558428-2376867894-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, , [8c46ef347713b581f254d73caf54a45c],
PUP.Optional.SweetPacks.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EEE6C360-6118-11DC-9C72-001320C79847}, , [1fb34ad9a9e1ba7c32074709d62d0bf5],
PUP.Optional.iVIDI.A, HKLM\SOFTWARE\CLASSES\esrv.ividiESrvc, , [d4fe67bc761442f4f881569054af25db],
PUP.Optional.iVIDI.A, HKLM\SOFTWARE\CLASSES\esrv.ividiESrvc.1, , [b71b6cb7d1b970c6d7a219cd40c3a65a],
PUP.Optional.Ividi.A, HKLM\SOFTWARE\CLASSES\ividi.ividiappCore, , [2ea474af9af0f93d6a35d217c043629e],
PUP.Optional.Ividi.A, HKLM\SOFTWARE\CLASSES\ividi.ividiappCore.1, , [52802bf8aae069cd76295f8aa063c937],
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [b51d5ec5cdbd0630d2e58e7c31d405fb],
PUP.Optional.iVIDI.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.ividiESrvc, , [636ffc276327d363780129bdbf44ab55],
PUP.Optional.iVIDI.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.ividiESrvc.1, , [daf853d0bcce93a36415c02619eaaa56],
PUP.Optional.Ividi.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ividi.ividiappCore, , [369c5dc6127879bd9f0044a5887bac54],
PUP.Optional.Ividi.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ividi.ividiappCore.1, , [ce04aa79becc1323fea1b03908fb31cf],
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [b2200e150981be78793e0efcd530ca36],
PUP.Optional.FastSearchings, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, , [745e2bf8abdf1a1c5efa62be3acb51af],
PUP.Optional.SoftwareUpdater.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\srvBrowserProtect, , [5a7871b28604ba7c9ee6e4c7a55eff01],
PUP.Optional.Ividi.A, HKU\S-1-5-21-2031072889-3319558428-2376867894-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\iVIDI.org, , [ddf5d152e5a5fb3b9a0bd217be45b64a],
PUP.Optional.Qone8, HKU\S-1-5-21-2031072889-3319558428-2376867894-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [369cce550a8032043185858526df639d],

Registry Values: 0
(No malicious items detected)

Registry Data: 5
PUP.Optional.Delta.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://go.microsoft.com/fwlink/?LinkId= ... 1393443704, Good: (www.google.com), Bad: (http://go.microsoft.com/fwlink/?LinkId= ... 1393443704),,[e8eaa97a5b2fda5c4769dafabb4a2ed2]
PUP.Optional.Delta.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|CustomizeSearch, http://search.delta-homes.com/web/?type ... earchTerms}, Good: (www.google.com), Bad: (http://search.delta-homes.com/web/?type ... earchTerms}),,[7d553de66525979fd7db5183c24345bb]
PUP.Optional.Delta.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://search.delta-homes.com/web/?type ... earchTerms}, Good: (www.google.com), Bad: (http://search.delta-homes.com/web/?type ... earchTerms}),,[d9f9b76c6d1d79bdcfe564708f76d828]
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.delta-homes.com/?utm_source= ... 1393443704, Good: (www.google.com), Bad: (http://www.delta-homes.com/?utm_source= ... 1393443704),,[874b79aa5c2e7cbab2fa7064ca3b9c64]
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://go.microsoft.com/fwlink/?LinkId= ... 1393443704, Good: (www.google.com), Bad: (http://go.microsoft.com/fwlink/?LinkId= ... 1393443704),,[8b4739ea98f233037f31676d1ce99769]

Folders: 0
(No malicious items detected)

Files: 32
PUP.RiskwareTool.CK, C:\Adobe After Effects CS6\Adobe After Effects CS6 11.0.0.378 LS7 Multilanguage [ChingLiu]\Cracked dll\amtlib.dll, , [e4ee68bbaedccb6b4c63efbbc53de51b],
PUP.Optional.Vittalia, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SoftwareUpdater\AppsUpdater.exe.vir, , [478bde453b4f3df9bc104b7a53ae5fa1],
PUP.Optional.Vittalia, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SoftwareUpdater\KeyGen.dll.vir, , [31a1a0833852f343a8e139a8df228779],
PUP.Optional.Vittalia, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SoftwareUpdater\uninstall.exe.vir, , [02d064bfdfab1323dafabd8e07fbdc24],
PUP.Optional.Vittalia, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SoftwareUpdater\UpdaterService.exe_old.vir, , [9a3869bae7a3979f07c4903511f00000],
PUP.Optional.IePluginService.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe.vir, , [983add46dfabff37644e017ea65bd030],
PUP.Optional.Montiera, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\ividiApp.dll.vir, , [f8da0221f69464d219d2b59d45bca45c],
PUP.Optional.Montiera, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\ividiEng.dll.vir, , [5d754bd8acde2c0a6586e2703dc46898],
PUP.Optional.Montiera, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\ividisrv.exe.vir, , [e6ec52d1fb8fee48519a1c36cf32d42c],
PUP.Optional.Montiera, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll.vir, , [89492102c1c9280e3daebb97669b7789],
PUP.Optional.MultiPlug.A, C:\AdwCleaner\Quarantine\C\ProgramData\AllCheeaAiPPRiicoeo\oIuDI.x64.dll.vir, , [686a38ebb5d5e45255597af9b54c14ec],
PUP.Optional.MultiPlug.A, C:\AdwCleaner\Quarantine\C\ProgramData\DDEalExxperEss\n.x64.dll.vir, , [e1f19c873c4ec37306a8383b9869f30d],
PUP.Optional.MultiPlug.A, C:\AdwCleaner\Quarantine\C\ProgramData\ExSStrraSavings\27z.x64.dll.vir, , [d7fb80a38901a78f9d11d79c7a87db25],
PUP.Optional.IePluginService.A, C:\AdwCleaner\Quarantine\C\ProgramData\IePluginService\PluginService.exe.vir, , [cd0572b12862bb7b11a180ff6e933ec2],
PUP.Optional.MultiPlug.A, C:\AdwCleaner\Quarantine\C\ProgramData\safe essave\51f02081e385d.dll.vir, , [9240051eff8b2a0c142676ba8f726d93],
PUP.Optional.MultiPlug.A, C:\AdwCleaner\Quarantine\C\ProgramData\safe essave\51f022813f983.dll.vir, , [9c36b86bf892b77f87b3af81e021c33d],
PUP.Optional.WpManager, C:\AdwCleaner\Quarantine\C\ProgramData\WPM\wprotectmanager.exe.vir, , [537ff92a90fab68073f8ccbedf229f61],
PUP.Optional.SupTab.A, C:\AdwCleaner\Quarantine\C\Users\Vaio\AppData\Roaming\SupTab\SupTab.dll.vir, , [478bfd268307aa8c804aeb4af9077d83],
PUP.Optional.Adload, C:\AdwCleaner\Quarantine\C\Users\Vaio\AppData\Roaming\WinZipper\update\zip_update_v1.5.83.exe.vir, , [d002c65d14766bcbb1aa3ae610f223dd],
PUP.Optional.Vittalia, C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\config\systemprofile\AppData\Roaming\okitspace\protect\updateSrv\PluginProtect.exe.vir, , [3999a281a0ea0a2c9fef6ffb0ef3cb35],
PUP.Optional.MultiPlug, C:\Qoobox\Quarantine\C\ProgramData\ExsTraCoouipona\TIk7.dll.vir, , [2fa326fdd9b17eb838f7991f14ed7c84],
PUP.Optional.MultiPlug, C:\Qoobox\Quarantine\C\ProgramData\ExsTraCoouipona\TIk7.x64.dll.vir, , [eee4cf54bdcd79bdc26e36825ca5a55b],
PUP.RiskwareTool.CK, C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\amtlib.dll, , [25ad2cf7bbcf2a0c515e6c3e13ef7888],
RiskWare.Tool.CK, C:\Program Files (x86)\Attomey\metin2client.bin, , [18baeb38e1a9b38344733f33a15f0df3],
RiskWare.Tool.CK, C:\Program Files (x86)\Attomey\metin2client.exe, , [ede565be4b3f999d61562b47c63af50b],
PUP.Optional.OneClickDownloader.A, C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000000, , [755d0023f397340292f972c9fd04857b],
RiskWare.Tool.CK, C:\Users\Vaio\Downloads\metin2client.bin, , [f6dcca599feb4aecbff81d557d8324dc],
Flooder.SpamBot, C:\Users\Vaio\Downloads\â?a Instalace & Hry â?a\WinRARy\Switch-Bot.rar, , [0ac8ab787a107db92fead504a957768a],
PUP.Optional.MultiPlug.A, C:\zoek_backup\C_PROGRA~3_RemoveAAdsTube\lp.dll, , [12c0ea395832ba7ce9c5254e857cbf41],
PUP.Optional.MultiPlug.A, C:\zoek_backup\C_PROGRA~3_RemoveAAdsTube\lp.x64.dll, , [b61c0c177a10da5c7d311c571ee3c040],
Adware.Agent, C:\zoek_backup\C_PROGRA~3_InstallMate\{461E27D5-60D8-4D4F-AFA4-28FA9DFD0523}\Custom.dll, , [785aaf74038741f5d9870a6e946d669a],
Adware.Agent, C:\zoek_backup\C_PROGRA~3_InstallMate\{473D4ECB-D96C-4BE4-A90F-914E9CDE6C3D}\Custom.dll, , [a032f42f9ded81b5e7790f69b948cc34],

Physical Sectors: 0
(No malicious items detected)


(end)
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o preventivku

#8 Příspěvek od Márty84 »

Anglicky jazyk nevadi :)

Vsechny nalezy hodte do karanteny. Po restartu pc test s MBAM zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
TheLafroms
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 27 úno 2015 13:13
Bydliště: Moravskoslezský Kraj

Re: Prosím o preventivku

#9 Příspěvek od TheLafroms »

Všechny nálezy jsem hodil do karantény, restartoval jsem pc, zopakoval jsem MBAM test zde:

Tentokrát tam nebylo tlačitko "Exportovat Záznam", takže jsem nedostal žádný log ve formátu .txt
Místo toho tam bylo napsáno : MBAM dokončil skenování vašeho počítače, Prohledávání bylo úspěšné dokončeno. Nebyly detekovány žádné hrozby.
Mám odstranit soubory z karantény? Co dále? :)
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o preventivku

#10 Příspěvek od Márty84 »

TheLafroms píše:Mám odstranit soubory z karantény?
Muzete.


:arrow: Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach :)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
TheLafroms
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 27 úno 2015 13:13
Bydliště: Moravskoslezský Kraj

Re: Prosím o preventivku

#11 Příspěvek od TheLafroms »

Nevím čím to je, ale stránka mi nejde otevřít.
http://forum.viry.cz/viewtopic.php?f=13&t=133100 --> http://vyosek.tym.cz/pro_usery/FRSTLauncher.exe
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o preventivku

#12 Příspěvek od Márty84 »

Je to timto http://forum.viry.cz/viewtopic.php?f=31 ... 5#p1383445

Pokud to jeste nepujde, dejte log jen z FRST, bez pouziti Launcheru.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
TheLafroms
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 27 úno 2015 13:13
Bydliště: Moravskoslezský Kraj

Re: Prosím o preventivku

#13 Příspěvek od TheLafroms »

Omlouvam se za neaktivitu, log je zde :-)




Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Vaio (administrator) on SONY-VAIO on 11-03-2015 13:54:40
Running from C:\Users\Vaio\Desktop
Loaded Profiles: Vaio (Available profiles: Vaio)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\Admload.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2011-10-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-01] (AVAST Software)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2014-02-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKU\S-1-5-21-2031072889-3319558428-2376867894-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\Vaio\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-2031072889-3319558428-2376867894-1001\...\Run: [RGSC] => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [305064 2008-11-14] (Take-Two Interactive Software, Inc.)
HKU\S-1-5-21-2031072889-3319558428-2376867894-1001\...\Run: [uTorrent] => C:\Users\Vaio\AppData\Roaming\uTorrent\updates\3.4.2_37754.exe [1374032 2015-02-03] (BitTorrent Inc.)
HKU\S-1-5-21-2031072889-3319558428-2376867894-1001\...\Run: [GoogleChromeAutoLaunch_89795E3EB0F087CBFC7DD184DE478512] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-17] (Google Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2031072889-3319558428-2376867894-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [.DEFAULT] => 80.242.214.149:3128
ProxyServer: [S-1-5-19] => http=127.0.0.1:0
ProxyServer: [S-1-5-20] => http=127.0.0.1:0
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... ar=msnhome
HKU\S-1-5-21-2031072889-3319558428-2376867894-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/?gws_rd=ssl
HKU\S-1-5-21-2031072889-3319558428-2376867894-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://sony.msn.com
URLSearchHook: HKLM-x32 - (No Name) - {73d50225-04ec-4493-93c8-bf88be8dd196} - No File
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ie ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/web?type=ds&ts=142349 ... earchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {2005D524-C2E1-46F8-8C16-32D8302734E6} URL = ${SEARCH_URL}{searchTerms}
SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/web?type=ds&ts=142349 ... earchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ie ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2031072889-3319558428-2376867894-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2031072889-3319558428-2376867894-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL =
SearchScopes: HKU\S-1-5-21-2031072889-3319558428-2376867894-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2031072889-3319558428-2376867894-1001 -> {0D2228F5-2708-4E24-B421-3DDC34C13146} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
SearchScopes: HKU\S-1-5-21-2031072889-3319558428-2376867894-1001 -> {1A231098-9625-453C-B07A-3152FE33095A} URL = http://search.seznam.cz/?q={searchTerms ... arch_12454
SearchScopes: HKU\S-1-5-21-2031072889-3319558428-2376867894-1001 -> {2005D524-C2E1-46F8-8C16-32D8302734E6} URL = http://www.dogpile.com/search/web?fcoid ... earchTerms}
SearchScopes: HKU\S-1-5-21-2031072889-3319558428-2376867894-1001 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/web?type=ds&ts=142349 ... earchTerms}
SearchScopes: HKU\S-1-5-21-2031072889-3319558428-2376867894-1001 -> {429A3A86-3928-40C1-B2AC-3A37131DA792} URL = http://www.novinky.cz/hledej?w={searchT ... arch_12454
SearchScopes: HKU\S-1-5-21-2031072889-3319558428-2376867894-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-2031072889-3319558428-2376867894-1001 -> {48A95188-730A-46D5-9E9F-4174945B785B} URL = http://search.ividi.org/?q={searchTerms ... lt=3&r=932
SearchScopes: HKU\S-1-5-21-2031072889-3319558428-2376867894-1001 -> {55319D9C-C1F2-4ED9-82AC-912AF0C2A5D5} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKU\S-1-5-21-2031072889-3319558428-2376867894-1001 -> {96EAB9F3-0A03-4869-9037-92ACA4E96AB2} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
SearchScopes: HKU\S-1-5-21-2031072889-3319558428-2376867894-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKU\S-1-5-21-2031072889-3319558428-2376867894-1001 -> {A4CA16F0-11DB-4EF1-9A97-2E245E9A6524} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12454
SearchScopes: HKU\S-1-5-21-2031072889-3319558428-2376867894-1001 -> {D3AC24BE-67B5-426D-AE59-5B230B2A882E} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKU\S-1-5-21-2031072889-3319558428-2376867894-1001 -> {DB0D43DF-E73E-48D7-B5DF-3736CBF95EAE} URL = http://rover.ebay.com/rover/1/14361-113 ... earchTerms}
SearchScopes: HKU\S-1-5-21-2031072889-3319558428-2376867894-1001 -> {DFA217F2-B634-4049-81F4-5E7683D62C0C} URL = http://encyklopedie.seznam.cz/search?q= ... arch_12454
SearchScopes: HKU\S-1-5-21-2031072889-3319558428-2376867894-1001 -> {EA2E2BA3-CC8A-4643-8B11-AB5C83483475} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_12454
BHO: ExSStrraSavings -> {6BD665FE-E37A-4626-E849-963BFE75B876} -> C:\ProgramData\ExSStrraSavings\27z.x64.dll No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2015-01-03] (Sun Microsystems, Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-20] (AVAST Software)
BHO: DDEalExxperEss -> {94C7A5A0-18A9-1DD8-8B46-942876EC255D} -> C:\ProgramData\DDEalExxperEss\n.x64.dll No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: AllCheeaAiPPRiicoeo -> {D7879E3D-6CDC-35A9-7C3F-6DAC36AB8FEF} -> C:\ProgramData\AllCheeaAiPPRiicoeo\oIuDI.x64.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2015-01-03] (Sun Microsystems, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2015-01-03] (Sun Microsystems, Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-20] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2015-01-03] (Sun Microsystems, Inc.)
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_45 -> C:\Windows\system32\npdeployJava1.dll [2015-01-03] (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2015-01-03] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-02-11] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_45 -> C:\Windows\SysWOW64\npdeployJava1.dll [2015-01-03] (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll [2015-01-03] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [2013-11-29] (Nexon)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2014-11-14] (Nexon)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-28] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-02-11] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-07]

Chrome:
=======
CHR HomePage: Default -> hxxp://csgolounge.com/
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR DefaultSearchKeyword: Default -> v9
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-02]
CHR Extension: (Google Drive) - C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-02]
CHR Extension: (YouTube) - C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-03]
CHR Extension: (Steam inventory helper) - C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2015-03-09]
CHR Extension: (Google Search) - C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-02]
CHR Extension: (Google Sheets) - C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-02]
CHR Extension: (AdBlock) - C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-30]
CHR Extension: (Avast Online Security) - C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-10]
CHR Extension: (Google Wallet) - C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Gmail) - C:\Users\Vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-20] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [120128 2015-01-15] (Elex do Brasil Participações Ltda)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-01] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-03-20] ()
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [1021112 2011-03-30] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-20] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-20] ()
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [63328 2012-10-15] (AVG Technologies CZ, s.r.o. )
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [243200 2009-12-15] (Huawei Technologies Co., Ltd.)
S3 HPMo4DE3; C:\Windows\System32\DRIVERS\HPMo4DE3.sys [25088 2011-03-09] (TPMX Electronics Ltd.)
S3 HPub4DE3; C:\Windows\System32\Drivers\HPub4DE3.sys [18432 2011-04-12] (TPMX Electronics Ltd.)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [29696 2009-12-15] (Huawei Tech. Co., Ltd.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-03] (REALiX(tm))
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-12-15] (Huawei Technologies Co., Ltd.)
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [249000 2015-01-15] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [99496 2015-01-15] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [42152 2015-01-15] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [93352 2015-01-15] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2015-01-03] (Elex do Brasil Participações Ltda)
S3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 iSafeKrnlBoot; system32\DRIVERS\iSafeKrnlBoot.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-11 13:54 - 2015-03-11 13:56 - 00028554 _____ () C:\Users\Vaio\Desktop\FRST.txt
2015-03-11 13:53 - 2015-03-11 13:53 - 00000000 ____D () C:\Users\Vaio\Desktop\FRST-OlderVersion
2015-03-08 17:12 - 2015-03-08 18:21 - 00000177 _____ () C:\Users\Vaio\Desktop\SCIO.txt
2015-03-06 18:35 - 2015-03-11 13:54 - 00000000 ____D () C:\FRST
2015-03-04 15:22 - 2015-03-11 13:53 - 02095616 _____ (Farbar) C:\Users\Vaio\Desktop\FRST64.exe
2015-02-28 18:33 - 2015-02-28 18:33 - 00000000 ____D () C:\Users\Vaio\AppData\Roaming\Publish Providers
2015-02-28 13:13 - 2015-03-04 15:19 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-28 13:12 - 2015-02-28 13:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-28 13:12 - 2015-02-28 13:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-28 13:12 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-28 13:12 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-28 13:12 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-28 12:40 - 2015-02-28 12:40 - 00000000 ____D () C:\Users\Vaio\AppData\Local\VirtualStore
2015-02-28 11:28 - 2015-02-28 10:41 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-02-28 11:16 - 2015-02-28 11:16 - 00000000 ____D () C:\Users\Vaio\AppData\Roaming\eCyber
2015-02-28 11:11 - 2015-02-28 12:27 - 00000000 ____D () C:\zoek
2015-02-28 10:44 - 2015-02-28 12:27 - 00022924 _____ () C:\zoek-results.log
2015-02-28 10:41 - 2015-02-28 12:23 - 00000000 ____D () C:\zoek_backup
2015-02-27 23:53 - 2015-01-03 09:57 - 00052392 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2015-02-27 23:50 - 2015-02-27 23:50 - 00000000 ____D () C:\Users\Vaio\AppData\Roaming\Elex-tech
2015-02-27 23:24 - 2015-02-27 23:40 - 00000000 ____D () C:\AdwCleaner
2015-02-27 23:23 - 2015-02-27 23:23 - 02126848 _____ () C:\Users\Vaio\Desktop\adwcleaner_4.111.exe
2015-02-27 13:23 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-27 13:23 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-27 13:23 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-27 13:23 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-27 13:18 - 2015-02-27 13:19 - 00000000 ____D () C:\rsit
2015-02-27 13:18 - 2015-02-27 13:18 - 00000000 ____D () C:\Program Files\trend micro
2015-02-27 13:18 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-27 13:18 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-20 22:37 - 2015-02-20 22:37 - 00000000 ____D () C:\Users\Vaio\AppData\Local\Steam
2015-02-15 10:53 - 2015-03-05 14:04 - 00450654 _____ () C:\Windows\PFRO.log
2015-02-14 23:05 - 2015-03-08 11:26 - 00000672 _____ () C:\Windows\setupact.log
2015-02-14 23:05 - 2015-02-14 23:05 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-14 10:34 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-14 10:34 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-14 10:34 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-14 10:34 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-12 15:40 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-12 15:39 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-12 15:39 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-12 15:39 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-12 15:39 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-12 15:39 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-12 15:39 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-12 15:36 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-12 15:36 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-12 15:36 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-12 15:36 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-12 15:36 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-12 15:36 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-12 15:36 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-12 15:36 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-12 15:29 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-12 15:29 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-12 15:29 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-12 15:29 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-12 15:29 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-12 15:29 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-12 15:29 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-12 15:29 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-12 15:29 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-12 15:29 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-12 15:29 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-12 15:29 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-12 15:29 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-12 15:29 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-12 15:24 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-12 15:24 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-12 15:24 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-12 15:24 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-12 15:24 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-12 15:24 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-12 15:24 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-12 15:24 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-12 15:24 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-12 15:24 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-12 15:24 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-12 15:24 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-12 15:24 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-12 15:24 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-12 15:24 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-12 15:24 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-12 15:23 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-12 15:23 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-12 15:23 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-12 15:23 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-12 15:23 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-12 15:23 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-12 15:23 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-12 15:23 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-12 15:23 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-12 15:23 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-12 15:23 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-12 15:23 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-12 15:23 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-12 15:23 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-12 15:23 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-12 15:23 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-12 15:23 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-12 15:23 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-12 15:23 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-12 15:23 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-12 15:23 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-12 15:23 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-12 15:23 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-12 15:23 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-12 15:23 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-12 15:23 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-12 15:23 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-12 15:23 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-12 15:23 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-12 15:23 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-12 15:23 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-12 15:22 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-12 15:22 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-12 15:22 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-12 15:22 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-12 15:22 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-12 15:21 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-12 15:21 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-12 15:20 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-12 15:20 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-12 15:20 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-12 15:20 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-12 15:20 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-12 15:20 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-12 15:20 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-12 15:20 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-12 15:19 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-12 15:19 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-12 15:19 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-12 15:19 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-12 15:19 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-12 15:19 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-12 15:19 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-12 15:19 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-12 15:19 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-12 15:19 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-12 15:13 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-12 15:13 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-12 15:12 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-12 15:12 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-12 15:06 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-12 15:06 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-12 15:05 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-11 13:54 - 2012-05-29 16:57 - 01504782 _____ () C:\Windows\WindowsUpdate.log
2015-03-11 13:53 - 2013-10-30 20:21 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-11 13:51 - 2014-02-25 16:30 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-11 13:46 - 2013-01-12 18:58 - 00000000 ____D () C:\Users\Vaio\AppData\Local\Adobe
2015-03-11 13:45 - 2013-10-30 20:21 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-11 13:44 - 2014-02-07 20:21 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-11 13:44 - 2013-10-29 13:36 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-08 19:42 - 2013-05-26 13:02 - 00000000 ____D () C:\Users\Vaio\Desktop\▪ Songy ♬ ▪
2015-03-08 11:37 - 2009-07-14 05:45 - 00028576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-08 11:37 - 2009-07-14 05:45 - 00028576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-08 11:30 - 2012-11-16 15:58 - 00000000 ____D () C:\Users\Vaio\AppData\Roaming\uTorrent
2015-03-08 11:27 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-05 15:11 - 2014-02-26 21:47 - 00007436 _____ () C:\test.xml
2015-03-01 18:51 - 2014-06-27 08:22 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-03-01 17:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system
2015-03-01 17:43 - 2013-04-19 10:04 - 00000000 ____D () C:\Program Files (x86)\Attomey
2015-03-01 11:47 - 2012-10-04 18:53 - 00000000 ____D () C:\Users\Vaio\Downloads\▪ Blboviny ▪
2015-03-01 10:59 - 2012-08-18 16:24 - 00000000 ____D () C:\Users\Vaio\AppData\Local\CrashDumps
2015-02-28 22:42 - 2014-10-19 19:36 - 00001581 _____ () C:\Users\Vaio\Desktop\✖.txt
2015-02-28 17:10 - 2015-01-02 13:09 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-28 12:27 - 2014-02-01 22:19 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-02-28 12:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-28 11:31 - 2013-10-30 20:21 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-28 11:31 - 2013-10-30 20:21 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-28 11:16 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-02-27 23:52 - 2012-02-13 16:31 - 00000000 ____D () C:\ProgramData\McAfee
2015-02-27 23:38 - 2015-01-16 15:02 - 00000000 ____D () C:\Windows\system32\log
2015-02-27 23:38 - 2013-11-27 07:24 - 00000927 _____ () C:\Users\Vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-27 23:38 - 2012-08-18 15:41 - 00000000 ____D () C:\Users\Vaio
2015-02-27 23:20 - 2015-01-03 23:12 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-02-27 23:16 - 2012-05-29 17:00 - 00000000 ____D () C:\Users\SONY
2015-02-27 23:13 - 2013-03-19 17:45 - 00000000 ____D () C:\Users\Vaio\AppData\Roaming\Seznam.cz
2015-02-27 23:08 - 2015-01-03 23:20 - 00002852 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Vaio)
2015-02-27 13:47 - 2014-03-15 19:28 - 00000219 _____ () C:\Users\Vaio\Desktop\Counter-Strike Global Offensive.url
2015-02-24 03:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-18 17:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-14 11:54 - 2012-08-20 14:44 - 00000000 ____D () C:\Users\Vaio\AppData\Roaming\Skype
2015-02-13 16:21 - 2009-07-14 05:45 - 05333528 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-13 16:14 - 2014-12-11 15:45 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-13 16:14 - 2014-05-07 15:19 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-13 16:07 - 2013-02-22 15:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-13 16:07 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2015-02-13 15:25 - 2013-07-13 14:58 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-13 14:23 - 2012-06-22 15:44 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2014-12-02 10:08 - 2014-12-16 16:13 - 0000132 _____ () C:\Users\Vaio\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2013-02-28 16:13 - 2013-02-28 16:17 - 0004608 _____ () C:\Users\Vaio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-23 12:16 - 2014-02-23 12:16 - 0002718 _____ () C:\Users\Vaio\AppData\Local\recently-used.xbel

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-16 17:24

==================== End Of Log ============================
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o preventivku

#14 Příspěvek od Márty84 »

Za tu dobu se tam zas neco objevilo :roll:

Zopakujte krok s ADWCleanerem.

:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
TheLafroms
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 27 úno 2015 13:13
Bydliště: Moravskoslezský Kraj

Re: Prosím o preventivku

#15 Příspěvek od TheLafroms »

Zde je ten log, omlouvám se zase na neaktivitu a odepsání až teď :-D

# AdwCleaner v4.113 - Logfile created 24/03/2015 at 17:10:26
# Updated 22/03/2015 by Xplode
# Database : 2015-03-23.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Vaio - SONY-VAIO
# Running from : C:\Users\Vaio\Desktop\adwcleaner_4.113.exe
# Option : Cleaning

***** [ Services ] *****

Service Deleted : iSafeKrnl
[#] Service Deleted : iSafeKrnlBoot
Service Deleted : iSafeKrnlKit
Service Deleted : iSafeKrnlR3
Service Deleted : iSafeNetFilter
[#] Service Deleted : iSafeService
Service Deleted : iSafeKrnlMon

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\Program Files (x86)\Elex-tech
Folder Deleted : C:\Users\Vaio\AppData\Local\DM
Folder Deleted : C:\Users\Vaio\AppData\Roaming\eCyber
[!] Folder Deleted : C:\Users\Vaio\AppData\Roaming\Elex-tech
File Deleted : C:\Windows\System32\Drivers\iSafeNetFilter.sys

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\PCSU.Registry
Key Deleted : HKLM\SOFTWARE\Classes\PCSU.SysUtils
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428A-92C9-0CFC28B9D1BF}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{48A95188-730A-46D5-9E9F-4174945B785B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{48A95188-730A-46D5-9E9F-4174945B785B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\tinydm.com
Key Deleted : HKLM\SOFTWARE\Elex-tech
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v


-\\ Google Chrome v41.0.2272.101


*************************

AdwCleaner[R0].txt - [25631 bytes] - [27/02/2015 23:24:37]
AdwCleaner[R1].txt - [2885 bytes] - [24/03/2015 16:01:30]
AdwCleaner[R2].txt - [2944 bytes] - [24/03/2015 16:41:07]
AdwCleaner[S0].txt - [23752 bytes] - [27/02/2015 23:36:02]
AdwCleaner[S1].txt - [2871 bytes] - [24/03/2015 17:10:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2930 bytes] ##########
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“