Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Pocitac ide pomaly no nie je vytazeny

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
GAMELASTER
Návštěvník
Návštěvník
Příspěvky: 107
Registrován: 13 led 2012 16:53

Re: Pocitac ide pomaly no nie je vytazeny

#16 Příspěvek od GAMELASTER »

ComboFix 15-08-06.01 - diviak . 08. 2015 11:45:18.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.3037.1600 [GMT 2:00]
Running from: c:\users\diviak\Desktop\ComboFix.exe
Command switches used :: c:\users\diviak\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1cd607a4c9a22cb.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000UA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1ca30d04c6389b8.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1cf523bb685f195.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1cf6b9aa7cc50e2.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1d02f4d4204f075.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1d043071fb3c688.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1d0bff068180956.job"
"c:\windows\Tasks\Norton Security Scan for diviak.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\McAfee Security Scan
c:\program files\McAfee Security Scan\3.11.149\AVScanComponent.dll
c:\program files\McAfee Security Scan\3.11.149\AVScanner.ini
c:\program files\McAfee Security Scan\3.11.149\avvclean.dat
c:\program files\McAfee Security Scan\3.11.149\avvnames.dat
c:\program files\McAfee Security Scan\3.11.149\avvscan.dat
c:\program files\McAfee Security Scan\3.11.149\config.dat
c:\program files\McAfee Security Scan\3.11.149\ftconfig.ini
c:\program files\McAfee Security Scan\3.11.149\McAfee.ico
c:\program files\McAfee Security Scan\3.11.149\mcbrwsr2.dll
c:\program files\McAfee Security Scan\3.11.149\MCCompHostConfig.ini
c:\program files\McAfee Security Scan\3.11.149\McCHSvc.exe
c:\program files\McAfee Security Scan\3.11.149\McInstallerRes.dll
c:\program files\McAfee Security Scan\3.11.149\McInstallerRes_LD.dll
c:\program files\McAfee Security Scan\3.11.149\McInstallerStartup.dll
c:\program files\McAfee Security Scan\3.11.149\mcscan32.dll
c:\program files\McAfee Security Scan\3.11.149\McUICnt.exe
c:\program files\McAfee Security Scan\3.11.149\McUpdater.dll
c:\program files\McAfee Security Scan\3.11.149\sa_cache_sqlite.dll
c:\program files\McAfee Security Scan\3.11.149\sa_http_win32.dll
c:\program files\McAfee Security Scan\3.11.149\sa_mbl.dll
c:\program files\McAfee Security Scan\3.11.149\sa_store_sqlite.dll
c:\program files\McAfee Security Scan\3.11.149\sacore.db
c:\program files\McAfee Security Scan\3.11.149\sacore.dll
c:\program files\McAfee Security Scan\3.11.149\sacoredata\uds_filetypes.txt
c:\program files\McAfee Security Scan\3.11.149\sacoredata\uds_hosting.txt
c:\program files\McAfee Security Scan\3.11.149\sacoredata\uds_tlds.txt
c:\program files\McAfee Security Scan\3.11.149\SecurityScanner.dll
c:\program files\McAfee Security Scan\3.11.149\SecurityScanner_LD.dll
c:\program files\McAfee Security Scan\3.11.149\signlic.txt
c:\program files\McAfee Security Scan\3.11.149\sqlite3.dll
c:\program files\McAfee Security Scan\3.11.149\SSScheduler.exe
c:\program files\McAfee Security Scan\3.11.149\uninstaller.ini
c:\program files\McAfee Security Scan\3.11.149\WebInfoScanner.dll
c:\program files\McAfee Security Scan\3.11.149\WMIScanner.dll
c:\program files\McAfee Security Scan\uninstall.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_BBSvc
-------\Service_BBUpdate
-------\Service_McComponentHostService
.
.
((((((((((((((((((((((((( Files Created from 2015-07-08 to 2015-08-08 )))))))))))))))))))))))))))))))
.
.
2015-08-07 14:21 . 2015-08-07 14:21 -------- d-----w- c:\users\diviak\AppData\Roaming\HD Tune Pro
2015-08-07 14:21 . 2015-08-07 14:21 -------- d-----w- c:\program files\HD Tune Pro
2015-08-07 14:14 . 2015-08-07 14:14 -------- d-----w- c:\windows\system32\wbem\Framework
2015-08-07 14:14 . 2015-08-07 14:14 39168 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BABA7280-8A5F-4B54-930B-536416FCAB9F}\MpKsle6033213.sys
2015-08-07 12:38 . 2015-08-07 12:38 62576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BABA7280-8A5F-4B54-930B-536416FCAB9F}\offreg.804.dll
2015-08-07 09:08 . 2015-07-01 14:41 912000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A4043178-625C-43D8-822A-89BBCC57B46D}\gapaengine.dll
2015-08-07 09:05 . 2015-07-15 01:33 9252608 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BABA7280-8A5F-4B54-930B-536416FCAB9F}\mpengine.dll
2015-08-06 20:13 . 2015-07-15 01:33 9252608 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-08-06 09:48 . 2015-08-07 12:39 98520 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-08-06 09:47 . 2015-08-06 09:47 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2015-08-06 09:47 . 2015-08-06 09:47 -------- d-----w- c:\programdata\Malwarebytes
2015-08-06 09:47 . 2015-06-18 06:41 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-08-06 09:47 . 2015-06-18 06:41 94936 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-08-06 09:47 . 2015-06-18 06:41 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-08-06 09:31 . 2015-08-07 08:55 -------- d-----w- C:\AdwCleaner
2015-08-05 08:52 . 2015-08-05 08:53 -------- d-----w- C:\rsit
2015-08-05 08:52 . 2015-08-05 08:52 -------- d-----w- c:\program files\trend micro
2015-07-29 05:23 . 2015-07-25 17:47 587264 ----a-w- c:\windows\system32\generaltel.dll
2015-07-29 05:23 . 2015-07-25 17:47 628736 ----a-w- c:\windows\system32\invagent.dll
2015-07-29 05:23 . 2015-07-25 17:46 342016 ----a-w- c:\windows\system32\devinv.dll
2015-07-29 05:23 . 2015-07-25 17:46 924160 ----a-w- c:\windows\system32\appraiser.dll
2015-07-29 05:23 . 2015-07-25 17:46 58880 ----a-w- c:\windows\system32\acmigration.dll
2015-07-29 05:23 . 2015-07-25 17:40 932864 ----a-w- c:\windows\system32\aeinv.dll
2015-07-29 05:23 . 2015-07-25 17:51 15808 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-07-29 05:23 . 2015-07-25 17:46 202752 ----a-w- c:\windows\system32\aepdu.dll
2015-07-21 15:31 . 2015-07-15 02:55 26624 ----a-w- c:\windows\system32\lpk.dll
2015-07-21 15:31 . 2015-07-15 02:55 70656 ----a-w- c:\windows\system32\fontsub.dll
2015-07-21 15:31 . 2015-07-15 02:55 10240 ----a-w- c:\windows\system32\dciman32.dll
2015-07-21 15:31 . 2015-07-15 02:55 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-07-21 15:31 . 2015-07-15 01:52 299008 ----a-w- c:\windows\system32\atmfd.dll
2015-07-16 18:37 . 2015-06-15 21:47 101824 ----a-w- c:\windows\system32\consent.exe
2015-07-16 18:37 . 2015-06-15 21:43 2364416 ----a-w- c:\windows\system32\msi.dll
2015-07-16 18:37 . 2015-06-15 21:43 1805824 ----a-w- c:\windows\system32\authui.dll
2015-07-16 18:37 . 2015-06-15 21:43 337408 ----a-w- c:\windows\system32\msihnd.dll
2015-07-16 18:37 . 2015-06-15 21:43 47104 ----a-w- c:\windows\system32\appinfo.dll
2015-07-16 18:37 . 2015-06-15 21:42 73216 ----a-w- c:\windows\system32\msiexec.exe
2015-07-16 18:37 . 2015-06-15 21:37 25088 ----a-w- c:\windows\system32\msimsg.dll
2015-07-15 20:57 . 2015-06-25 08:46 2383872 ----a-w- c:\windows\system32\win32k.sys
2015-07-15 20:55 . 2015-07-04 17:48 1414656 ----a-w- c:\windows\system32\ole32.dll
2015-07-15 20:55 . 2015-06-17 17:39 305664 ----a-w- c:\windows\system32\gdi32.dll
2015-07-15 20:55 . 2015-04-27 19:04 143872 ----a-w- c:\windows\system32\cryptsvc.dll
2015-07-15 20:55 . 2015-04-27 19:04 1174528 ----a-w- c:\windows\system32\crypt32.dll
2015-07-15 20:55 . 2015-04-27 19:05 179200 ----a-w- c:\windows\system32\wintrust.dll
2015-07-15 20:55 . 2015-04-27 19:04 103936 ----a-w- c:\windows\system32\cryptnet.dll
2015-07-15 20:44 . 2015-06-19 18:31 37888 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub_is.dll
2015-07-15 20:43 . 2015-06-19 17:53 817664 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2015-07-15 20:43 . 2015-06-19 18:25 504320 ----a-w- c:\windows\system32\vbscript.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-05 10:11 . 2011-05-08 13:10 246952 ------w- c:\windows\system32\MpSigStub.exe
2015-07-01 20:30 . 2015-07-15 20:56 248832 ----a-w- c:\windows\system32\schannel.dll
2015-07-01 14:41 . 2011-05-26 06:04 912000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-06-16 23:01 . 2015-06-16 23:01 1202856 ----a-w- c:\windows\system32\FM20.DLL
2015-05-25 18:07 . 2015-06-10 07:07 3989440 ----a-w- c:\windows\system32\ntkrnlpa.exe
2015-05-25 18:07 . 2015-06-10 07:07 3934144 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-05-25 18:04 . 2015-06-10 07:07 1307648 ----a-w- c:\windows\system32\ntdll.dll
2015-05-25 18:01 . 2015-06-10 07:07 853504 ----a-w- c:\windows\system32\diagtrack.dll
2015-05-25 18:01 . 2015-06-10 07:06 635392 ----a-w- c:\windows\system32\tdh.dll
2015-05-25 18:01 . 2015-06-10 07:07 400896 ----a-w- c:\windows\system32\srcore.dll
2015-05-25 18:01 . 2015-06-10 07:06 43008 ----a-w- c:\windows\system32\srclient.dll
2015-05-25 18:01 . 2015-06-10 07:06 92160 ----a-w- c:\windows\system32\sechost.dll
2015-05-25 18:01 . 2015-06-10 07:06 38912 ----a-w- c:\windows\system32\csrsrv.dll
2015-05-25 18:01 . 2015-06-10 07:07 641536 ----a-w- c:\windows\system32\advapi32.dll
2015-05-25 18:00 . 2015-06-10 07:06 40448 ----a-w- c:\windows\system32\typeperf.exe
2015-05-25 18:00 . 2015-06-10 07:07 364544 ----a-w- c:\windows\system32\tracerpt.exe
2015-05-25 18:00 . 2015-06-10 07:06 69632 ----a-w- c:\windows\system32\smss.exe
2015-05-25 18:00 . 2015-06-10 07:07 262656 ----a-w- c:\windows\system32\rstrui.exe
2015-05-25 18:00 . 2015-06-10 07:06 37888 ----a-w- c:\windows\system32\relog.exe
2015-05-25 18:00 . 2015-06-10 07:07 82944 ----a-w- c:\windows\system32\logman.exe
2015-05-25 18:00 . 2015-06-10 07:06 17408 ----a-w- c:\windows\system32\diskperf.exe
2015-05-25 17:55 . 2015-06-10 07:06 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-05-25 16:53 . 2015-06-10 07:06 36864 ----a-w- c:\windows\system32\UtcResources.dll
2015-05-21 13:20 . 2015-06-10 07:08 163840 ----a-w- c:\windows\system32\aepic.dll
2006-06-15 18:33 . 2011-05-10 22:23 233472 ----a-w- c:\program files\mozilla firefox\plugins\CrazyTalk4Native.dll
2006-05-25 16:43 . 2011-05-10 22:23 204895 ----a-w- c:\program files\mozilla firefox\plugins\ctdomemhelper.dll
2005-09-29 12:41 . 2011-05-10 22:23 77824 ----a-w- c:\program files\mozilla firefox\plugins\ctframeplayerobject.dll
2006-06-19 11:10 . 2011-05-10 22:23 426081 ----a-w- c:\program files\mozilla firefox\plugins\ctplayerobject.dll
2005-02-02 10:19 . 2011-05-10 22:23 458752 ----a-w- c:\program files\mozilla firefox\plugins\imagickrt.dll
2006-04-10 16:35 . 2011-05-10 22:23 139264 ----a-w- c:\program files\mozilla firefox\plugins\rlcontentclass.dll
2005-11-09 09:10 . 2011-05-10 22:23 204800 ----a-w- c:\program files\mozilla firefox\plugins\RLMusicPacker.dll
2005-11-09 09:42 . 2011-05-10 22:23 106496 ----a-w- c:\program files\mozilla firefox\plugins\RLMusicUnpacker.dll
2006-01-04 09:22 . 2011-05-10 22:23 212992 ----a-w- c:\program files\mozilla firefox\plugins\RLVoicePacker.dll
2006-01-04 09:21 . 2011-05-10 22:23 167936 ----a-w- c:\program files\mozilla firefox\plugins\RLVoiceUnpacker.dll
2011-03-18 18:05 . 2011-05-08 13:02 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-02-21 222504]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-18 104936]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-09-24 210216]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2008-02-22 62760]
"UpdatePPShortCut"="c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2008-01-04 222504]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-10-22 210216]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-04-29 981688]
"SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2012-02-03 103896]
.
c:\users\diviak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-10-4 393216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2014-12-11 315496]
R3 cdrombus;Android BUS Service;c:\windows\system32\Drivers\cdrombus.sys [2012-08-22 19968]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-06-19 102912]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-06-18 51928]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 95408]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2015-04-29 284504]
R3 qcusbser;Android USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\qcusbser.sys [2013-01-16 205312]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-08 1343400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S1 MpKsle6033213;MpKsle6033213;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BABA7280-8A5F-4B54-930B-536416FCAB9F}\MpKsle6033213.sys [2015-08-07 39168]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2009-03-31 233472]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-02-03 793048]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-06-18 23256]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc REG_MULTI_SZ DiagTrack
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1cd607a4c9a22cb.job
- c:\users\diviak\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-21 22:04]
.
2011-10-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000UA.job
- c:\users\diviak\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-21 22:04]
.
2015-07-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1ca30d04c6389b8.job
- c:\users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-25 16:23]
.
2015-01-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1cf523bb685f195.job
- c:\users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-25 16:23]
.
2014-05-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1cf6b9aa7cc50e2.job
- c:\users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-25 16:23]
.
2015-02-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1d02f4d4204f075.job
- c:\users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-25 16:23]
.
2009-09-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1d043071fb3c688.job
- c:\users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-25 16:23]
.
2015-07-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1d0bff068180956.job
- c:\users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-25 16:23]
.
2011-10-25 c:\windows\Tasks\Norton Security Scan for diviak.job
- c:\progra~1\NORTON~2\Engine\351~1.8\Nss.exe [2011-10-23 13:59]
.
.
------- Supplementary Scan -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: {{B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - c:\program files\PartyGaming\PartyCasino\RunCasino.exe
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\diviak\AppData\Roaming\Mozilla\Firefox\Profiles\y1d7q3h9.default\
.
- - - - ORPHANS REMOVED - - - -
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.11.149\SSScheduler.exe
AddRemove-McAfee Security Scan - c:\program files\McAfee Security Scan\uninstall.exe
.
.
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\GWX\GWX.exe
c:\windows\system32\sppsvc.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Completion time: 2015-08-08 12:01:24 - machine was rebooted
ComboFix-quarantined-files.txt 2015-08-08 10:01
ComboFix2.txt 2015-08-08 08:53
.
Pre-Run: 43 875 414 016 bytes free
Post-Run: 43 469 639 680 bytes free
.
- - End Of File - - B8F5C0912DF48218D97E7DC6E5629065
A36C5E4F47E84449FF07ED3517B43A31
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Pocitac ide pomaly no nie je vytazeny

#17 Příspěvek od Márty84 »

:arrow: Dejte novy log z RSIT

a k tomu

:arrow: Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach :)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
GAMELASTER
Návštěvník
Návštěvník
Příspěvky: 107
Registrován: 13 led 2012 16:53

Re: Pocitac ide pomaly no nie je vytazeny

#18 Příspěvek od GAMELASTER »

RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by diviak at 2015-08-08 12:15:49
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 41 GB (38%) free of 108 GB
Total RAM: 3037 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:16:00, on 8. 8. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17909)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\GWX\GWX.exe
C:\Windows\system32\notepad.exe
C:\Windows\Explorer.exe
C:\Users\diviak\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\diviak\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\diviak\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\diviak\Downloads\RSIT (1).exe
C:\Program Files\trend micro\diviak.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.0"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [UpdatePPShortCut] "C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerProducer" update "Software\CyberLink\PowerProducer\4.0"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program Files\PartyGaming\PartyCasino\RunCasino.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program Files\PartyGaming\PartyCasino\RunCasino.exe (file missing)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 7786 bytes

======Scheduled tasks folder======

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1cd607a4c9a22cb.job - C:\Users\diviak\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000UA.job - C:\Users\diviak\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1ca30d04c6389b8.job - C:\Users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1cf523bb685f195.job - C:\Users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1cf6b9aa7cc50e2.job - C:\Users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1d02f4d4204f075.job - C:\Users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1d043071fb3c688.job - C:\Users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1d0bff068180956.job - C:\Users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\Norton Security Scan for diviak.job - C:\PROGRA~1\NORTON~2\Engine\351~1.8\Nss.exe /scan-quick /scheduled

=========Mozilla firefox=========

ProfilePath - C:\Users\diviak\AppData\Roaming\Mozilla\Firefox\Profiles\y1d7q3h9.default

"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsRLCT4Player.xpt

C:\Program Files\Mozilla Firefox\plugins\
CrazyTalk4Native.dll
ctdomemhelper.dll
ctframeplayerobject.dll
ctplayerobject.dll
imagickrt.dll
np-mswmp.dll
npFoxitReaderPlugin.dll
NPOFF12.DLL
nppdf32.dll
npRLCT4Player.dll
rlcontentclass.dll
RLMusicPacker.dll
RLMusicUnpacker.dll
RLVoicePacker.dll
RLVoiceUnpacker.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12 1431712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-11-20 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-11-20 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12 1431712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 137752]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 172568]
"UpdateLBPShortCut"=C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-02-21 222504]
"CLMLServer"=C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [2008-07-18 104936]
"UpdateP2GoShortCut"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-09-24 210216]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2008-02-22 62760]
"UpdatePPShortCut"=C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [2008-01-04 222504]
"UpdatePSTShortCut"=C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2008-10-22 210216]
"DELL Webcam Manager"=C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [2007-07-27 118784]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 981688]
"SSDMonitor"=C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2012-02-03 103896]

C:\Users\diviak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=emYUV.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.l3codecp"=l3codecp.acm
"msacm.siren"=sirenacm.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-08-08 12:01:28 ----D---- C:\Windows\temp
2015-08-08 12:01:26 ----A---- C:\ComboFix.txt
2015-08-08 12:00:48 ----SHD---- C:\$RECYCLE.BIN
2015-08-08 10:40:37 ----A---- C:\Windows\zip.exe
2015-08-08 10:40:37 ----A---- C:\Windows\SWSC.exe
2015-08-08 10:40:37 ----A---- C:\Windows\SWREG.exe
2015-08-08 10:40:37 ----A---- C:\Windows\sed.exe
2015-08-08 10:40:37 ----A---- C:\Windows\PEV.exe
2015-08-08 10:40:37 ----A---- C:\Windows\NIRCMD.exe
2015-08-08 10:40:37 ----A---- C:\Windows\MBR.exe
2015-08-08 10:40:37 ----A---- C:\Windows\grep.exe
2015-08-08 10:37:26 ----D---- C:\Qoobox
2015-08-08 10:37:03 ----D---- C:\Windows\erdnt
2015-08-07 16:21:10 ----D---- C:\Users\diviak\AppData\Roaming\HD Tune Pro
2015-08-07 16:21:06 ----D---- C:\Program Files\HD Tune Pro
2015-08-06 11:48:16 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-08-06 11:47:43 ----D---- C:\ProgramData\Malwarebytes
2015-08-06 11:47:43 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2015-08-06 11:47:43 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-08-06 11:47:43 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-08-06 11:47:43 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-08-06 11:31:01 ----D---- C:\AdwCleaner
2015-08-05 10:52:46 ----D---- C:\rsit
2015-08-05 10:52:46 ----D---- C:\Program Files\trend micro
2015-07-29 07:23:59 ----A---- C:\Windows\system32\invagent.dll
2015-07-29 07:23:59 ----A---- C:\Windows\system32\generaltel.dll
2015-07-29 07:23:59 ----A---- C:\Windows\system32\devinv.dll
2015-07-29 07:23:59 ----A---- C:\Windows\system32\appraiser.dll
2015-07-29 07:23:59 ----A---- C:\Windows\system32\acmigration.dll
2015-07-29 07:23:58 ----A---- C:\Windows\system32\aeinv.dll
2015-07-29 07:23:57 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-29 07:23:57 ----A---- C:\Windows\system32\aepdu.dll
2015-07-21 17:31:57 ----A---- C:\Windows\system32\lpk.dll
2015-07-21 17:31:57 ----A---- C:\Windows\system32\fontsub.dll
2015-07-21 17:31:57 ----A---- C:\Windows\system32\dciman32.dll
2015-07-21 17:31:57 ----A---- C:\Windows\system32\atmlib.dll
2015-07-21 17:31:57 ----A---- C:\Windows\system32\atmfd.dll
2015-07-16 20:37:23 ----A---- C:\Windows\system32\msi.dll
2015-07-16 20:37:23 ----A---- C:\Windows\system32\consent.exe
2015-07-16 20:37:23 ----A---- C:\Windows\system32\authui.dll
2015-07-16 20:37:22 ----A---- C:\Windows\system32\msimsg.dll
2015-07-16 20:37:22 ----A---- C:\Windows\system32\msihnd.dll
2015-07-16 20:37:22 ----A---- C:\Windows\system32\msiexec.exe
2015-07-16 20:37:22 ----A---- C:\Windows\system32\appinfo.dll
2015-07-15 22:57:02 ----A---- C:\Windows\system32\win32k.sys
2015-07-15 22:56:42 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-15 22:56:42 ----A---- C:\Windows\system32\kerberos.dll
2015-07-15 22:56:42 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-15 22:56:41 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-15 22:56:41 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-15 22:56:41 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-15 22:56:40 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-15 22:56:40 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-15 22:56:39 ----A---- C:\Windows\system32\wdigest.dll
2015-07-15 22:56:39 ----A---- C:\Windows\system32\TSpkg.dll
2015-07-15 22:56:39 ----A---- C:\Windows\system32\schannel.dll
2015-07-15 22:56:39 ----A---- C:\Windows\system32\ncrypt.dll
2015-07-15 22:56:39 ----A---- C:\Windows\system32\lsass.exe
2015-07-15 22:56:39 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-07-15 22:56:39 ----A---- C:\Windows\system32\cryptbase.dll
2015-07-15 22:56:39 ----A---- C:\Windows\system32\auditpol.exe
2015-07-15 22:56:38 ----A---- C:\Windows\system32\sspicli.dll
2015-07-15 22:56:36 ----A---- C:\Windows\system32\sspisrv.dll
2015-07-15 22:56:36 ----A---- C:\Windows\system32\secur32.dll
2015-07-15 22:56:36 ----A---- C:\Windows\system32\msaudite.dll
2015-07-15 22:56:36 ----A---- C:\Windows\system32\credssp.dll
2015-07-15 22:56:36 ----A---- C:\Windows\system32\adtschema.dll
2015-07-15 22:56:35 ----A---- C:\Windows\system32\msobjs.dll
2015-07-15 22:55:43 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 22:55:27 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 22:55:17 ----A---- C:\Windows\system32\cryptsvc.dll
2015-07-15 22:55:17 ----A---- C:\Windows\system32\crypt32.dll
2015-07-15 22:55:16 ----A---- C:\Windows\system32\wintrust.dll
2015-07-15 22:55:16 ----A---- C:\Windows\system32\cryptnet.dll
2015-07-15 22:54:50 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-15 22:54:50 ----A---- C:\Windows\system32\wups2.dll
2015-07-15 22:54:50 ----A---- C:\Windows\system32\wups.dll
2015-07-15 22:54:50 ----A---- C:\Windows\system32\wudriver.dll
2015-07-15 22:54:50 ----A---- C:\Windows\system32\wucltux.dll
2015-07-15 22:54:50 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-15 22:54:50 ----A---- C:\Windows\system32\wuapp.exe
2015-07-15 22:54:50 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 22:54:49 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-15 22:54:49 ----A---- C:\Windows\system32\wuapi.dll
2015-07-15 22:54:49 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-15 22:54:42 ----A---- C:\Windows\system32\cewmdm.dll
2015-07-15 22:54:38 ----A---- C:\Windows\system32\jscript9diag.dll
2015-07-15 22:54:38 ----A---- C:\Windows\system32\jscript9.dll
2015-07-15 22:54:34 ----A---- C:\Windows\system32\urlmon.dll
2015-07-15 22:54:34 ----A---- C:\Windows\system32\ieui.dll
2015-07-15 22:54:33 ----A---- C:\Windows\system32\ieframe.dll
2015-07-15 22:54:31 ----A---- C:\Windows\system32\mshtml.dll
2015-07-15 22:54:30 ----A---- C:\Windows\system32\iertutil.dll
2015-07-15 22:44:23 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 22:44:23 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-07-15 22:44:22 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-07-15 22:44:21 ----A---- C:\Windows\system32\iernonce.dll
2015-07-15 22:44:21 ----A---- C:\Windows\system32\ie4uinit.exe
2015-07-15 22:44:20 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 22:44:20 ----A---- C:\Windows\system32\iedkcs32.dll
2015-07-15 22:44:19 ----A---- C:\Windows\system32\jsproxy.dll
2015-07-15 22:44:18 ----A---- C:\Windows\system32\ieUnatt.exe
2015-07-15 22:44:17 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-15 22:44:17 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-15 22:44:17 ----A---- C:\Windows\system32\dxtmsft.dll
2015-07-15 22:44:14 ----A---- C:\Windows\system32\msrating.dll
2015-07-15 22:44:14 ----A---- C:\Windows\system32\iesetup.dll
2015-07-15 22:44:13 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 22:44:11 ----A---- C:\Windows\system32\wininet.dll
2015-07-15 22:44:09 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-15 22:44:04 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-15 22:44:02 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-07-15 22:44:00 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-15 22:43:51 ----A---- C:\Windows\system32\vbscript.dll
2015-07-15 22:43:51 ----A---- C:\Windows\system32\jscript.dll

======List of files/folders modified in the last 1 month======

2015-08-08 12:01:29 ----D---- C:\Windows\system32\drivers
2015-08-08 12:01:28 ----D---- C:\Windows
2015-08-08 11:58:55 ----D---- C:\Windows\system32\config
2015-08-08 11:55:31 ----A---- C:\Windows\system.ini
2015-08-08 11:55:10 ----D---- C:\Windows\system32\drivers\etc
2015-08-08 11:51:39 ----RD---- C:\Program Files
2015-08-08 11:49:07 ----D---- C:\Windows\System32
2015-08-08 11:49:07 ----D---- C:\Windows\AppPatch
2015-08-08 11:49:05 ----D---- C:\Program Files\Common Files
2015-08-08 11:43:06 ----D---- C:\Users\diviak\AppData\Roaming\Skype
2015-08-08 10:37:49 ----D---- C:\Windows\inf
2015-08-08 10:37:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-08-08 10:37:23 ----D---- C:\Windows\Prefetch
2015-08-08 10:31:24 ----SHD---- C:\System Volume Information
2015-08-07 16:14:25 ----D---- C:\Windows\system32\wbem
2015-08-06 11:47:43 ----D---- C:\ProgramData
2015-08-06 11:30:27 ----D---- C:\Windows\tracing
2015-08-05 11:07:08 ----D---- C:\ProgramData\McAfee Security Scan
2015-08-04 22:06:02 ----D---- C:\Windows\system32\NDF
2015-08-04 10:55:03 ----SD---- C:\Windows\system32\CompatTel
2015-07-29 07:19:21 ----D---- C:\Windows\winsxs
2015-07-29 07:18:17 ----D---- C:\Windows\SoftwareDistribution
2015-07-17 09:28:28 ----D---- C:\Windows\rescache
2015-07-16 22:37:49 ----SD---- C:\Windows\system32\GWX
2015-07-16 22:37:49 ----D---- C:\Windows\system32\sk-SK
2015-07-16 22:37:49 ----D---- C:\Windows\system32\en-US
2015-07-16 22:37:49 ----D---- C:\Program Files\Internet Explorer
2015-07-16 22:37:41 ----D---- C:\Windows\system32\appraiser
2015-07-16 22:37:40 ----D---- C:\Windows\PolicyDefinitions
2015-07-16 20:04:27 ----SHD---- C:\Windows\Installer
2015-07-16 20:04:24 ----D---- C:\ProgramData\Microsoft Help
2015-07-16 20:04:24 ----D---- C:\Config.Msi
2015-07-16 19:54:05 ----D---- C:\Windows\Tasks
2015-07-16 19:51:29 ----D---- C:\Windows\system32\catroot2
2015-07-15 22:58:47 ----D---- C:\Windows\system32\MRT

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 245096]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 MpKsle6033213;MpKsle6033213; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BABA7280-8A5F-4B54-930B-536416FCAB9F}\MpKsle6033213.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 117760]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-10-05 1221632]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x86.sys [2009-08-23 48640]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 23256]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2007-07-31 7680]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 8192]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-06 1766592]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 catchme;catchme; \??\C:\Users\diviak\AppData\Local\Temp\catchme.sys []
S3 cdrombus;Android BUS Service; C:\Windows\System32\Drivers\cdrombus.sys [2012-08-22 19968]
S3 DCamUSBEMPIA;USB 2800 Video; C:\Windows\system32\DRIVERS\emDevice.sys [2005-09-08 168704]
S3 FiltUSBEMPIA;USB Device Lower Filter; C:\Windows\system32\DRIVERS\emFilter.sys [2005-09-08 5248]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 51928]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 95408]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 qcusbser;Android USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\qcusbser.sys [2013-01-16 205312]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 ScanUSBEMPIA;USB Still Image Capture Device; C:\Windows\system32\DRIVERS\emScan.sys [2005-09-08 5120]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 22216]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-02-03 793048]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-19 102912]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 284504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-05-08 1343400]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:06-08-2015
Ran by diviak (administrator) on DIVIAK (08-08-2015 12:20:08)
Running from C:\Users\diviak\Desktop
Loaded Profiles: diviak (Available Profiles: diviak)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(PC Tools) C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Users\diviak\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\diviak\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\diviak\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\diviak\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\diviak\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\diviak\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\diviak\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\diviak\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [UpdateLBPShortCut] => C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2008-02-21] (CyberLink Corp.)
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [104936 2008-07-18] (CyberLink)
HKLM\...\Run: [UpdateP2GoShortCut] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-09-24] (CyberLink Corp.)
HKLM\...\Run: [LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [62760 2008-02-22] ()
HKLM\...\Run: [UpdatePPShortCut] => C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.)
HKLM\...\Run: [UpdatePSTShortCut] => C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2008-10-22] (CyberLink Corp.)
HKLM\...\Run: [DELL Webcam Manager] => C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [118784 2007-07-27] (Creative Technology Ltd.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [SSDMonitor] => C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe [103896 2012-02-03] (PC Tools)
HKU\S-1-5-21-3296201877-1619235930-2648828280-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil10w_ActiveX.exe [243360 2011-09-16] (Adobe Systems, Inc.)
Startup: C:\Users\diviak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk [2011-12-28]
ShortcutTarget: OpenOffice.org 3.0.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3296201877-1619235930-2648828280-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3296201877-1619235930-2648828280-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-3296201877-1619235930-2648828280-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12] (Microsoft Corporation.)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-11-20] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-11-20] (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12] (Microsoft Corporation.)
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{31A00D1D-0D61-482E-8282-8735690F487C}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\diviak\AppData\Roaming\Mozilla\Firefox\Profiles\y1d7q3h9.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2011-07-16] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll [2012-11-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-11-20] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3296201877-1619235930-2648828280-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\diviak\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3296201877-1619235930-2648828280-1000: @tools.google.com/Google Update;version=3 -> C:\Users\diviak\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3296201877-1619235930-2648828280-1000: @tools.google.com/Google Update;version=9 -> C:\Users\diviak\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3296201877-1619235930-2648828280-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\diviak\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-05-04] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\CrazyTalk4Native.dll [2006-06-15] (C3D)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ctdomemhelper.dll [2006-05-25] (Reallusion Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ctframeplayerobject.dll [2005-09-29] (Reallusion Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ctplayerobject.dll [2006-06-19] (Reallusion Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\imagickrt.dll [2005-02-02] (BEXTech)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll [2011-05-08] (Foxit Software Company)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2012-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npRLCT4Player.dll [2006-01-03] ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\rlcontentclass.dll [2006-04-10] (Reallusion Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\RLMusicPacker.dll [2005-11-09] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\RLMusicUnpacker.dll [2005-11-09] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\RLVoicePacker.dll [2006-01-04] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\RLVoiceUnpacker.dll [2006-01-04] ()
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-04-25]

Chrome:
=======
CHR Profile: C:\Users\diviak\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\diviak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-16]
CHR Extension: (Google Search) - C:\Users\diviak\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-16]
CHR Extension: (AT_Porsche) - C:\Users\diviak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkclphmapdcppbmekmbkcjfanpmoidpg [2011-05-26]
CHR Extension: (No Name) - C:\Users\diviak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcgmidjhhnnjikpigolabhacfngibde [2011-07-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\diviak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\diviak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-10-23]
CHR Extension: (Gmail) - C:\Users\diviak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-16]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
StartMenuInternet: Google Chrome - C:\Users\diviak\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2009-03-31] (Teruten) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
R2 PCToolsSSDMonitorSvc; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2012-02-03] (PC Tools)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 cdrombus; C:\Windows\System32\Drivers\cdrombus.sys [19968 2012-08-22] (Windows (R) Codename Longhorn DDK provider)
S3 DCamUSBEMPIA; C:\Windows\System32\DRIVERS\emDevice.sys [168704 2005-09-08] (eMPIA Technology, Inc.)
S3 FiltUSBEMPIA; C:\Windows\System32\DRIVERS\emFilter.sys [5248 2005-09-08] (eMPIA Technology, Inc.)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-03-31] () [File not signed]
R3 L1E; C:\Windows\System32\DRIVERS\L1E62x86.sys [48640 2009-08-23] (Atheros Communications, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100)
S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [205312 2013-01-16] (QUALCOMM Incorporated)
S3 ScanUSBEMPIA; C:\Windows\System32\DRIVERS\emScan.sys [5120 2005-09-08] (eMPIA Technology, Inc.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1766592 2009-06-06] ()
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [90112 2009-03-20] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14976 2009-03-20] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [121856 2009-03-20] (MCCI Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\diviak\AppData\Local\Temp\catchme.sys [X]
R1 MpKsle6033213; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BABA7280-8A5F-4B54-930B-536416FCAB9F}\MpKsle6033213.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-08 12:20 - 2015-08-08 12:20 - 00016043 _____ C:\Users\diviak\Desktop\FRST.txt
2015-08-08 12:19 - 2015-08-08 12:20 - 00000000 ____D C:\FRST
2015-08-08 12:18 - 2015-08-08 12:18 - 00112640 _____ (forum.viry.cz) C:\Users\diviak\Downloads\FRSTLauncher.exe
2015-08-08 12:18 - 2015-08-08 12:18 - 00112640 _____ (forum.viry.cz) C:\Users\diviak\Desktop\FRSTLauncher.exe
2015-08-08 12:18 - 2015-08-08 12:16 - 01673728 _____ (Farbar) C:\Users\diviak\Desktop\FRST.exe
2015-08-08 12:16 - 2015-08-08 12:16 - 01673728 _____ (Farbar) C:\Users\diviak\Downloads\FRST.exe
2015-08-08 12:16 - 2015-08-08 12:16 - 00112640 _____ (forum.viry.cz) C:\Users\diviak\Downloads\Nepotvrdené 764987.crdownload
2015-08-08 12:15 - 2015-08-08 12:15 - 01107968 _____ C:\Users\diviak\Downloads\RSIT (1).exe
2015-08-08 12:01 - 2015-08-08 12:01 - 00020236 _____ C:\ComboFix.txt
2015-08-08 11:43 - 2015-08-08 10:36 - 05634244 ____R (Swearware) C:\Users\diviak\Desktop\ComboFix.exe
2015-08-08 10:40 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-08 10:40 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-08 10:40 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-08 10:40 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-08 10:40 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-08 10:40 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-08 10:40 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-08 10:40 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-08 10:37 - 2015-08-08 12:01 - 00000000 ____D C:\Qoobox
2015-08-08 10:37 - 2015-08-08 11:52 - 00000000 ____D C:\Windows\erdnt
2015-08-07 16:21 - 2015-08-07 16:21 - 00000000 ____D C:\Users\diviak\AppData\Roaming\HD Tune Pro
2015-08-07 16:21 - 2015-08-07 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro
2015-08-07 16:21 - 2015-08-07 16:21 - 00000000 ____D C:\Program Files\HD Tune Pro
2015-08-07 16:20 - 2015-08-07 16:20 - 02239373 _____ (EFD Software ) C:\Users\diviak\Downloads\hdtunepro_560_trial.exe
2015-08-07 16:13 - 2015-08-07 16:14 - 00511764 _____ C:\Users\diviak\Downloads\openhardwaremonitor-v0.7.1-beta.zip
2015-08-06 16:25 - 2015-08-06 16:25 - 00154387 _____ C:\Users\diviak\Desktop\virus.txt
2015-08-06 11:48 - 2015-08-07 14:39 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-06 11:47 - 2015-08-06 11:47 - 00001064 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-06 11:47 - 2015-08-06 11:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-06 11:47 - 2015-08-06 11:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-06 11:47 - 2015-08-06 11:47 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-08-06 11:47 - 2015-06-18 08:41 - 00094936 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-06 11:47 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-06 11:47 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-06 11:46 - 2015-08-06 11:47 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\diviak\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-06 11:31 - 2015-08-07 10:55 - 00000000 ____D C:\AdwCleaner
2015-08-06 11:30 - 2015-08-06 11:30 - 02248704 _____ C:\Users\diviak\Downloads\adwcleaner_4.208.exe
2015-08-05 11:07 - 2015-08-05 11:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-08-05 10:52 - 2015-08-08 12:15 - 00000000 ____D C:\Program Files\trend micro
2015-08-05 10:52 - 2015-08-05 10:53 - 00000000 ____D C:\rsit
2015-08-05 10:51 - 2015-08-05 10:51 - 01107968 _____ C:\Users\diviak\Downloads\RSIT.exe
2015-08-05 10:44 - 2015-08-05 10:44 - 00614562 _____ C:\Users\diviak\Downloads\WLAN_AW-NE785_PNP_Win7_32_800238.zip
2015-08-05 10:42 - 2015-08-05 10:42 - 00160716 _____ C:\Users\diviak\Downloads\LAN_Athros_Win7_32_10018.zip
2015-08-05 10:40 - 2015-08-05 10:41 - 10606144 _____ C:\Users\diviak\Downloads\WIMAX_YOTA_WIN7_32_120.zip
2015-08-05 10:40 - 2015-08-05 10:40 - 03313470 _____ C:\Users\diviak\Downloads\WLAN_NB290_WIN7_32_530210.zip
2015-08-05 10:38 - 2015-08-05 10:38 - 00614576 _____ C:\Users\diviak\Downloads\Wireless_AW-NE771_PNP_Win7_32_Russia_800238.zip
2015-07-29 07:23 - 2015-07-25 19:51 - 00015808 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-29 07:23 - 2015-07-25 19:47 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-29 07:23 - 2015-07-25 19:47 - 00587264 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-29 07:23 - 2015-07-25 19:46 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-29 07:23 - 2015-07-25 19:46 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-29 07:23 - 2015-07-25 19:46 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-29 07:23 - 2015-07-25 19:46 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-29 07:23 - 2015-07-25 19:40 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-29 07:17 - 2015-07-29 07:17 - 00041534 _____ C:\Users\diviak\Downloads\3879389_1of1.xml.gz
2015-07-29 07:17 - 2015-07-29 07:17 - 00041534 _____ C:\Users\diviak\Downloads\3879389_1of1 (2).xml.gz
2015-07-29 07:17 - 2015-07-29 07:17 - 00041534 _____ C:\Users\diviak\Downloads\3879389_1of1 (1).xml.gz
2015-07-21 17:31 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 17:31 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 17:31 - 2015-07-15 04:55 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 17:31 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 17:31 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-16 20:37 - 2015-06-15 23:47 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-16 20:37 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-16 20:37 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-16 20:37 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-16 20:37 - 2015-06-15 23:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-16 20:37 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-16 20:37 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-16 19:54 - 2015-07-16 19:54 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1d0bff068180956.job
2015-07-15 22:57 - 2015-06-25 10:46 - 02383872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 22:56 - 2015-07-01 22:46 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 22:56 - 2015-07-01 22:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 22:56 - 2015-07-01 22:30 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 22:56 - 2015-07-01 22:30 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 22:56 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 22:56 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 22:56 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 22:56 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 22:56 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 22:56 - 2015-07-01 22:30 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 22:56 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 22:56 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 22:56 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 22:56 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 22:56 - 2015-07-01 22:30 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 22:56 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 22:56 - 2015-07-01 22:29 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 22:56 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 22:56 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 22:56 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 22:56 - 2015-07-01 21:18 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 22:56 - 2015-07-01 21:18 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 22:56 - 2015-07-01 21:18 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 22:55 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 22:55 - 2015-06-17 19:39 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 22:55 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 22:55 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 22:55 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 22:55 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 22:54 - 2015-07-09 19:43 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 22:54 - 2015-07-09 19:43 - 02057216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 22:54 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 22:54 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 22:54 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 22:54 - 2015-07-09 19:43 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 22:54 - 2015-07-09 19:43 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 22:54 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 22:54 - 2015-07-09 19:42 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 22:54 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 22:54 - 2015-07-09 19:42 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 22:54 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 22:54 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 22:54 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 22:54 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 22:54 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 22:54 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 22:54 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 22:54 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 22:54 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 22:44 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 22:44 - 2015-06-19 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 22:44 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 22:44 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 22:44 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 22:44 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 22:44 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 22:44 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 22:44 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 22:44 - 2015-06-19 20:13 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 22:44 - 2015-06-19 20:06 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 22:44 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 22:44 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 22:44 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 22:44 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 22:44 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 22:44 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 22:44 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 22:44 - 2015-06-19 19:40 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 22:44 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 22:44 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 22:44 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 22:43 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 22:43 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-08 12:08 - 2011-05-08 11:47 - 01377099 _____ C:\Windows\WindowsUpdate.log
2015-08-08 12:03 - 2009-07-14 06:34 - 00015504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-08 12:03 - 2009-07-14 06:34 - 00015504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-08 11:55 - 2009-07-14 04:04 - 00000215 _____ C:\Windows\system.ini
2015-08-08 11:54 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-08 11:53 - 2014-01-20 13:40 - 00357820 _____ C:\Windows\PFRO.log
2015-08-08 11:53 - 2014-01-14 21:43 - 00061437 _____ C:\Windows\setupact.log
2015-08-08 11:53 - 2009-07-14 04:03 - 59506688 _____ C:\Windows\system32\config\SOFTWARE.bak
2015-08-08 11:53 - 2009-07-14 04:03 - 44826624 _____ C:\Windows\system32\config\COMPON~1.bak
2015-08-08 11:53 - 2009-07-14 04:03 - 17301504 _____ C:\Windows\system32\config\SYSTEM.bak
2015-08-08 11:53 - 2009-07-14 04:03 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak
2015-08-08 11:53 - 2009-07-14 04:03 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2015-08-08 11:53 - 2009-07-14 04:03 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2015-08-08 11:43 - 2011-05-11 02:20 - 00000000 ____D C:\Users\diviak\AppData\Roaming\Skype
2015-08-08 10:53 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Default
2015-08-08 10:53 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2015-08-08 10:37 - 2011-05-08 12:01 - 00393022 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-07 14:37 - 2011-05-08 15:52 - 00000000 ____D C:\Users\diviak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2015-08-06 12:56 - 2011-05-25 11:36 - 00002383 _____ C:\Users\diviak\Desktop\Google Chrome.lnk
2015-08-06 11:30 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\tracing
2015-08-05 11:54 - 2012-06-12 02:07 - 00442368 ___SH C:\Users\diviak\Desktop\Thumbs.db
2015-08-05 11:07 - 2013-11-14 17:29 - 00002015 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-08-05 11:07 - 2011-10-22 08:14 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-08-04 22:06 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2015-08-04 10:55 - 2014-05-08 10:49 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-22 08:38 - 2009-07-14 06:33 - 00429904 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-17 09:28 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-07-16 22:37 - 2015-04-05 09:11 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-16 22:37 - 2014-12-11 23:22 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 22:37 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\sk-SK
2015-07-16 20:04 - 2014-01-14 13:15 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-16 19:54 - 2009-09-09 00:04 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1ca30d04c6389b8.job
2015-07-15 22:58 - 2013-08-01 08:43 - 00000000 ____D C:\Windows\system32\MRT

==================== Files in the root of some directories =======

2014-01-14 13:05 - 2014-01-17 12:09 - 0000029 _____ () C:\Users\diviak\AppData\Roaming\msplobyv.dat
2014-01-14 13:05 - 2014-01-17 10:03 - 0001641 _____ () C:\Users\diviak\AppData\Roaming\msvlrrym.dat
2011-05-10 23:58 - 2011-05-10 23:58 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2011-10-13 16:41




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:105.59 GB) (Free:40.36 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:192.5 GB) (Free:92.65 GB) NTFS
Drive f: (USB) (Removable) (Total:1.87 GB) (Free:1.7 GB) FAT32

Available physical RAM: 1774.94 MB
Total physical RAM: 3037.09 MB
Percentage of memory in use: 41%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 4F69F71E)
Partition 1: (Active) - (Size=105.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=192.5 GB) - (Type=07 NTFS)
Disk: 1 (Size: 1.9 GB) (Disk ID: 003EFBFB)
Partition 1: (Active) - (Size=1.9 GB) - (Type=0B)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1cd607a4c9a22cb.job => C:\Users\diviak\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000UA.job => C:\Users\diviak\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1ca30d04c6389b8.job => C:\Users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1cf523bb685f195.job => C:\Users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1cf6b9aa7cc50e2.job => C:\Users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1d02f4d4204f075.job => C:\Users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1d043071fb3c688.job => C:\Users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1d0bff068180956.job => C:\Users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for diviak.job => C:\PROGRA~1\NORTON~2\Engine\351~1.8\Nss.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1

==================== Security Center ==================

AV: Microsoft Security Essentials (Disabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Disabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\diviak\Desktop" je 11 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================


FRST Launcher blokuje samotný Chrome, tak som ho stiahol cez Internet Explorer. (HTTPS certifikat a certifikát appky).
Přílohy
Addition.rar
(8.25 KiB) Staženo 42 x
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Pocitac ide pomaly no nie je vytazeny

#19 Příspěvek od Márty84 »

:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-3296201877-1619235930-2648828280-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil10w_ActiveX.exe [243360 2011-09-16] (Adobe Systems, Inc.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3296201877-1619235930-2648828280-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3296201877-1619235930-2648828280-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-3296201877-1619235930-2648828280-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12] (Microsoft Corporation.)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12] (Microsoft Corporation.)

S3 catchme; \??\C:\Users\diviak\AppData\Local\Temp\catchme.sys [X]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]

2015-08-05 11:07 - 2015-08-05 11:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-08-05 11:07 - 2013-11-14 17:29 - 00002015 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1cd607a4c9a22cb.job => C:\Users\diviak\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000UA.job => C:\Users\diviak\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1ca30d04c6389b8.job => C:\Users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1cf523bb685f195.job => C:\Users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1cf6b9aa7cc50e2.job => C:\Users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1d02f4d4204f075.job => C:\Users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1d043071fb3c688.job => C:\Users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1d0bff068180956.job => C:\Users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for diviak.job => C:\PROGRA~1\NORTON~2\Engine\351~1.8\Nss.exe

AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1

Hosts:
EmptyTemp:
Reboot:
End
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
GAMELASTER
Návštěvník
Návštěvník
Příspěvky: 107
Registrován: 13 led 2012 16:53

Re: Pocitac ide pomaly no nie je vytazeny

#20 Příspěvek od GAMELASTER »

Fix result of Farbar Recovery Scan Tool (x86) Version:06-08-2015
Ran by diviak (2015-08-08 12:35:41) Run:1
Running from C:\Users\diviak\Desktop
Loaded Profiles: diviak (Available Profiles: diviak)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-3296201877-1619235930-2648828280-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil10w_ActiveX.exe [243360 2011-09-16] (Adobe Systems, Inc.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3296201877-1619235930-2648828280-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3296201877-1619235930-2648828280-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-3296201877-1619235930-2648828280-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12] (Microsoft Corporation.)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12] (Microsoft Corporation.)

S3 catchme; \??\C:\Users\diviak\AppData\Local\Temp\catchme.sys [X]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]

2015-08-05 11:07 - 2015-08-05 11:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-08-05 11:07 - 2013-11-14 17:29 - 00002015 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1cd607a4c9a22cb.job => C:\Users\diviak\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000UA.job => C:\Users\diviak\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1ca30d04c6389b8.job => C:\Users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1cf523bb685f195.job => C:\Users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1cf6b9aa7cc50e2.job => C:\Users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1d02f4d4204f075.job => C:\Users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1d043071fb3c688.job => C:\Users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1d0bff068180956.job => C:\Users\diviak\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for diviak.job => C:\PROGRA~1\NORTON~2\Engine\351~1.8\Nss.exe

AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-3296201877-1619235930-2648828280-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\FlashPlayerUpdate => value removed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-3296201877-1619235930-2648828280-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value removed successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully.
HKU\S-1-5-21-3296201877-1619235930-2648828280-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-3296201877-1619235930-2648828280-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}" => key removed successfully.
"HKCR\CLSID\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{eec0f710-38b5-4aba-99bf-ec87564a4e13} => value removed successfully.
"HKCR\CLSID\{eec0f710-38b5-4aba-99bf-ec87564a4e13}" => key removed successfully.
catchme => service removed successfully.
AdobeARMservice => service removed successfully.
SkypeUpdate => service removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus => moved successfully.
C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk => moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1cd607a4c9a22cb.job => moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000UA.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1ca30d04c6389b8.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1cf523bb685f195.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1cf6b9aa7cc50e2.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1d02f4d4204f075.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1d043071fb3c688.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3296201877-1619235930-2648828280-1000Core1d0bff068180956.job => moved successfully.
C:\Windows\Tasks\Norton Security Scan for diviak.job => moved successfully.
C:\ProgramData\Temp => ":D1B5B4F1" ADS removed successfully..
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 386 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 12:36:38 ====
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Pocitac ide pomaly no nie je vytazeny

#21 Příspěvek od Márty84 »

:!: Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

:arrow: Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

:arrow:
vyosek píše: :arrow: DelFix https://toolslib.net/downloads/finish/2/
  • Stahnete a spustte
  • Ponechte zatrzitkou pouze u volby Remove disinfection tools
  • Kliknete na Run
:arrow: Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

:arrow: Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




:arrow: Pak napiste, jak to s pc vypada.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
GAMELASTER
Návštěvník
Návštěvník
Příspěvky: 107
Registrován: 13 led 2012 16:53

Re: Pocitac ide pomaly no nie je vytazeny

#22 Příspěvek od GAMELASTER »

Všechno sem udelal až na defrag, protože WiFi přestala zase fungovat. Ukazovalo že je připojena na WiFi, šel sem zde na fórum a zrazu že je odpojena, pozrem ake WiFi tam ukazuje, všechny okrem mé WiFi ukázalo, a asi po 20 vteřin ukázalo že je off. A nedá se zapnout, ani cez Hardware tlačítko. Skoušel sem nainstalovat driver no je ich tam víc na výběr tka sem vybral, no asi to nepomohlo. Když tak noťas: ASUS K50IJ. P.S. Tohle delá i na jiných WiFi. a zvykne to udelat buď po čase nebo když se člověk nekde přihlašuje. Ale celkově kus vidno že jde rychleji, no i tak :/ .

Mimochodem: Asi sem přišel na příčinu pomalého počítače. Nekdo mi říkal že to múže bejt diskem, tak sem nahodil HD Tune Pro a prezrel ho, Error Scan sem zatím nedával, no v Health položce bylo neco warningové:
http://i.imgur.com/EMX94h5.png
Co stím? :/

Díky moc
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Pocitac ide pomaly no nie je vytazeny

#23 Příspěvek od Márty84 »

:???: Ta wifi vypadava pravidelne? Nebo jen obcas?

:arrow: Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
GAMELASTER
Návštěvník
Návštěvník
Příspěvky: 107
Registrován: 13 led 2012 16:53

Re: Pocitac ide pomaly no nie je vytazeny

#24 Příspěvek od GAMELASTER »

Popíšem to v realnom čase:
1) Zapne sa NTB, načíta WiFi, všetko fine
2a) Idem na gmail, napíšem meno heslo, dám odoslať a zrazu, internet je nedostupný (niekedy to spraví niekedy nie)
2b) Chvíľu na NTB sa nič nerobí a potom nič (niekedy to spraví niekedy nie)
3) Odpojí sa z WiFi, ukazuje všetky sieťe okrem tej na ktorej som bol pripojený
4) Po 10 sekundách sa vypne úplne (wifi a X), stláčam hardwarové klávesy na ovládanie wifi no nič to nerobí.
5) Vyrieši to reštart alebo uspatie a prebudenie zo spánku
Naposledy upravil(a) GAMELASTER dne 08 srp 2015 16:51, celkem upraveno 1 x.
Nahoru
GAMELASTER
Návštěvník
Návštěvník
Příspěvky: 107
Registrován: 13 led 2012 16:53

Re: Pocitac ide pomaly no nie je vytazeny

#25 Příspěvek od GAMELASTER »

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x86)
Date : 2015/08/08 17:49:07

-- Controller Map ----------------------------------------------------------
+ Standard AHCI 1.0 Serial ATA Controller [ATA]
+ ATA Channel 0 (0)
- ST9320325AS ATA Device
+ ATA Channel 1 (1)
- Optiarc DVD RW AD-7580S ATA Device

-- Disk List ---------------------------------------------------------------
(1) ST9320325AS : 320,0 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST9320325AS
----------------------------------------------------------------------------
Model : ST9320325AS
Firmware : 0002SDM1
Serial Number : 6VE30ETN
Disk Size : 320,0 GB (8,4/137,4/320,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 6368 hours
Power On Count : 7428 count
Temparature : 31 C (87 F)
Health Status : Caution
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 117 _96 __6 000007D6D05B Read Error Rate
03 _98 _98 __0 000000000000 Spin-Up Time
04 _93 _93 _20 000000001D13 Start/Stop Count
05 _95 _95 _36 000000000069 Reallocated Sectors Count
07 _67 _60 _30 00250AA7AC2E Seek Error Rate
09 _93 _93 __0 0000000018E0 Power-On Hours
0A 100 100 _97 000000000000 Spin Retry Count
0C _93 _37 _20 000000001D04 Power Cycle Count
B8 100 100 _99 000000000000 End-to-End Error
BB _80 _80 __0 000000000014 Reported Uncorrectable Errors
BC 100 _98 __0 0005000500A7 Command Timeout
BD 100 100 __0 000000000000 High Fly Writes
BE _69 _49 _45 00001F1D001F Airflow Temperature
BF 100 100 __0 000000000154 G-Sense Error Rate
C0 100 100 __0 000000000207 Power-off Retract Count
C1 _72 _72 __0 00000000E1CB Load/Unload Cycle Count
C2 _31 _51 __0 000B0000001F Temperature
C3 _67 _58 __0 000007D6D05B Hardware ECC recovered
C5 100 100 __0 000000000000 Current Pending Sector Count
C6 100 100 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
FE 100 100 __0 000000000000 Free Fall Protection

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3656 3656 4533 3045 544E
020: 0000 4000 0004 3030 3032 4D31 4D31 5354 3933 3230
030: 3332 3541 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0407 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0506 0506 0000 0048 0040
080: 01F0 0029 346B 7D09 6123 BC09 BC09 6123 007F 0034
090: 0034 8080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 0000 0000 5000 C500
110: 1B54 70BE 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 EAB0
130: 2542 EAB0 2542 2020 0002 0100 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 001F 001F 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 3C00 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 103B 103B 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 55A5
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Pocitac ide pomaly no nie je vytazeny

#26 Příspěvek od Márty84 »

Je problem s wifi i v nouzovem rezimu s praci v siti?

Ten disk na tom neni dobre. Uz jste delal ten Error Scan s HDTune?
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
GAMELASTER
Návštěvník
Návštěvník
Příspěvky: 107
Registrován: 13 led 2012 16:53

Re: Pocitac ide pomaly no nie je vytazeny

#27 Příspěvek od GAMELASTER »

zapol som safe mode s networking a robí to aj tam. Mám ale pocit že je to hardwarová alebo driverová chyba :/

HD Tune som hodil iba fast scan, ale urobím aj ten normálny.

EDIT: Vyzerá že Drivery vyriešili problém z WiFi asi, lenže teraz sa počítač neskutočne dlho zapína, pozeral som aj boot up applikácie, aj som ich povypínal no nepomohlo, ale to bude asi tým diskom :/ . Robím scan.
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Pocitac ide pomaly no nie je vytazeny

#28 Příspěvek od Márty84 »

Ano, disk muze byt pricina. Trva dlouho i start do nouzoveho rezimu?
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
GAMELASTER
Návštěvník
Návštěvník
Příspěvky: 107
Registrován: 13 led 2012 16:53

Re: Pocitac ide pomaly no nie je vytazeny

#29 Příspěvek od GAMELASTER »

No, tuším že to trvalo dlhšie, skúsim to, ale predsa skúsim znova :-)
Nahoru
GAMELASTER
Návštěvník
Návštěvník
Příspěvky: 107
Registrován: 13 led 2012 16:53

Re: Pocitac ide pomaly no nie je vytazeny

#30 Příspěvek od GAMELASTER »

http://imgur.com/TfBWGHS

Čudné... HD Tune error scan
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“