SOS - ComboFix trvá hodiny

[kupecko]

Zdravím..,

už nějakou dobu se počítač strašně seká, prohlížeč funguje jen po restartu PC a to jen někdy. Procesor jede běžně na 95%...

Pustil jsem combofix a přes večer to došlo pouze k fázi_44...

Zde přikládám log z RSIT

Prosím o kontrolu..:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Kupec at 2014-11-18 09:23:11
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 306 GB (67%) free of 458 GB
Total RAM: 4066 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:23:52, on 18.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe
C:\ComboFix\pev.3XE
C:\ComboFix\PEV.exe
C:\Program Files\trend micro\Kupec.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com/mb201?a=6R8R1dDmhc&i=26
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Kupec\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: DCDhcpService - Atheros Communication Inc. - C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service (ESRV_SVC) - Intel Corporation - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service for Sony (McComponentHostServiceSony) - McAfee, Inc. - C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Intel(R) System Behavior Tracker Collector Service (SampleCollector) - Intel Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: User Energy Server Service (USER_ESRV_SVC) - Intel Corporation - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\vuagent.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 15247 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
"C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
WLIDSvcM.exe 2332
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe" "--AUTO_START" "--start" "--address" "127.0.0.1" "--port" "49265" "--depend_on_service" "SampleCollector" "--depend_on_service_start_state_not" "disabled" "--time_in_ms" "--pause" "5000" "--library" "C:\Program Files\Sony\VAIO Care\ESRV\intel_modeler.dll" "--no_pl" "--watchdog" "10" "--watchdog_cpu_usage_limit" "50" "--end_on_error" "--kernel_priority_boost" "--shutdown_priority_boost" "--device_options" " time=no output=w output_folder='C:\ProgramData\Sony Corporation\VAIO Care\inteldata' limit_output_by=time output_limit=3600000 output_buffer=1024 il='C:\Program Files\Sony\VAIO Care\ESRV\sony_acpi_battery_input.dll' il='C:\Program Files\Sony\VAIO Care\ESRV\sony_sema_thermal_input.dll' il='C:\Program Files\Sony\VAIO Care\ESRV\sony_wifi_input.dll' "
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=10000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1" "/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\%C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=C:\ProgramData\Sony Corporation\VAIO Care\inteldata"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe"
"C:\Program Files\Sony\VAIO Smart Network\VSNService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
/Device:00003da1
C:\Windows\system32\DllHost.exe /Processid:{B32DAC50-97B2-4BF7-A8DB-418294621529}
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SONYAPO
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Program Files\Sony\VAIO Care/listener.exe /silent /slot=0
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe" /RunCurUs
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
PEV -k CSCRIPT.exe
PEV -k CSCRIPT.3XE
"C:\ComboFix\CF23411.3XE" /k c.bat
\??\C:\Windows\system32\conhost.exe "733050053-239667745906919761127987996953847636918059355331210928698-1868853270
CF23411.3XE /D /C List-C.bat
PEV -k NIRKMD.3XE
PEV.exe -k *.3XE and not C:\ComboFix\CF23411.3XE
\??\C:\Windows\system32\conhost.exe "-7905283531323602246-1678776010-1748376357-1859797113-170182852-1770942806-1124623188
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-94523bf5-1876-476f-8a01-f04d18468c48 -SystemEventPortName:HostProcess-38a58e42-ca33-4836-9116-6dda23cb8e3e -IoCancelEventPortName:HostProcess-2563bc75-3aa0-4eba-8a7a-dc5f1992cd6e -NonStateChangingEventPortName:HostProcess-382f5ac9-da34-4e32-9506-e91567a6d245 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6726fa59-aded-45e8-9aea-d1fa50bde7dd -DeviceGroupId:WpdFsGroup
wmiadap.exe /R /T
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Kupec\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf8ac8a5d92c9.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0007484681db4.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3997636886-3835547035-627565907-1001Core1cf8a5269751367.job - C:\Users\Kupec\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3997636886-3835547035-627565907-1001Core1cfeb0657b56637.job - C:\Users\Kupec\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3997636886-3835547035-627565907-1001Core1d00074dc836c17.job - C:\Users\Kupec\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3997636886-3835547035-627565907-1001UA.job - C:\Users\Kupec\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Opera scheduled Autoupdate 1416252720.job - C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-07-15 2486592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-10-22 218776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-05-29 581824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2013-09-13 878296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2014-10-14 2334928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-06-02 75656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-10-22 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-02-23 51872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-29 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL [2013-09-13 705240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-10-17 669504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL [2014-10-14 1729752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-04-06 1381744]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-02-23 1020576]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-03-13 2885904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2014-11-12 1940160]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320]
"Google Update"=C:\Users\Kupec\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-02 116648]
"Advanced SystemCare 7"=C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2013-11-11 2283808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24 21650016]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-02-10 343168]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-11-29 284440]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-02-22 291608]
"PMBVolumeWatcher"=c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2012-02-21 693608]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2013-04-02 1282632]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2013-02-19 453736]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-08 3890208]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2014-08-13 137352]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"VIDC.XFR1"=xfcodec64.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-11-17 21:47:04 ----SD---- C:\ComboFix
2014-11-17 21:39:24 ----SD---- C:\32788R22FWJFW
2014-11-17 20:56:46 ----D---- C:\AdwCleaner
2014-11-15 02:35:48 ----D---- C:\Program Files (x86)\GUM9BE8.tmp
2014-11-14 14:03:27 ----D---- C:\Program Files (x86)\Check Point Software Technologies LTD
2014-11-14 14:03:25 ----D---- C:\Users\Kupec\AppData\Roaming\Check Point Software Technologies LTD
2014-11-14 14:03:20 ----D---- C:\Program Files (x86)\CheckPoint
2014-11-14 14:02:47 ----D---- C:\ProgramData\CheckPoint
2014-11-12 17:11:47 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-12 17:11:47 ----A---- C:\Windows\system32\msi.dll
2014-11-12 17:11:35 ----A---- C:\Windows\system32\generaltel.dll
2014-11-12 17:11:35 ----A---- C:\Windows\system32\aepdu.dll
2014-11-12 17:11:31 ----A---- C:\Windows\system32\aeinv.dll
2014-11-12 17:11:12 ----A---- C:\Windows\system32\termsrv.dll
2014-11-12 17:11:11 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-12 17:11:10 ----A---- C:\Windows\system32\adtschema.dll
2014-11-12 17:11:09 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-12 17:11:09 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-12 17:11:06 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-12 17:11:06 ----A---- C:\Windows\system32\msaudite.dll
2014-11-12 17:11:05 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-11-12 17:11:04 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-11-12 17:10:38 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-12 17:10:38 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-11-12 17:10:38 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-11-12 17:10:38 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-11-12 17:10:37 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-12 17:10:37 ----A---- C:\Windows\system32\iernonce.dll
2014-11-12 17:10:37 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-12 17:10:36 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-12 17:10:36 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-12 17:10:35 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-12 17:10:35 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-12 17:10:35 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 17:10:34 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-12 17:10:34 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-12 17:10:31 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-12 17:10:31 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-11-12 17:10:30 ----A---- C:\Windows\system32\urlmon.dll
2014-11-12 17:10:30 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-12 17:10:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-12 17:10:28 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-11-12 17:10:28 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 17:10:27 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-12 17:10:27 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-11-12 17:10:27 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-12 17:10:27 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 17:10:26 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-11-12 17:10:26 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-12 17:10:26 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-12 17:10:25 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-12 17:10:24 ----A---- C:\Windows\system32\iesetup.dll
2014-11-12 17:10:24 ----A---- C:\Windows\system32\ieapfltr.dll
2014-11-12 17:10:20 ----A---- C:\Windows\system32\iertutil.dll
2014-11-12 17:10:18 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-11-12 17:10:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-12 17:10:17 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-12 17:10:17 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-11-12 17:10:17 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-12 17:10:17 ----A---- C:\Windows\system32\ieUnatt.exe
2014-11-12 17:10:16 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-11-12 17:10:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-12 17:10:12 ----A---- C:\Windows\system32\ieui.dll
2014-11-12 17:10:12 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-12 17:10:11 ----A---- C:\Windows\system32\ieframe.dll
2014-11-12 17:10:10 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-11-12 17:10:10 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-12 17:10:10 ----A---- C:\Windows\system32\jscript9diag.dll
2014-11-12 17:10:09 ----A---- C:\Windows\system32\vbscript.dll
2014-11-12 17:10:09 ----A---- C:\Windows\system32\jscript9.dll
2014-11-12 17:10:08 ----A---- C:\Windows\system32\wininet.dll
2014-11-12 17:10:07 ----A---- C:\Windows\system32\msrating.dll
2014-11-12 17:10:07 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-11-12 17:10:06 ----A---- C:\Windows\system32\mshtml.dll
2014-11-12 17:08:22 ----A---- C:\Windows\system32\msxml3.dll
2014-11-12 17:08:21 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-12 17:08:19 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-11-12 17:08:19 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-12 17:08:00 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-12 17:07:59 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2014-11-12 17:07:54 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-11-12 17:07:54 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-12 17:07:53 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-12 17:07:53 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-12 17:07:52 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-11-12 17:07:52 ----A---- C:\Windows\system32\EncDump.dll
2014-11-12 17:07:52 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-12 17:07:51 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-11-12 17:07:48 ----A---- C:\Windows\system32\schannel.dll
2014-11-12 17:07:47 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-12 17:07:47 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-12 17:07:46 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-11-12 17:07:45 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-12 17:07:44 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-11-12 17:07:44 ----A---- C:\Windows\system32\kerberos.dll
2014-11-12 17:07:43 ----A---- C:\Windows\system32\wdigest.dll
2014-11-12 17:07:43 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-12 17:07:42 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-11-12 17:07:42 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-11-12 17:07:42 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-12 17:07:40 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-11-12 17:07:40 ----A---- C:\Windows\system32\credssp.dll
2014-11-12 17:06:58 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-12 17:06:58 ----A---- C:\Windows\system32\packager.dll
2014-11-12 17:06:56 ----A---- C:\Windows\system32\win32k.sys
2014-11-12 17:05:27 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-12 17:05:26 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-06 09:06:45 ----A---- C:\Windows\system32\drivers\hssdrv6.sys
2014-11-06 09:04:52 ----D---- C:\ProgramData\Hotspot Shield
2014-11-06 09:04:39 ----D---- C:\Program Files (x86)\Hotspot Shield
2014-10-21 18:15:12 ----D---- C:\ProgramData\Protexis64
2014-10-21 18:15:05 ----D---- C:\Users\Kupec\AppData\Roaming\Corel
2014-10-21 18:03:14 ----D---- C:\Program Files\Common Files\Corel
2014-10-21 17:57:59 ----D---- C:\ProgramData\Corel
2014-10-21 17:55:17 ----D---- C:\ProgramData\CorelDRAW Graphics Suite X7 x64

======List of files/folders modified in the last 1 month======

2014-11-18 09:23:52 ----D---- C:\Program Files\trend micro
2014-11-18 09:23:43 ----D---- C:\Windows\temp
2014-11-18 08:02:21 ----D---- C:\Windows\system32\config
2014-11-18 07:20:05 ----SHD---- C:\System Volume Information
2014-11-17 23:26:42 ----D---- C:\Windows\SYSWOW64\drivers
2014-11-17 23:26:42 ----D---- C:\Windows\SysWOW64
2014-11-17 23:26:42 ----D---- C:\Windows\AppPatch
2014-11-17 23:26:42 ----D---- C:\Windows
2014-11-17 23:26:40 ----D---- C:\Program Files (x86)\Common Files
2014-11-17 22:08:44 ----D---- C:\Program Files (x86)\Steam
2014-11-17 22:08:40 ----D---- C:\Windows\system32\catroot2
2014-11-17 22:08:40 ----D---- C:\Windows\inf
2014-11-17 21:48:22 ----D---- C:\Qoobox
2014-11-17 21:41:43 ----D---- C:\Windows\system32\drivers
2014-11-17 21:22:50 ----D---- C:\Users\Kupec\AppData\Roaming\uTorrent
2014-11-17 21:20:59 ----D---- C:\Windows\SoftwareDistribution
2014-11-17 21:20:02 ----A---- C:\Windows\SYSWOW64\log.txt
2014-11-17 21:18:39 ----D---- C:\ProgramData\ProductData
2014-11-17 21:13:47 ----D---- C:\Config.Msi
2014-11-17 21:01:50 ----RD---- C:\Program Files (x86)
2014-11-17 21:01:44 ----D---- C:\ProgramData
2014-11-17 20:32:11 ----D---- C:\Users\Kupec\AppData\Roaming\Opera Software
2014-11-17 20:32:06 ----D---- C:\Program Files (x86)\Opera
2014-11-17 20:32:05 ----D---- C:\Windows\Tasks
2014-11-16 16:00:05 ----RD---- C:\Program Files
2014-11-16 16:00:04 ----SHD---- C:\Windows\Installer
2014-11-16 15:59:12 ----D---- C:\Program Files\Common Files
2014-11-16 15:56:19 ----RSD---- C:\Windows\assembly
2014-11-16 15:56:12 ----D---- C:\Windows\System32
2014-11-15 22:00:25 ----D---- C:\Program Files (x86)\QuadCoreM2
2014-11-15 13:04:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-15 03:04:53 ----D---- C:\ProgramData\Microsoft Help
2014-11-14 14:06:29 ----D---- C:\Windows\system32\catroot
2014-11-14 14:06:28 ----D---- C:\Windows\system32\DriverStore
2014-11-14 14:03:25 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-11-14 08:51:38 ----D---- C:\Users\Kupec\AppData\Roaming\TS3Client
2014-11-13 10:05:44 ----D---- C:\Windows\Microsoft.NET
2014-11-13 08:10:00 ----D---- C:\Windows\winsxs
2014-11-13 08:04:17 ----SD---- C:\Windows\system32\CompatTel
2014-11-13 08:04:14 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-13 08:04:13 ----D---- C:\Windows\system32\cs-CZ
2014-11-13 08:04:12 ----D---- C:\Program Files\Internet Explorer
2014-11-13 08:04:10 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-13 08:04:06 ----D---- C:\Windows\system32\en-US
2014-11-13 08:04:00 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-12 23:03:26 ----A---- C:\Windows\win.ini
2014-11-12 23:00:35 ----D---- C:\Windows\system32\MRT
2014-11-12 22:55:04 ----A---- C:\Windows\system32\MRT.exe
2014-11-10 13:23:32 ----D---- C:\Windows\Prefetch
2014-11-06 09:04:17 ----D---- C:\Program Files\CyberGhost 5
2014-11-04 14:30:58 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-30 16:42:16 ----D---- C:\Windows\system32\Tasks
2014-10-30 08:04:10 ----D---- C:\Program Files (x86)\Hearthstone
2014-10-26 11:03:21 ----D---- C:\Update
2014-10-25 10:46:50 ----D---- C:\Program Files (x86)\Battle.net
2014-10-21 18:07:21 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-10-21 18:05:53 ----D---- C:\ProgramData\Package Cache
2014-10-21 17:58:33 ----RSD---- C:\Windows\Fonts
2014-10-20 13:41:07 ----D---- C:\Windows\rescache
2014-10-20 08:14:04 ----D---- C:\Users\Kupec\AppData\Roaming\DAEMON Tools Lite
2014-10-19 16:10:24 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-10-19 15:58:19 ----D---- C:\ProgramData\Sony Corporation
2014-10-19 15:57:54 ----D---- C:\Fraps
2014-10-19 15:57:51 ----D---- C:\Program Files\Sony

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-05-29 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-05-29 208416]
R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys [2012-04-07 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\drivers\iusb3hcs.sys [2012-02-22 16152]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-10-30 21136]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-05-29 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-05-29 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-05-29 423240]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2014-01-22 64288]
R1 HssDRV6;Hotspot Shield Routing Driver 6; C:\Windows\system32\DRIVERS\hssdrv6.sys [2014-05-17 44744]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2014-08-13 450456]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-05-29 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-05-29 79184]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-03-13 10732032]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-03-13 328192]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2014-04-06 3979776]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2014-04-06 94208]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\drivers\btath_bus.sys [2012-02-23 30368]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-01-11 283200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-05-26 3872984]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\drivers\iusb3hub.sys [2012-02-22 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\drivers\iusb3xhc.sys [2012-02-22 787736]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-03-19 99288]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2014-03-19 359128]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-03-19 888536]
R3 semav6thermal64ro;semav6thermal64ro; \??\C:\Windows\system32\drivers\semav6thermal64ro.sys [2014-04-19 13792]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\drivers\SFEP.sys [2012-01-16 14336]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\drivers\SynTP.sys [2012-03-13 425232]
R3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2014-05-17 42184]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-05-29 85328]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2012-02-23 36000]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2012-02-23 51872]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2012-02-23 339616]
S3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2012-02-23 110752]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\drivers\btath_hcrp.sys [2012-02-23 167584]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2012-02-23 68256]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\drivers\btath_rcp.sys [2012-02-23 280992]
S3 BTATH_VDP;Bluetooth VDP Driver; C:\Windows\system32\drivers\btath_vdp.sys [2012-02-23 421664]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2012-02-23 550560]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthMtpEnum;Modul pro výčet zařízení Bluetooth MTP; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [2009-07-14 64512]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2012-02-24 80384]
S3 catchme;catchme; C:\Windows\system32\drivers\catchme.sys []
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
S3 EagleX64;EagleX64; C:\Windows\system32\drivers\EagleX64.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 lehidmini;Bluetooth Low Energy Hid Device; C:\Windows\system32\drivers\leath_hid.sys [2012-02-23 36128]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SmbDrv;SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [2012-03-13 21264]
S3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-10-25 878368]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-02-23 106144]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-05-29 50344]
R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 ESRV_SVC;Energy Server Service; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2013-11-01 377768]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-02-08 2429544]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-03-13 128280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-13 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-03-13 277784]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-02-21 473960]
R2 SampleCollector;Intel(R) System Behavior Tracker Collector Service; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2013-11-01 266168]
R2 uCamMonitor;CamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-13 363800]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe [2012-03-07 65464]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2014-08-13 3596752]
R2 VSNService;VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2013-07-03 967256]
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-03-13 235520]
S2 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-09 116648]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-12-02 2151232]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 DCDhcpService;DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [2012-03-21 112256]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-09 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-06 114688]
S3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [2013-10-16 235216]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-01 178824]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 SOHCImp;VAIO Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2012-01-06 138392]
S3 SOHDs;VAIO Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2012-01-06 74904]
S3 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-01 289952]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-11-12 833728]
S3 USER_ESRV_SVC;User Energy Server Service; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2013-11-01 377768]
S3 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2012-01-10 535688]
S3 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-12-29 960160]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-12-21 550128]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-12-21 382720]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-08-26 101600]
S3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2014-02-20 60504]
S3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [2014-02-28 1642544]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-03 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

DĚKUJI
K.

[vyosek]

Zdravim

Co se tyce ComboFixu, ktery jste pouzil, tak na zaklade licence a pravidel fora ptam, umite s nim pracovat (spusteni, rozlusteni logu, napsani skriptu)

Licencni podminky ComboFixu hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"


Nebezpeci CFka

• Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
• Maze stopy po haveti, takze v logu z RSIT neni nic videt
• Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
• CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
• CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal

[kupecko]

Při použiti CF jsem pod dohledem bratra, který s ním má patřičné zkušenosti.
Dobře, dám na Vaše rady !

[vyosek]

Ja toho zatim moc neporadil

Odinstalujte Advanced SystemCare a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[kupecko]

Iobit apps toolbar 9.7 za žádnou cenu nejde odstranit. Prosím o nějakou radu jak odstranit tento nechtěný produkt?

[vyosek]

Odpalime ho rucne, pokracujte Zoek-em

[kupecko]

Zde přidávám ZOEK -


Zoek.exe v5.0.0.0 Updated 16-November-2014
Tool run by Kupec on út 18.11.2014 at 11:05:28,01.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Kupec\Desktop\zoek\zoek.com [Scan all users] [Script inserted]

==== System Restore Info ======================

18.11.2014 11:07:33 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3997636886-3835547035-627565907-1001\Software\Microsoft\Internet Explorer\SearchScopes\{D5AA104D-0116-420C-BFEE-F761050D9C35} deleted successfully
HKEY_USERS\S-1-5-21-3997636886-3835547035-627565907-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-3997636886-3835547035-627565907-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-3997636886-3835547035-627565907-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_USERS\S-1-5-21-3997636886-3835547035-627565907-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_USERS\S-1-5-21-3997636886-3835547035-627565907-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} deleted successfully
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} deleted successfully
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} deleted successfully
HKEY_USERS\S-1-5-21-3997636886-3835547035-627565907-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} deleted successfully
HKEY_USERS\S-1-5-21-3997636886-3835547035-627565907-1001\Software\Classes\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3997636886-3835547035-627565907-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-3997636886-3835547035-627565907-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\S-1-5-21-3997636886-3835547035-627565907-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully
HKEY_USERS\S-1-5-21-3997636886-3835547035-627565907-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully
HKEY_USERS\S-1-5-21-3997636886-3835547035-627565907-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\CorelDRAW Graphics Suite X7 x64 deleted
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\PROGRA~2\GUM9BE8.tmp deleted
C:\PROGRA~2\Check Point Software Technologies LTD deleted
C:\PROGRA~2\Hotspot Shield deleted
C:\user.js deleted
C:\Users\Kupec\AppData\Roaming\Thinstall deleted
C:\PROGRA~3\Hotspot Shield deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Kupec\AppData\Local\Thinstall deleted
C:\Users\Kupec\AppData\LocalLow\ADSRemoval deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\SysWow64\AI_RecycleBin deleted
"C:\Windows\Installer\2ebbf0a7.msi" deleted
"C:\Users\Kupec\AppData\Local\LumaEmu" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [18.11.2014 11:00]

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[18.11.2014 10:58]


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://mystart.incredibar.com/mb201?a=6R8R1dDmhc&i=26"
"Search Page"="http://www.google.com/search?q={searchT ... d=ie7&rlz="
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://search.zonealarm.com/?src=nt&tbi ... tsId=&ver=&"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://search.zonealarm.com/?src=nt&tbi ... tsId=&ver=&"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{9AEDA2C6-2D27-4E07-ADB1-5D1757BE7F77}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... d=ie7&rlz="
{9AEDA2C6-2D27-4E07-ADB1-5D1757BE7F77} Search By ZoneAlarm Url="http://search.zonealarm.com/search?src= ... er=&&r=302"
{BE20EB80-9EC3-4962-8298-984BCC1285C6} eBay Url="http://rover.ebay.com/rover/1/14361-113 ... earchTerms}"

==== Reset Google Chrome ======================

C:\Users\Kupec\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Kupec\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Kupec\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Kupec\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\903C920E1244B01498A0032D8E8ED2C0 deleted successfully
HKEY_CURRENT_USER\Software\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E029C309-4421-410B-890A-30D2E8E82D0C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\903C920E1244B01498A0032D8E8ED2C0 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kupec\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kupec\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Kupec\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Kupec\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=148 folders=132 30150536 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Kupec\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Kupec\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Kupec\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\TDE2RE6N\fbstatic-a.akamaihd.net" not found

==== EOF on út 18.11.2014 at 11:39:51,00 ======================

[vyosek]

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[kupecko]

zde je report adwcleaneru

# AdwCleaner v4.101 - Report created 18/11/2014 at 11:55:44
# Updated 09/11/2014 by Xplode
# Database : 2014-11-16.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Kupec - KUPECPC
# Running from : C:\Users\Kupec\Desktop\adwcleaner_4.101.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\iolo
Folder Deleted : C:\Users\Kupec\AppData\Roaming\iolo
File Deleted : C:\Windows\System32\log\iSafeKrnlCall.log

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9AEDA2C6-2D27-4E07-ADB1-5D1757BE7F77}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Google Chrome v


-\\ Chromium v


-\\ Opera v25.0.1614.71


*************************

AdwCleaner[R1].txt - [1152 octets] - [18/11/2014 11:54:09]
AdwCleaner[S1].txt - [968 octets] - [18/11/2014 11:55:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1027 octets] ##########

[vyosek]

Dejte log FRST.txt i Addition.txt dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

[kupecko]

Zde report FRST a v příloze Addition

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-11-2014
Ran by Kupec (administrator) on KUPECPC on 18-11-2014 12:17:10
Running from C:\Users\Kupec\Desktop
Loaded Profile: Kupec (Available profiles: Kupec)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(forum.viry.cz) C:\Users\Kupec\Desktop\FRSTLauncher (2).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-04-06] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1020576 2012-02-23] (Atheros Communications)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2885904 2012-03-13] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2012-02-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-22] (Intel Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [693608 2012-02-21] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282632 2013-04-02] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5225064 2014-11-18] (AVAST Software)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-08-13] (Check Point Software Technologies Ltd.)
HKU\S-1-5-21-3997636886-3835547035-627565907-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1940160 2014-11-12] (Valve Corporation)
HKU\S-1-5-21-3997636886-3835547035-627565907-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKU\S-1-5-21-3997636886-3835547035-627565907-1001\...\Run: [Google Update] => C:\Users\Kupec\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-02] (Google Inc.)
HKU\S-1-5-18\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3997636886-3835547035-627565907-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://sony.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-3997636886-3835547035-627565907-1001 -> DefaultScope {9AEDA2C6-2D27-4E07-ADB1-5D1757BE7F77} URL =
SearchScopes: HKU\S-1-5-21-3997636886-3835547035-627565907-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3997636886-3835547035-627565907-1001 -> {BE20EB80-9EC3-4962-8298-984BCC1285C6} URL = http://rover.ebay.com/rover/1/14361-113 ... earchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3997636886-3835547035-627565907-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Kupec\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3997636886-3835547035-627565907-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Kupec\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3997636886-3835547035-627565907-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kupec\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-16]

Chrome:
=======
CHR Profile: C:\Users\Kupec\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Peněženka Google) - C:\Users\Kupec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-18]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2012-02-23] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-18] (AVAST Software)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [112256 2012-03-21] (Atheros Communication Inc.)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-13] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-03-13] (Intel Corporation)
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
R2 PMBDeviceInfoProvider; c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [473960 2012-02-21] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-01] (Intel Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [960160 2011-12-29] (Sony Corporation)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3596752 2014-08-13] (Check Point Software Technologies Ltd.)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2014-08-13] (Check Point Software Technologies, Ltd.)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-02-23] (Atheros) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-18] ()
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-18] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-18] ()
S3 BTATH_VDP; C:\Windows\System32\drivers\btath_vdp.sys [421664 2012-02-23] (Atheros)
S3 BthMtpEnum; C:\Windows\System32\DRIVERS\BthMtpEnum.sys [64512 2009-07-14] (Microsoft Corporation)
S3 catchme; No ImagePath
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-11] (DT Soft Ltd)
S3 EagleX64; No ImagePath
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
S3 lehidmini; C:\Windows\system32\drivers\leath_hid.sys [36128 2012-02-23] (Atheros)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2014-03-19] (Intel Corporation)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-04-19] ()
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [21264 2012-03-13] (Synaptics Incorporated)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450456 2014-08-13] (Check Point Software Technologies Ltd.)
S3 XFDriver64; No ImagePath
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-18 12:17 - 2014-11-18 12:18 - 00020670 _____ () C:\Users\Kupec\Desktop\FRST.txt
2014-11-18 12:16 - 2014-11-18 12:17 - 00000000 ____D () C:\FRST
2014-11-18 12:16 - 2014-11-18 12:13 - 00112640 _____ (forum.viry.cz) C:\Users\Kupec\Desktop\FRSTLauncher (2).exe
2014-11-18 12:14 - 2014-11-18 12:12 - 02117120 _____ (Farbar) C:\Users\Kupec\Desktop\FRST64.exe
2014-11-18 12:02 - 2014-11-18 12:02 - 00001107 _____ () C:\Users\Kupec\Desktop\AdwCleaner[S1].txt
2014-11-18 11:54 - 2014-11-18 11:55 - 00000000 ____D () C:\AdwCleaner
2014-11-18 11:53 - 2014-11-18 11:53 - 02140160 _____ () C:\Users\Kupec\Desktop\adwcleaner_4.101.exe
2014-11-18 11:44 - 2014-11-18 11:44 - 00011762 _____ () C:\Users\Kupec\Desktop\zoek-results.txt
2014-11-18 11:34 - 2014-11-18 11:56 - 00013488 _____ () C:\Windows\PFRO.log
2014-11-18 11:34 - 2014-02-13 23:59 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-11-18 11:07 - 2014-11-18 11:39 - 00011762 _____ () C:\zoek-results.log
2014-11-18 11:05 - 2014-11-18 11:27 - 00000000 ____D () C:\zoek_backup
2014-11-18 11:01 - 2014-11-18 11:01 - 00001964 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-18 11:00 - 2014-11-18 10:59 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-18 10:59 - 2014-11-18 10:59 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-18 10:41 - 2014-11-18 11:55 - 00000000 ____D () C:\Windows\system32\log
2014-11-18 10:37 - 2014-11-18 11:59 - 00000168 _____ () C:\Windows\setupact.log
2014-11-18 10:37 - 2014-11-18 10:37 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-17 21:47 - 2014-11-18 07:53 - 00000000 ___SD () C:\ComboFix
2014-11-17 21:39 - 2014-11-17 21:47 - 00000000 ___SD () C:\32788R22FWJFW
2014-11-17 20:32 - 2014-11-18 10:49 - 00000394 _____ () C:\Windows\Tasks\Opera scheduled Autoupdate 1416252720.job
2014-11-17 20:32 - 2014-11-17 20:32 - 00001135 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-11-17 20:32 - 2014-11-17 20:32 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-11-17 20:23 - 2014-11-17 20:23 - 00000000 __SHD () C:\Users\Kupec\AppData\Local\EmieBrowserModeList
2014-11-17 20:17 - 2014-11-17 20:17 - 00619024 _____ (Opera Software) C:\Users\Kupec\Desktop\Opera_NI_stable.exe
2014-11-17 12:48 - 2014-11-17 13:08 - 00000000 ____D () C:\Users\Kupec\Downloads\The.Walking.Dead.S05E06.HDTV.x264-KILLERS[ettv]
2014-11-15 13:02 - 2014-11-15 13:03 - 00000000 ____D () C:\Users\Kupec\Desktop\Switch-bot
2014-11-15 02:38 - 2014-11-15 02:38 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3997636886-3835547035-627565907-1001Core1d00074dc836c17.job
2014-11-15 02:36 - 2014-11-15 02:36 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0007484681db4.job
2014-11-14 14:06 - 2014-11-14 14:07 - 00431395 _____ () C:\Windows\system32\Drivers\vsconfig.xml
2014-11-14 14:06 - 2014-11-14 14:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2014-11-14 14:03 - 2014-11-14 14:06 - 00000000 ____D () C:\Program Files (x86)\CheckPoint
2014-11-14 14:03 - 2014-11-14 14:03 - 00000000 ____D () C:\Users\Kupec\AppData\Roaming\Check Point Software Technologies LTD
2014-11-14 14:02 - 2014-11-14 14:02 - 00000000 ____D () C:\ProgramData\CheckPoint
2014-11-12 17:11 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 17:11 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 17:11 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 17:11 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 17:11 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 17:11 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 17:11 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 17:11 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 17:11 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 17:11 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 17:11 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 17:11 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 17:11 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 17:11 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 17:10 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 17:10 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 17:10 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 17:10 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 17:10 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 17:10 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 17:10 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 17:10 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 17:10 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 17:10 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 17:10 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 17:10 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 17:10 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 17:10 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 17:10 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 17:10 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 17:10 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 17:10 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 17:10 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 17:10 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 17:10 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 17:10 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 17:10 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 17:10 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 17:10 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 17:10 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 17:10 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 17:10 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 17:10 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 17:10 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 17:10 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 17:10 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 17:10 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 17:10 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 17:10 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 17:10 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 17:10 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 17:10 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 17:10 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 17:10 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 17:10 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 17:10 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 17:10 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 17:10 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 17:10 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 17:10 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 17:10 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 17:10 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 17:10 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 17:10 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 17:10 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 17:10 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 17:10 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 17:10 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 17:10 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 17:10 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 17:08 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 17:08 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 17:08 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 17:08 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 17:08 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 17:07 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 17:07 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 17:07 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 17:07 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 17:07 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 17:07 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 17:07 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 17:07 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 17:07 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-12 17:07 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 17:07 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 17:07 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 17:07 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 17:07 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 17:07 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 17:07 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-12 17:07 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 17:07 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 17:07 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 17:07 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 17:07 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 17:07 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 17:07 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 17:06 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 17:06 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 17:06 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 17:05 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 17:05 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-10 10:14 - 2014-11-10 20:22 - 00000000 ____D () C:\Users\Kupec\Downloads\The Walking Dead S05E05 HDTV x264-KILLERS[ettv]
2014-11-06 09:06 - 2014-05-17 03:35 - 00044744 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys
2014-11-03 21:16 - 2014-11-03 21:41 - 00000000 ____D () C:\Users\Kupec\Downloads\The Walking Dead S05E04 HDTV x264-KILLERS[ettv]
2014-10-29 11:46 - 2014-11-17 17:13 - 00000000 ____D () C:\Users\Kupec\Desktop\Nether-World
2014-10-27 15:06 - 2014-10-27 15:10 - 00000000 ____D () C:\Users\Kupec\Downloads\The Walking Dead S05E03 HDTV x264-ASAP[ettv]
2014-10-26 09:38 - 2014-10-26 09:38 - 00000000 _____ () C:\asc_rdflag
2014-10-25 18:31 - 2014-10-25 18:31 - 00000221 _____ () C:\Users\Kupec\Desktop\PAYDAY The Heist.url
2014-10-23 07:16 - 2014-10-23 07:16 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf8ac8a5d92c9
2014-10-21 21:30 - 2014-10-21 21:30 - 00000000 ____D () C:\Users\Kupec\Documents\Corel Nejaky Shity
2014-10-21 18:28 - 2014-10-21 18:28 - 00000000 ____D () C:\Users\Kupec\Documents\My Palettes
2014-10-21 18:15 - 2014-10-21 21:18 - 00000000 ____D () C:\Users\Kupec\AppData\Roaming\Corel
2014-10-21 18:15 - 2014-10-21 18:15 - 00000000 ____D () C:\Users\Kupec\Documents\Corel
2014-10-21 18:15 - 2014-10-21 18:15 - 00000000 ____D () C:\ProgramData\Protexis64
2014-10-21 17:57 - 2014-11-16 15:59 - 00000000 ____D () C:\ProgramData\Corel
2014-10-21 15:28 - 2014-10-21 15:31 - 00000000 ____D () C:\Users\Kupec\Downloads\Corel Draw X7 [32-64]
2014-10-20 07:15 - 2014-10-20 13:40 - 00000000 ____D () C:\Users\Kupec\Downloads\[R.G. Mechanics] Doom 3 BFG Edition
2014-10-19 15:58 - 2014-10-19 15:58 - 00001141 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-18 12:17 - 2012-06-02 08:44 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-18 12:08 - 2009-07-14 05:45 - 00028576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-18 12:08 - 2009-07-14 05:45 - 00028576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-18 12:05 - 2012-09-02 17:46 - 01461365 _____ () C:\Windows\WindowsUpdate.log
2014-11-18 12:01 - 2013-08-09 18:06 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-18 12:00 - 2014-06-18 08:36 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8ac8a5d92c9.job
2014-11-18 12:00 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-18 11:47 - 2012-09-02 18:04 - 00000000 ____D () C:\Update
2014-11-18 11:41 - 2012-11-16 17:44 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-18 11:00 - 2014-03-18 22:46 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-11-18 11:00 - 2013-05-05 21:22 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-18 11:00 - 2012-11-16 17:44 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-11-18 10:59 - 2014-05-29 07:27 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-18 10:59 - 2013-05-05 21:22 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-18 10:59 - 2012-11-16 17:44 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-18 10:59 - 2012-11-16 17:44 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-11-18 10:58 - 2012-11-16 17:44 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-18 10:57 - 2013-08-22 18:31 - 04450816 ___SH () C:\Users\Kupec\Desktop\Thumbs.db
2014-11-18 10:49 - 2014-05-15 18:14 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-11-18 10:17 - 2014-10-08 15:34 - 00000000 ____D () C:\Program Files (x86)\PMlabs
2014-11-18 09:25 - 2011-12-07 02:39 - 00669116 _____ () C:\Windows\system32\perfh005.dat
2014-11-18 09:25 - 2011-12-07 02:39 - 00141744 _____ () C:\Windows\system32\perfc005.dat
2014-11-18 09:25 - 2009-07-14 06:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-18 09:23 - 2013-02-16 23:04 - 00000000 ____D () C:\Program Files\trend micro
2014-11-17 21:48 - 2013-02-16 17:32 - 00000000 ____D () C:\Qoobox
2014-11-17 21:22 - 2012-11-09 15:28 - 00000000 ____D () C:\Users\Kupec\AppData\Roaming\uTorrent
2014-11-17 20:44 - 2013-08-09 18:20 - 00000000 ____D () C:\Users\Kupec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-11-17 20:32 - 2014-05-15 18:14 - 00000000 ____D () C:\Users\Kupec\AppData\Roaming\Opera Software
2014-11-17 20:32 - 2014-05-15 18:14 - 00000000 ____D () C:\Users\Kupec\AppData\Local\Opera Software
2014-11-17 20:27 - 2014-09-22 15:52 - 00000000 ____D () C:\Users\Kupec\Desktop\škola 2014
2014-11-17 20:23 - 2012-09-02 17:52 - 00001393 _____ () C:\Users\Kupec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-16 16:09 - 2012-09-02 18:18 - 00000000 ____D () C:\Users\Kupec\AppData\Local\CrashDumps
2014-11-15 22:00 - 2013-10-01 09:58 - 00000000 ____D () C:\Program Files (x86)\QuadCoreM2
2014-11-15 12:27 - 2014-02-07 15:00 - 00000000 ____D () C:\Users\Kupec\AppData\Local\Battle.net
2014-11-15 03:04 - 2012-10-01 20:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-15 03:03 - 2014-05-26 08:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-11-15 02:38 - 2014-10-18 20:04 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3997636886-3835547035-627565907-1001Core1cfeb0657b56637.job
2014-11-14 14:03 - 2014-05-26 18:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-14 08:51 - 2014-04-18 19:14 - 00000000 ____D () C:\Users\Kupec\AppData\Roaming\TS3Client
2014-11-13 13:22 - 2012-09-02 18:47 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3997636886-3835547035-627565907-1001UA.job
2014-11-13 08:13 - 2013-03-19 22:17 - 00546072 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 08:04 - 2014-04-29 15:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 23:03 - 2009-07-14 03:34 - 00000510 _____ () C:\Windows\win.ini
2014-11-12 23:00 - 2013-07-15 07:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 22:55 - 2012-09-09 20:53 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-06 10:05 - 2012-09-02 18:46 - 00000000 ____D () C:\Users\Kupec\AppData\Local\Deployment
2014-11-06 10:03 - 2012-09-02 18:46 - 00000000 ____D () C:\Users\Kupec\AppData\Local\Apps\2.0
2014-11-06 09:04 - 2014-05-27 07:04 - 00000000 ____D () C:\Program Files\CyberGhost 5
2014-11-04 14:30 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-04 08:42 - 2013-06-09 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-11-02 16:35 - 2012-09-02 17:53 - 00000000 ____D () C:\Users\Kupec\AppData\Local\Sony Corporation
2014-10-30 16:42 - 2014-07-28 15:18 - 00003828 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1400174066
2014-10-30 08:04 - 2014-06-13 11:31 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-10-26 09:38 - 2014-05-18 11:05 - 99004416 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-10-26 09:38 - 2014-05-18 11:05 - 00364544 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-10-26 09:38 - 2014-05-18 11:05 - 00061440 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-10-26 09:38 - 2014-05-18 11:05 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-10-26 09:38 - 2012-09-02 17:48 - 00000000 ____D () C:\Users\Kupec
2014-10-25 10:46 - 2014-06-13 11:11 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-23 07:16 - 2013-06-09 16:21 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-23 07:16 - 2013-06-09 16:21 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-21 18:15 - 2013-03-19 19:03 - 00146816 _____ () C:\Users\Kupec\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-21 18:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-20 13:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-20 08:14 - 2012-09-05 06:53 - 00000000 ____D () C:\Users\Kupec\AppData\Roaming\DAEMON Tools Lite
2014-10-19 16:10 - 2012-06-02 07:56 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-19 15:58 - 2012-06-02 08:07 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-10-19 15:58 - 2012-06-02 07:46 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-10-19 15:57 - 2014-02-19 13:20 - 00000000 ____D () C:\Fraps
2014-10-19 15:57 - 2012-06-02 08:39 - 00000000 ____D () C:\Program Files\Sony

Some content of TEMP:
====================
C:\Users\Kupec\AppData\Local\Temp\Quarantine.exe
C:\Users\Kupec\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-06 19:29




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:446.97 GB) (Free:297.69 GB) NTFS
Drive e: (FLASH DRIVE) (Removable) (Total:3.62 GB) (Free:3.46 GB) FAT32

Available physical RAM: 2489.9 MB
Total physical RAM: 4066.36 MB
Percentage of memory in use: 38%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 6B85D3AF)
Partition 1: (Not Active) - (Size=18.4 GB) - (Type=27)
Partition 2: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=447 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows XP) (Size: 3.6 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=3.6 GB) - (Type=0C)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8ac8a5d92c9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0007484681db4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3997636886-3835547035-627565907-1001Core1cf8a5269751367.job => C:\Users\Kupec\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3997636886-3835547035-627565907-1001Core1cfeb0657b56637.job => C:\Users\Kupec\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3997636886-3835547035-627565907-1001Core1d00074dc836c17.job => C:\Users\Kupec\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3997636886-3835547035-627565907-1001UA.job => C:\Users\Kupec\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Opera scheduled Autoupdate 1416252720.job => C:\Program Files (x86)\Opera\launcher.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\Temp:638E6F6B

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Kupec\Desktop" je 1261 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[vyosek]

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  
  HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
  HKU\S-1-5-21-3997636886-3835547035-627565907-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1940160 2014-11-12] (Valve Corporation)
  HKU\S-1-5-21-3997636886-3835547035-627565907-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
  HKU\S-1-5-21-3997636886-3835547035-627565907-1001\...\Run: [Google Update] => C:\Users\Kupec\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-02] (Google Inc.)
  HKU\S-1-5-18\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
  
  HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  SearchScopes: HKU\S-1-5-21-3997636886-3835547035-627565907-1001 -> DefaultScope {9AEDA2C6-2D27-4E07-ADB1-5D1757BE7F77} URL = 
  SearchScopes: HKU\S-1-5-21-3997636886-3835547035-627565907-1001 -> {BE20EB80-9EC3-4962-8298-984BCC1285C6} URL = http://rover.ebay.com/rover/1/14361-113 ... h-Q212&kw={searchTerms}
  Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
  
  FF Plugin: @microsoft.com/GENUINE -> disabled No File
  FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
  FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
  
  S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X]
  S3 catchme; No ImagePath
  S3 EagleX64; No ImagePath
  S3 XFDriver64; No ImagePath
  S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
  
  C:\Program Files (x86)\IObit
  2014-11-18 12:17 - 2014-11-18 12:18 - 00020670 _____ () C:\Users\Kupec\Desktop\FRST.txt
  2014-11-18 12:16 - 2014-11-18 12:13 - 00112640 _____ (forum.viry.cz) C:\Users\Kupec\Desktop\FRSTLauncher (2).exe
  2014-11-18 12:02 - 2014-11-18 12:02 - 00001107 _____ () C:\Users\Kupec\Desktop\AdwCleaner[S1].txt
  2014-11-18 11:54 - 2014-11-18 11:55 - 00000000 ____D () C:\AdwCleaner
  2014-11-18 11:53 - 2014-11-18 11:53 - 02140160 _____ () C:\Users\Kupec\Desktop\adwcleaner_4.101.exe
  2014-11-18 11:44 - 2014-11-18 11:44 - 00011762 _____ () C:\Users\Kupec\Desktop\zoek-results.txt
  2014-11-18 11:34 - 2014-11-18 11:56 - 00013488 _____ () C:\Windows\PFRO.log
  2014-11-18 11:34 - 2014-02-13 23:59 - 00024064 _____ () C:\Windows\zoek-delete.exe
  2014-11-18 11:07 - 2014-11-18 11:39 - 00011762 _____ () C:\zoek-results.log
  2014-11-18 11:05 - 2014-11-18 11:27 - 00000000 ____D () C:\zoek_backup
  2014-11-18 10:41 - 2014-11-18 11:55 - 00000000 ____D () C:\Windows\system32\log
  2014-11-18 10:37 - 2014-11-18 11:59 - 00000168 _____ () C:\Windows\setupact.log
  2014-11-18 10:37 - 2014-11-18 10:37 - 00000000 _____ () C:\Windows\setuperr.log
  2014-11-17 21:47 - 2014-11-18 07:53 - 00000000 ___SD () C:\ComboFix
  
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8ac8a5d92c9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0007484681db4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3997636886-3835547035-627565907-1001Core1cf8a5269751367.job => C:\Users\Kupec\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3997636886-3835547035-627565907-1001Core1cfeb0657b56637.job => C:\Users\Kupec\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3997636886-3835547035-627565907-1001Core1d00074dc836c17.job => C:\Users\Kupec\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3997636886-3835547035-627565907-1001UA.job => C:\Users\Kupec\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\Opera scheduled Autoupdate 1416252720.job => C:\Program Files (x86)\Opera\launcher.exe
  
  AlternateDataStreams: C:\ProgramData\Temp:638E6F6B
  
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype" /f
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[kupecko]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-11-2014
Ran by Kupec at 2014-11-18 12:35:29 Run:1
Running from C:\Users\Kupec\Desktop
Loaded Profile: Kupec (Available profiles: Kupec)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-3997636886-3835547035-627565907-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1940160 2014-11-12] (Valve Corporation)
HKU\S-1-5-21-3997636886-3835547035-627565907-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKU\S-1-5-21-3997636886-3835547035-627565907-1001\...\Run: [Google Update] => C:\Users\Kupec\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-02] (Google Inc.)
HKU\S-1-5-18\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-3997636886-3835547035-627565907-1001 -> DefaultScope {9AEDA2C6-2D27-4E07-ADB1-5D1757BE7F77} URL =
SearchScopes: HKU\S-1-5-21-3997636886-3835547035-627565907-1001 -> {BE20EB80-9EC3-4962-8298-984BCC1285C6} URL = http://rover.ebay.com/rover/1/14361-113 ... h-Q212&kw={searchTerms}
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File

FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X]
S3 catchme; No ImagePath
S3 EagleX64; No ImagePath
S3 XFDriver64; No ImagePath
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]

C:\Program Files (x86)\IObit
2014-11-18 12:17 - 2014-11-18 12:18 - 00020670 _____ () C:\Users\Kupec\Desktop\FRST.txt
2014-11-18 12:16 - 2014-11-18 12:13 - 00112640 _____ (forum.viry.cz) C:\Users\Kupec\Desktop\FRSTLauncher (2).exe
2014-11-18 12:02 - 2014-11-18 12:02 - 00001107 _____ () C:\Users\Kupec\Desktop\AdwCleaner[S1].txt
2014-11-18 11:54 - 2014-11-18 11:55 - 00000000 ____D () C:\AdwCleaner
2014-11-18 11:53 - 2014-11-18 11:53 - 02140160 _____ () C:\Users\Kupec\Desktop\adwcleaner_4.101.exe
2014-11-18 11:44 - 2014-11-18 11:44 - 00011762 _____ () C:\Users\Kupec\Desktop\zoek-results.txt
2014-11-18 11:34 - 2014-11-18 11:56 - 00013488 _____ () C:\Windows\PFRO.log
2014-11-18 11:34 - 2014-02-13 23:59 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-11-18 11:07 - 2014-11-18 11:39 - 00011762 _____ () C:\zoek-results.log
2014-11-18 11:05 - 2014-11-18 11:27 - 00000000 ____D () C:\zoek_backup
2014-11-18 10:41 - 2014-11-18 11:55 - 00000000 ____D () C:\Windows\system32\log
2014-11-18 10:37 - 2014-11-18 11:59 - 00000168 _____ () C:\Windows\setupact.log
2014-11-18 10:37 - 2014-11-18 10:37 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-17 21:47 - 2014-11-18 07:53 - 00000000 ___SD () C:\ComboFix

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8ac8a5d92c9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0007484681db4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3997636886-3835547035-627565907-1001Core1cf8a5269751367.job => C:\Users\Kupec\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3997636886-3835547035-627565907-1001Core1cfeb0657b56637.job => C:\Users\Kupec\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3997636886-3835547035-627565907-1001Core1d00074dc836c17.job => C:\Users\Kupec\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3997636886-3835547035-627565907-1001UA.job => C:\Users\Kupec\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Opera scheduled Autoupdate 1416252720.job => C:\Program Files (x86)\Opera\launcher.exe

AlternateDataStreams: C:\ProgramData\Temp:638E6F6B

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype" /f

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-3997636886-3835547035-627565907-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => value deleted successfully.
HKU\S-1-5-21-3997636886-3835547035-627565907-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-3997636886-3835547035-627565907-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDriveTypeAutoRun => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\S-1-5-21-3997636886-3835547035-627565907-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-3997636886-3835547035-627565907-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BE20EB80-9EC3-4962-8298-984BCC1285C6}" => Key deleted successfully.
"HKCR\CLSID\{BE20EB80-9EC3-4962-8298-984BCC1285C6}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully.
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
LiveUpdateSvc => Service deleted successfully.
catchme => Service deleted successfully.
EagleX64 => Service deleted successfully.
XFDriver64 => Service deleted successfully.
WinRing0_1_2_0 => Service deleted successfully.
"C:\Program Files (x86)\IObit" => File/Directory not found.
"C:\Users\Kupec\Desktop\FRST.txt" => File/Directory not found.
"C:\Users\Kupec\Desktop\FRSTLauncher (2).exe" => File/Directory not found.
"C:\Users\Kupec\Desktop\AdwCleaner[S1].txt" => File/Directory not found.
C:\AdwCleaner => Moved successfully.
"C:\Users\Kupec\Desktop\adwcleaner_4.101.exe" => File/Directory not found.
"C:\Users\Kupec\Desktop\zoek-results.txt" => File/Directory not found.
C:\Windows\PFRO.log => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Windows\system32\log => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\ComboFix => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8ac8a5d92c9.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0007484681db4.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3997636886-3835547035-627565907-1001Core1cf8a5269751367.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3997636886-3835547035-627565907-1001Core1cfeb0657b56637.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3997636886-3835547035-627565907-1001Core1d00074dc836c17.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3997636886-3835547035-627565907-1001UA.job => Moved successfully.
C:\Windows\Tasks\Opera scheduled Autoupdate 1416252720.job => Moved successfully.
C:\ProgramData\Temp => ":638E6F6B" ADS removed successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========

Operace byla dokončena úspěšně.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========

Operace byla dokončena úspěšně.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype" /f =========

Operace byla dokončena úspěšně.



========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 21.7 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====

[vyosek]

Tak jeste uklidime

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remote disinfection tools
• Kliknete na Run

Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

[kupecko]

Stále když otevřu prohlížeč nefunguje. Když otevřu novou záložku sekne se celé PC.
Nefunguje ani Chrome, ani Opera. Když spustím jinou aplikaci, která potřebuje internet normálně net funguje a aplikace taky.. Např Steam. Prohlížeče prostě ne.