VIRY.CZ

Dobrý den,

prosím o kontrolu logu PC kolegyně. Včera a dnes jí MS Outlook odeslal sám cca 20.000 e-mailů na úplně cizí neznámé adresy.

přikládám logy co již jsem udělal:

1. MBAM
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2. 11. 2015
Scan Time: 11:08
Logfile: MBAM.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2015.09.22.05
Rootkit Database: v2015.09.18.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Richard

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 415296
Time Elapsed: 15 min, 18 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 34
PUP.Optional.DefaultTab, HKLM\SOFTWARE\CLASSES\APPID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}, Quarantined, [866773bf93f8ce68946cbb2bce34e020],
PUP.Optional.DefaultTab, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}, Quarantined, [866773bf93f8ce68946cbb2bce34e020],
PUP.Optional.DefaultTab, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}, Quarantined, [866773bf93f8ce68946cbb2bce34e020],
PUP.Optional.MixiDJToolbar, HKLM\SOFTWARE\CLASSES\APPID\{A2773ED4-83BD-488A-A186-73590706C916}, Quarantined, [539a0b272863c76fdd1b8c5d897923dd],
PUP.Optional.MixiDJToolbar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{A2773ED4-83BD-488A-A186-73590706C916}, Quarantined, [539a0b272863c76fdd1b8c5d897923dd],
PUP.Optional.MixiDJToolbar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{A2773ED4-83BD-488A-A186-73590706C916}, Quarantined, [539a0b272863c76fdd1b8c5d897923dd],
PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, Quarantined, [1ad3c56d1b708caa01b96080e51d8878],
PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, Quarantined, [1ad3c56d1b708caa01b96080e51d8878],
PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, Quarantined, [1ad3c56d1b708caa01b96080e51d8878],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, Quarantined, [e10c3200bad187af1f54e7c7ad557888],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, Quarantined, [e10c3200bad187af1f54e7c7ad557888],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, Quarantined, [e10c3200bad187af1f54e7c7ad557888],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, Quarantined, [e10c3200bad187af1f54e7c7ad557888],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, Quarantined, [e10c3200bad187af1f54e7c7ad557888],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, Quarantined, [e10c3200bad187af1f54e7c7ad557888],
PUP.Optional.Babylon, HKU\S-1-5-21-2697576798-3047597159-1036163815-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Quarantined, [db125fd34f3c989e761f8d57a35f54ac],
PUP.Optional.Babylon, HKU\S-1-5-21-2697576798-3047597159-1036163815-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}, Quarantined, [db125fd34f3c989e761f8d57a35f54ac],
PUP.Optional.DefaultTab, HKU\S-1-5-21-2697576798-3047597159-1036163815-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{7F6AFBF1-E065-4627-A2FD-810366367D01}, Quarantined, [ba3360d296f586b03ac76c7ab052c13f],
PUP.Optional.DefaultTab, HKU\S-1-5-21-2697576798-3047597159-1036163815-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{7F6AFBF1-E065-4627-A2FD-810366367D01}, Quarantined, [ba3360d296f586b03ac76c7ab052c13f],
PUP.Optional.Iminent, HKU\S-1-5-21-2697576798-3047597159-1036163815-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, Quarantined, [f5f888aa08830c2afe21509748ba7c84],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, Quarantined, [f5f888aa08830c2afe21509748ba7c84],
PUP.Optional.Iminent, HKU\S-1-5-21-2697576798-3047597159-1036163815-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, Quarantined, [f5f888aa08830c2afe21509748ba7c84],
PUP.Optional.DefaultTab, HKU\S-1-5-21-2697576798-3047597159-1036163815-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}, Quarantined, [a7461022cebd2115c14106e01de512ee],
PUP.Optional.DefaultTab, HKU\S-1-5-21-2697576798-3047597159-1036163815-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}, Quarantined, [a7461022cebd2115c14106e01de512ee],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, Quarantined, [6c8134feadde75c134ea9b4c3cc6936d],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, Quarantined, [19d42b07d8b3fe386fb452956f93e11f],
PUP.Optional.WebCake, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}, Quarantined, [c627052dcac150e664bc42851aea56aa],
PUP.Optional.PCKeeper, HKLM\SOFTWARE\KROMTECH\PCKeeper, Quarantined, [6687a1915b30db5b79b7268b5ca89e62],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\Iminent, Quarantined, [509d29097a11eb4b7af4c9d92fd5da26],
PUP.Optional.WebCake, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\fjoijdanhaiflhibkljeklcghcmmfffh, Quarantined, [ac415ad82b606cca55d47354ab599c64],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork, Quarantined, [35b82909296246f0008b1e151ee5b34d],
PUP.Optional.DefaultTab, HKU\S-1-5-18\SOFTWARE\Default tab, Quarantined, [688586acf497b97d17530a8c64a02cd4],
PUP.Optional.DefaultTab, HKU\S-1-5-18\SOFTWARE\DefaultTab, Quarantined, [e40920128b00c96d1556fb9b62a241bf],
PUP.Optional.DefaultTab, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\DefaultTab, Quarantined, [ac41d75be5a6ab8b93d6dfb78a7ad32d],

Registry Values: 4
PUP.Optional.Iminent, HKU\S-1-5-21-2697576798-3047597159-1036163815-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, Quarantined, [f5f888aa08830c2afe21509748ba7c84],
PUP.Optional.Iminent, HKU\S-1-5-21-2697576798-3047597159-1036163815-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, Quarantined, [30bdc46eb2d948ee9c83a542e0226d93],
PUP.Optional.Delta.ShrtCln, HKU\S-1-5-21-2697576798-3047597159-1036163815-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|URL, http://mixidj.delta-search.com/?q={sear ... 6&tsp=4949, Quarantined, [6e7f1e14e8a390a6b94a3e3b3cc80cf4]
PUP.Optional.Delta.ShrtCln, HKU\S-1-5-21-2697576798-3047597159-1036163815-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|URL, http://mixidj.delta-search.com/?q={sear ... 6&tsp=4949, Quarantined, [38b556dc06859d9955aedf9a4eb6867a]

Registry Data: 0
(No malicious items detected)

Folders: 11
PUP.Optional.MyPCBackup, C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup, Quarantined, [dd10b08294f779bd8d2de9c4699b2bd5],
PUP.Optional.WebCake, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}, Quarantined, [c627052dcac150e664bc42851aea56aa],
PUP.Optional.OpenCandy, C:\Users\Richard\AppData\Roaming\OpenCandy, Quarantined, [8469959dbccf7fb77e3af20a9b679967],
PUP.Optional.OpenCandy, C:\Users\Richard\AppData\Roaming\OpenCandy\5D93151059CA47F89553302DEA9F5823, Quarantined, [8469959dbccf7fb77e3af20a9b679967],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, Quarantined, [d6176dc544473afc3074fe06b74c7090],
PUP.Optional.DefaultTab, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab, Quarantined, [eb02bd75eba0cb6ba81961b31fe4926e],
PUP.Optional.DefaultTab, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab, Quarantined, [eb02bd75eba0cb6ba81961b31fe4926e],
PUP.Optional.DefaultTab, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\Apps, Quarantined, [eb02bd75eba0cb6ba81961b31fe4926e],
PUP.Optional.Iminent, C:\Users\Richard\AppData\Roaming\IminentToolbar, Quarantined, [36b7a48e5e2d4aec469f13078e757a86],
PUP.Optional.Iminent, C:\Program Files (x86)\IminentToolbar, Quarantined, [d01d55dd6c1f0f27648e849655ae867a],
PUP.Optional.PCKeeper, C:\ProgramData\Kromtech\PCKeeper, Quarantined, [7677ec462f5c63d3bfc171b1c043f60a],

Files: 22
PUP.Optional.OpenCandy, C:\Users\Richard\AppData\Roaming\OpenCandy\5D93151059CA47F89553302DEA9F5823\LatestDLMgr.exe, Quarantined, [d01d46ecc4c755e19d1675495ca55fa1],
PUP.Optional.DefaultTab, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll, Quarantined, [b13ce052137882b4d564a63a35cb7888],
PUP.Optional.DefaultTab, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\DefaultTabStart.exe, Quarantined, [22cb87abb4d72412e950e8f8718f7888],
PUP.Optional.DefaultTab, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\DefaultTabStart64.exe, Quarantined, [feef70c28704fe38ba7fedf3b14f867a],
PUP.Optional.Iminent, C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage, Quarantined, [5994e54d7f0c51e582c6b1f15ba94db3],
PUP.Optional.MyPCBackup, C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup\MyPC Backup.lnk, Quarantined, [dd10b08294f779bd8d2de9c4699b2bd5],
PUP.Optional.MyPCBackup, C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup\Uninstall.lnk, Quarantined, [dd10b08294f779bd8d2de9c4699b2bd5],
PUP.Optional.WebCake, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.ico, Quarantined, [c627052dcac150e664bc42851aea56aa],
PUP.Optional.WebCake, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.exe, Quarantined, [c627052dcac150e664bc42851aea56aa],
PUP.Optional.WebCake, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setup.dll, Quarantined, [c627052dcac150e664bc42851aea56aa],
PUP.Optional.WebCake, C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setupx.dll, Quarantined, [c627052dcac150e664bc42851aea56aa],
PUP.Optional.OpenCandy, C:\Users\Richard\AppData\Roaming\OpenCandy\5D93151059CA47F89553302DEA9F5823\TuneUpUtilities2013-2200319-p3v0.exe, Quarantined, [8469959dbccf7fb77e3af20a9b679967],
PUP.Optional.OpenCandy, C:\Users\Richard\AppData\Roaming\OpenCandy\5D93151059CA47F89553302DEA9F5823\TuneUpUtilities2013-2200319_en-US.exe, Quarantined, [8469959dbccf7fb77e3af20a9b679967],
PUP.Optional.DefaultTab, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\addon.ico, Quarantined, [eb02bd75eba0cb6ba81961b31fe4926e],
PUP.Optional.DefaultTab, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.cfg, Quarantined, [eb02bd75eba0cb6ba81961b31fe4926e],
PUP.Optional.DefaultTab, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\DefaultTabUninstaller.exe, Quarantined, [eb02bd75eba0cb6ba81961b31fe4926e],
PUP.Optional.DefaultTab, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\DefaultTabWrap.dll, Quarantined, [eb02bd75eba0cb6ba81961b31fe4926e],
PUP.Optional.DefaultTab, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\DefaultTabWrap64.dll, Quarantined, [eb02bd75eba0cb6ba81961b31fe4926e],
PUP.Optional.DefaultTab, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\DT.ico, Quarantined, [eb02bd75eba0cb6ba81961b31fe4926e],
PUP.Optional.DefaultTab, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\searchhere.ico, Quarantined, [eb02bd75eba0cb6ba81961b31fe4926e],
PUP.Optional.DefaultTab, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\uninstalldt.exe, Quarantined, [eb02bd75eba0cb6ba81961b31fe4926e],
PUP.Optional.Iminent, C:\Users\Richard\AppData\Roaming\IminentToolbar\sqlite3.dll, Quarantined, [36b7a48e5e2d4aec469f13078e757a86],

Physical Sectors: 0
(No malicious items detected)


(end)

následovala instavace AVIRA a kompletní scan:
Avira Free Antivirus
Report file date: 2. novembra 2015 11:54


The program is running as an unrestricted full version.
Online services are available.

Licensee : Avira Antivirus Free
Serial number : 0000149996-AVHOE-0000001
Platform : Windows 7 Professional
Windows version : (Service Pack 1) [6.1.7601]
Boot mode : Normally booted
Username : Richard
Computer name : NBRICHARD

Version information:
BUILD.DAT : 15.0.8.658 91859 Bytes 4/9/2015 15:05:00
AVSCAN.EXE : 15.0.8.652 1014064 Bytes 11/2/2015 10:43:06
AVSCANRC.DLL : 15.0.8.652 54064 Bytes 4/9/2015 14:05:31
LUKE.DLL : 15.0.8.652 60664 Bytes 4/9/2015 14:05:37
AVSCPLR.DLL : 15.0.8.652 93488 Bytes 4/9/2015 14:05:31
REPAIR.DLL : 15.0.8.652 365360 Bytes 4/9/2015 14:05:30
REPAIR.RDF : 1.0.6.96 831229 Bytes 4/9/2015 14:05:46
AVREG.DLL : 15.0.8.652 265464 Bytes 4/9/2015 14:05:30
AVLODE.DLL : 15.0.8.656 645368 Bytes 4/9/2015 14:05:29
AVLODE.RDF : 14.0.4.60 79192 Bytes 4/9/2015 14:05:29
XBV00018.VDF : 8.11.165.190 2048 Bytes 8/7/2014 14:05:46
XBV00019.VDF : 8.11.165.190 2048 Bytes 8/7/2014 14:05:46
XBV00020.VDF : 8.11.165.190 2048 Bytes 8/7/2014 14:05:46
XBV00021.VDF : 8.11.165.190 2048 Bytes 8/7/2014 14:05:46
XBV00022.VDF : 8.11.165.190 2048 Bytes 8/7/2014 14:05:46
XBV00023.VDF : 8.11.165.190 2048 Bytes 8/7/2014 14:05:46
XBV00024.VDF : 8.11.165.190 2048 Bytes 8/7/2014 14:05:46
XBV00025.VDF : 8.11.165.190 2048 Bytes 8/7/2014 14:05:46
XBV00026.VDF : 8.11.165.190 2048 Bytes 8/7/2014 14:05:46
XBV00027.VDF : 8.11.165.190 2048 Bytes 8/7/2014 14:05:46
XBV00028.VDF : 8.11.165.190 2048 Bytes 8/7/2014 14:05:46
XBV00029.VDF : 8.11.165.190 2048 Bytes 8/7/2014 14:05:46
XBV00030.VDF : 8.11.165.190 2048 Bytes 8/7/2014 14:05:46
XBV00031.VDF : 8.11.165.190 2048 Bytes 8/7/2014 14:05:46
XBV00032.VDF : 8.11.165.190 2048 Bytes 8/7/2014 14:05:46
XBV00033.VDF : 8.11.165.190 2048 Bytes 8/7/2014 14:05:46
XBV00034.VDF : 8.11.165.190 2048 Bytes 8/7/2014 14:05:46
XBV00035.VDF : 8.11.165.190 2048 Bytes 8/7/2014 14:05:46
XBV00036.VDF : 8.11.165.190 2048 Bytes 8/7/2014 14:05:46
XBV00037.VDF : 8.11.165.190 2048 Bytes 8/7/2014 14:05:46
XBV00038.VDF : 8.11.165.190 2048 Bytes 8/7/2014 14:05:46
XBV00039.VDF : 8.11.165.190 2048 Bytes 8/7/2014 14:05:46
XBV00040.VDF : 8.11.165.190 2048 Bytes 8/7/2014 14:05:46
XBV00041.VDF : 8.11.165.190 2048 Bytes 8/7/2014 14:05:46
XBV00161.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00162.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00163.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00164.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00165.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00166.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00167.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00168.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00169.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00170.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00171.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00172.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00173.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00174.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00175.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00176.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00177.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00178.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00179.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00180.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00181.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00182.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00183.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00184.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00185.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00186.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00187.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00188.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00189.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00190.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00191.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00192.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00193.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00194.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00195.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00196.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00197.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00198.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00199.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00200.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00201.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00202.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00203.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00204.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00205.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00206.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00207.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00208.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00209.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00210.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00211.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00212.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00213.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00214.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00215.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00216.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00217.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00218.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00219.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00220.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00221.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00222.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00223.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00224.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00225.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00226.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00227.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00228.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00229.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00230.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00231.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00232.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00233.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00234.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00235.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00236.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00237.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00238.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00239.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00240.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00241.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00242.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00243.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00244.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00245.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00246.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00247.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00248.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00249.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00250.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00251.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00252.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00253.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00254.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00255.VDF : 8.11.219.166 2048 Bytes 3/25/2015 14:05:46
XBV00000.VDF : 7.11.70.0 66736640 Bytes 4/4/2013 14:05:46
XBV00001.VDF : 7.11.74.226 2201600 Bytes 4/30/2013 14:05:46
XBV00002.VDF : 7.11.80.60 2751488 Bytes 5/28/2013 14:05:46
XBV00003.VDF : 7.11.85.214 2162688 Bytes 6/21/2013 14:05:46
XBV00004.VDF : 7.11.91.176 3903488 Bytes 7/23/2013 14:05:46
XBV00005.VDF : 7.11.98.186 6822912 Bytes 8/29/2013 14:05:46
XBV00006.VDF : 7.11.139.38 15708672 Bytes 3/27/2014 14:05:46
XBV00007.VDF : 7.11.152.100 4193792 Bytes 6/2/2014 14:05:46
XBV00008.VDF : 8.11.165.192 4251136 Bytes 8/7/2014 14:05:46
XBV00009.VDF : 8.11.172.30 2094080 Bytes 9/15/2014 14:05:46
XBV00010.VDF : 8.11.178.32 1581056 Bytes 10/14/2014 14:05:46
XBV00011.VDF : 8.11.184.50 2178560 Bytes 11/11/2014 14:05:46
XBV00012.VDF : 8.11.190.32 1876992 Bytes 12/3/2014 14:05:46
XBV00013.VDF : 8.11.201.28 2973696 Bytes 1/14/2015 14:05:46
XBV00014.VDF : 8.11.206.252 2695680 Bytes 2/4/2015 14:05:46
XBV00015.VDF : 8.11.213.84 3175936 Bytes 3/3/2015 14:05:46
XBV00016.VDF : 8.11.213.176 212480 Bytes 3/5/2015 14:05:46
XBV00017.VDF : 8.11.219.166 2033664 Bytes 3/25/2015 14:05:46
XBV00042.VDF : 8.11.219.194 36864 Bytes 3/25/2015 14:05:46
XBV00043.VDF : 8.11.219.218 7168 Bytes 3/25/2015 14:05:46
XBV00044.VDF : 8.11.219.242 6144 Bytes 3/25/2015 14:05:46
XBV00045.VDF : 8.11.219.244 7680 Bytes 3/25/2015 14:05:46
XBV00046.VDF : 8.11.219.246 5632 Bytes 3/26/2015 14:05:46
XBV00047.VDF : 8.11.219.250 38400 Bytes 3/26/2015 14:05:46
XBV00048.VDF : 8.11.219.252 14336 Bytes 3/26/2015 14:05:46
XBV00049.VDF : 8.11.219.254 18432 Bytes 3/26/2015 14:05:46
XBV00050.VDF : 8.11.220.0 7680 Bytes 3/26/2015 14:05:46
XBV00051.VDF : 8.11.220.2 10240 Bytes 3/26/2015 14:05:46
XBV00052.VDF : 8.11.220.6 2048 Bytes 3/26/2015 14:05:46
XBV00053.VDF : 8.11.220.8 2560 Bytes 3/26/2015 14:05:46
XBV00054.VDF : 8.11.220.10 17408 Bytes 3/26/2015 14:05:46
XBV00055.VDF : 8.11.220.12 2048 Bytes 3/26/2015 14:05:46
XBV00056.VDF : 8.11.220.16 23040 Bytes 3/26/2015 14:05:46
XBV00057.VDF : 8.11.220.18 8704 Bytes 3/26/2015 14:05:46
XBV00058.VDF : 8.11.220.22 30720 Bytes 3/27/2015 14:05:46
XBV00059.VDF : 8.11.220.24 6144 Bytes 3/27/2015 14:05:46
XBV00060.VDF : 8.11.220.26 2048 Bytes 3/27/2015 14:05:46
XBV00061.VDF : 8.11.220.48 9728 Bytes 3/27/2015 14:05:46
XBV00062.VDF : 8.11.220.68 14848 Bytes 3/27/2015 14:05:46
XBV00063.VDF : 8.11.220.88 23552 Bytes 3/27/2015 14:05:46
XBV00064.VDF : 8.11.220.108 9216 Bytes 3/27/2015 14:05:46
XBV00065.VDF : 8.11.220.110 15360 Bytes 3/27/2015 14:05:46
XBV00066.VDF : 8.11.220.116 27648 Bytes 3/27/2015 14:05:46
XBV00067.VDF : 8.11.220.118 10752 Bytes 3/27/2015 14:05:46
XBV00068.VDF : 8.11.220.120 6144 Bytes 3/27/2015 14:05:46
XBV00069.VDF : 8.11.220.122 62976 Bytes 3/28/2015 14:05:46
XBV00070.VDF : 8.11.220.124 2048 Bytes 3/28/2015 14:05:46
XBV00071.VDF : 8.11.220.126 9728 Bytes 3/28/2015 14:05:46
XBV00072.VDF : 8.11.220.128 20992 Bytes 3/28/2015 14:05:46
XBV00073.VDF : 8.11.220.148 54784 Bytes 3/29/2015 14:05:46
XBV00074.VDF : 8.11.220.176 7680 Bytes 3/29/2015 14:05:46
XBV00075.VDF : 8.11.220.196 32768 Bytes 3/30/2015 14:05:46
XBV00076.VDF : 8.11.220.216 2048 Bytes 3/30/2015 14:05:46
XBV00077.VDF : 8.11.220.236 9728 Bytes 3/30/2015 14:05:46
XBV00078.VDF : 8.11.220.238 15360 Bytes 3/30/2015 14:05:46
XBV00079.VDF : 8.11.220.240 9216 Bytes 3/30/2015 14:05:46
XBV00080.VDF : 8.11.220.242 4608 Bytes 3/30/2015 14:05:46
XBV00081.VDF : 8.11.220.248 58368 Bytes 3/30/2015 14:05:46
XBV00082.VDF : 8.11.220.250 2048 Bytes 3/30/2015 14:05:46
XBV00083.VDF : 8.11.220.252 2048 Bytes 3/30/2015 14:05:46
XBV00084.VDF : 8.11.220.254 39424 Bytes 3/31/2015 14:05:46
XBV00085.VDF : 8.11.221.0 2048 Bytes 3/31/2015 14:05:46
XBV00086.VDF : 8.11.221.6 40960 Bytes 3/31/2015 14:05:46
XBV00087.VDF : 8.11.221.8 2048 Bytes 3/31/2015 14:05:46
XBV00088.VDF : 8.11.221.10 16896 Bytes 3/31/2015 14:05:46
XBV00089.VDF : 8.11.221.30 10240 Bytes 3/31/2015 14:05:46
XBV00090.VDF : 8.11.221.48 29184 Bytes 3/31/2015 14:05:46
XBV00091.VDF : 8.11.221.50 2048 Bytes 3/31/2015 14:05:46
XBV00092.VDF : 8.11.221.70 27648 Bytes 3/31/2015 14:05:46
XBV00093.VDF : 8.11.221.88 3584 Bytes 3/31/2015 14:05:46
XBV00094.VDF : 8.11.221.90 32256 Bytes 3/31/2015 14:05:46
XBV00095.VDF : 8.11.221.94 34816 Bytes 4/1/2015 14:05:46
XBV00096.VDF : 8.11.221.96 8704 Bytes 4/1/2015 14:05:46
XBV00097.VDF : 8.11.221.100 8704 Bytes 4/1/2015 14:05:46
XBV00098.VDF : 8.11.221.102 7680 Bytes 4/1/2015 14:05:46
XBV00099.VDF : 8.11.221.106 39936 Bytes 4/1/2015 14:05:46
XBV00100.VDF : 8.11.221.124 8704 Bytes 4/1/2015 14:05:46
XBV00101.VDF : 8.11.221.142 12288 Bytes 4/1/2015 14:05:46
XBV00102.VDF : 8.11.221.160 7168 Bytes 4/1/2015 14:05:46
XBV00103.VDF : 8.11.221.178 7168 Bytes 4/1/2015 14:05:46
XBV00104.VDF : 8.11.221.196 8192 Bytes 4/1/2015 14:05:46
XBV00105.VDF : 8.11.221.200 33280 Bytes 4/2/2015 14:05:46
XBV00106.VDF : 8.11.221.202 2048 Bytes 4/2/2015 14:05:46
XBV00107.VDF : 8.11.221.204 28160 Bytes 4/2/2015 14:05:46
XBV00108.VDF : 8.11.221.206 2048 Bytes 4/2/2015 14:05:46
XBV00109.VDF : 8.11.221.208 33792 Bytes 4/2/2015 14:05:46
XBV00110.VDF : 8.11.221.210 24576 Bytes 4/2/2015 14:05:46
XBV00111.VDF : 8.11.221.214 18944 Bytes 4/2/2015 14:05:46
XBV00112.VDF : 8.11.221.216 11264 Bytes 4/2/2015 14:05:46
XBV00113.VDF : 8.11.221.220 29696 Bytes 4/3/2015 14:05:46
XBV00114.VDF : 8.11.221.222 2048 Bytes 4/3/2015 14:05:46
XBV00115.VDF : 8.11.221.224 31232 Bytes 4/3/2015 14:05:46
XBV00116.VDF : 8.11.221.242 3584 Bytes 4/3/2015 14:05:46
XBV00117.VDF : 8.11.222.2 11776 Bytes 4/3/2015 14:05:46
XBV00118.VDF : 8.11.222.18 7168 Bytes 4/3/2015 14:05:46
XBV00119.VDF : 8.11.222.34 6656 Bytes 4/3/2015 14:05:46
XBV00120.VDF : 8.11.222.38 15360 Bytes 4/3/2015 14:05:46
XBV00121.VDF : 8.11.222.40 5632 Bytes 4/3/2015 14:05:46
XBV00122.VDF : 8.11.222.42 6144 Bytes 4/3/2015 14:05:46
XBV00123.VDF : 8.11.222.44 46592 Bytes 4/4/2015 14:05:46
XBV00124.VDF : 8.11.222.46 2048 Bytes 4/4/2015 14:05:46
XBV00125.VDF : 8.11.222.48 2048 Bytes 4/4/2015 14:05:46
XBV00126.VDF : 8.11.222.50 36864 Bytes 4/4/2015 14:05:46
XBV00127.VDF : 8.11.222.52 2048 Bytes 4/4/2015 14:05:46
XBV00128.VDF : 8.11.222.68 68096 Bytes 4/5/2015 14:05:46
XBV00129.VDF : 8.11.222.84 2048 Bytes 4/5/2015 14:05:46
XBV00130.VDF : 8.11.222.116 18432 Bytes 4/5/2015 14:05:46
XBV00131.VDF : 8.11.222.132 62464 Bytes 4/6/2015 14:05:46
XBV00132.VDF : 8.11.222.134 10752 Bytes 4/6/2015 14:05:46
XBV00133.VDF : 8.11.222.138 2048 Bytes 4/6/2015 14:05:46
XBV00134.VDF : 8.11.222.154 13312 Bytes 4/6/2015 14:05:46
XBV00135.VDF : 8.11.222.156 8704 Bytes 4/6/2015 14:05:46
XBV00136.VDF : 8.11.222.158 9216 Bytes 4/6/2015 14:05:46
XBV00137.VDF : 8.11.222.160 2048 Bytes 4/6/2015 14:05:46
XBV00138.VDF : 8.11.222.164 18432 Bytes 4/6/2015 14:05:46
XBV00139.VDF : 8.11.222.166 10752 Bytes 4/6/2015 14:05:46
XBV00140.VDF : 8.11.222.182 7168 Bytes 4/6/2015 14:05:46
XBV00141.VDF : 8.11.222.196 8704 Bytes 4/7/2015 14:05:46
XBV00142.VDF : 8.11.222.212 29696 Bytes 4/7/2015 14:05:46
XBV00143.VDF : 8.11.222.226 6656 Bytes 4/7/2015 14:05:46
XBV00144.VDF : 8.11.222.228 10752 Bytes 4/7/2015 14:05:46
XBV00145.VDF : 8.11.222.230 4096 Bytes 4/7/2015 14:05:46
XBV00146.VDF : 8.11.222.232 5120 Bytes 4/7/2015 14:05:46
XBV00147.VDF : 8.11.222.234 5632 Bytes 4/7/2015 14:05:46
XBV00148.VDF : 8.11.222.240 34816 Bytes 4/7/2015 14:05:46
XBV00149.VDF : 8.11.222.242 2048 Bytes 4/7/2015 14:05:46
XBV00150.VDF : 8.11.222.244 3584 Bytes 4/7/2015 14:05:46
XBV00151.VDF : 8.11.222.246 24576 Bytes 4/7/2015 14:05:46
XBV00152.VDF : 8.11.222.250 37888 Bytes 4/8/2015 14:05:46
XBV00153.VDF : 8.11.223.8 12800 Bytes 4/8/2015 14:05:46
XBV00154.VDF : 8.11.223.22 2048 Bytes 4/8/2015 14:05:46
XBV00155.VDF : 8.11.223.36 10752 Bytes 4/8/2015 14:05:46
XBV00156.VDF : 8.11.223.52 35328 Bytes 4/8/2015 14:05:46
XBV00157.VDF : 8.11.223.66 7168 Bytes 4/8/2015 14:05:46
XBV00158.VDF : 8.11.223.68 2048 Bytes 4/8/2015 14:05:46
XBV00159.VDF : 8.11.223.72 15360 Bytes 4/8/2015 14:05:46
XBV00160.VDF : 8.11.223.74 7168 Bytes 4/9/2015 14:05:46
LOCAL000.VDF : 8.11.223.74 126684672 Bytes 4/9/2015 10:45:18
Engine version : 8.3.30.10
AEVDF.DLL : 8.3.1.6 133992 Bytes 4/9/2015 14:05:27
AESCRIPT.DLL : 8.2.2.58 560248 Bytes 4/9/2015 14:05:27
AESCN.DLL : 8.3.2.2 139456 Bytes 4/9/2015 14:05:27
AESBX.DLL : 8.2.20.34 1615784 Bytes 4/9/2015 14:05:27
AERDL.DLL : 8.2.1.20 731040 Bytes 4/9/2015 14:05:27
AEPACK.DLL : 8.4.0.62 793456 Bytes 4/9/2015 14:05:27
AEOFFICE.DLL : 8.3.1.16 359280 Bytes 4/9/2015 14:05:27
AEMOBILE.DLL : 8.1.7.0 281456 Bytes 4/9/2015 14:05:27
AEHEUR.DLL : 8.1.4.1612 8244344 Bytes 4/9/2015 14:05:27
AEHELP.DLL : 8.3.2.0 281456 Bytes 4/9/2015 14:05:27
AEGEN.DLL : 8.1.7.40 456608 Bytes 4/9/2015 14:05:27
AEEXP.DLL : 8.4.2.70 255904 Bytes 4/9/2015 14:05:27
AEEMU.DLL : 8.1.3.4 399264 Bytes 4/9/2015 14:05:27
AEDROID.DLL : 8.4.3.116 1050536 Bytes 4/9/2015 14:05:27
AECORE.DLL : 8.3.4.0 243624 Bytes 4/9/2015 14:05:27
AEBB.DLL : 8.1.2.0 60448 Bytes 4/9/2015 14:05:27
AVWINLL.DLL : 15.0.8.652 25904 Bytes 4/9/2015 14:05:31
AVPREF.DLL : 15.0.8.652 53248 Bytes 4/9/2015 14:05:30
AVREP.DLL : 15.0.8.652 221432 Bytes 4/9/2015 14:05:30
AVARKT.DLL : 15.0.8.652 228088 Bytes 4/9/2015 14:05:28
AVEVTLOG.DLL : 15.0.8.652 183600 Bytes 4/9/2015 14:05:28
SQLITE3.DLL : 15.0.8.652 456440 Bytes 4/9/2015 14:05:39
AVSMTP.DLL : 15.0.8.652 79360 Bytes 4/9/2015 14:05:31
NETNT.DLL : 15.0.8.652 17352 Bytes 4/9/2015 14:05:37
RCIMAGE.DLL : 15.0.8.652 4865328 Bytes 4/9/2015 14:05:38
RCTEXT.DLL : 15.0.8.652 76744 Bytes 4/9/2015 14:05:38

Configuration settings for the scan:
Jobname.............................: Local Drives
Configuration file..................: C:\Program Files (x86)\Avira\AntiVir Desktop\alldrives.avp
Reporting...........................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, E:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: Intelligent file selection
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended

Start of the scan: 2. novembra 2015 11:54

Start scanning boot sectors:
Boot sector 'HDD0(C:)'
[INFO] No virus was found!

The scan of running processes will be started:
Scan process 'svchost.exe' - '57' Module(s) have been scanned
Scan process 'launcher_service.exe' - '38' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '34' Module(s) have been scanned
Scan process 'svchost.exe' - '40' Module(s) have been scanned
Scan process 'cmdagent.exe' - '106' Module(s) have been scanned
Scan process 'svchost.exe' - '83' Module(s) have been scanned
Scan process 'svchost.exe' - '81' Module(s) have been scanned
Scan process 'svchost.exe' - '113' Module(s) have been scanned
Scan process 'svchost.exe' - '82' Module(s) have been scanned
Scan process 'svchost.exe' - '172' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '34' Module(s) have been scanned
Scan process 'WLANExt.exe' - '83' Module(s) have been scanned
Scan process 'conhost.exe' - '21' Module(s) have been scanned
Scan process 'svchost.exe' - '71' Module(s) have been scanned
Scan process 'spoolsv.exe' - '95' Module(s) have been scanned
Scan process 'taskhost.exe' - '61' Module(s) have been scanned
Scan process 'btwdins.exe' - '37' Module(s) have been scanned
Scan process 'chromodo_updater.exe' - '64' Module(s) have been scanned
Scan process 'Dwm.exe' - '35' Module(s) have been scanned
Scan process 'svchost.exe' - '49' Module(s) have been scanned
Scan process 'dtsrvc.exe' - '30' Module(s) have been scanned
Scan process 'GeekBuddyRSP.exe' - '46' Module(s) have been scanned
Scan process 'taskeng.exe' - '32' Module(s) have been scanned
Scan process 'GoogleUpdate.exe' - '64' Module(s) have been scanned
Scan process 'taskeng.exe' - '34' Module(s) have been scanned
Scan process 'taskeng.exe' - '34' Module(s) have been scanned
Scan process 'AccountService.exe' - '93' Module(s) have been scanned
Scan process 'LMS.exe' - '38' Module(s) have been scanned
Scan process 'Explorer.EXE' - '170' Module(s) have been scanned
Scan process 'cistray.exe' - '60' Module(s) have been scanned
Scan process 'SPMgr.exe' - '62' Module(s) have been scanned
Scan process 'pdisrvc.exe' - '36' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '36' Module(s) have been scanned
Scan process 'WLIDSVC.EXE' - '58' Module(s) have been scanned
Scan process 'EvtEng.exe' - '70' Module(s) have been scanned
Scan process 'WLIDSvcM.exe' - '21' Module(s) have been scanned
Scan process 'unsecapp.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '41' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '51' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '58' Module(s) have been scanned
Scan process 'GWX.exe' - '41' Module(s) have been scanned
Scan process 'iFrmewrk.exe' - '75' Module(s) have been scanned
Scan process 'igfxpers.exe' - '52' Module(s) have been scanned
Scan process 'igfxtray.exe' - '33' Module(s) have been scanned
Scan process 'hkcmd.exe' - '32' Module(s) have been scanned
Scan process 'flux.exe' - '86' Module(s) have been scanned
Scan process 'cavwp.exe' - '50' Module(s) have been scanned
Scan process 'unsecapp.exe' - '33' Module(s) have been scanned
Scan process 'esrv_svc.exe' - '27' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'cis.exe' - '74' Module(s) have been scanned
Scan process 'VAIOUpdt.exe' - '55' Module(s) have been scanned
Scan process 'vuagent.exe' - '40' Module(s) have been scanned
Scan process 'IAStorDataMgrSvc.exe' - '53' Module(s) have been scanned
Scan process 'UNS.exe' - '62' Module(s) have been scanned
Scan process 'SPMService.exe' - '59' Module(s) have been scanned
Scan process 'TrustedInstaller.exe' - '52' Module(s) have been scanned
Scan process 'VCSystemTray.exe' - '173' Module(s) have been scanned
Scan process 'VCService.exe' - '39' Module(s) have been scanned
Scan process 'VCAgent.exe' - '188' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '64' Module(s) have been scanned
Scan process 'avgnt.exe' - '104' Module(s) have been scanned
Scan process 'avguard.exe' - '135' Module(s) have been scanned
Scan process 'avshadow.exe' - '34' Module(s) have been scanned
Scan process 'sched.exe' - '66' Module(s) have been scanned
Scan process 'msiexec.exe' - '58' Module(s) have been scanned
Scan process 'taskhost.exe' - '36' Module(s) have been scanned
Scan process 'Avira.OE.ServiceHost.exe' - '128' Module(s) have been scanned
Scan process 'Avira.OE.Systray.exe' - '121' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'avcenter.exe' - '146' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '33' Module(s) have been scanned
Scan process 'avscan.exe' - '114' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Scan process 'csrss.exe' - '19' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '19' Module(s) have been scanned
Scan process 'services.exe' - '39' Module(s) have been scanned
Scan process 'lsass.exe' - '77' Module(s) have been scanned
Scan process 'lsm.exe' - '28' Module(s) have been scanned
Scan process 'winlogon.exe' - '36' Module(s) have been scanned

Starting to scan executable files (registry):
The registry was scanned ( '3798' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\ProgramData\dtdata\R002.exe
[DETECTION] Contains patterns of software PUA/DefaultTab.196608.2
Begin scan in 'E:\' <Princess>

Beginning disinfection:
C:\ProgramData\dtdata\R002.exe
[DETECTION] Contains patterns of software PUA/DefaultTab.196608.2
[NOTE] The file was moved to the quarantine directory under the name '5013f5ec.qua'!


End of the scan: 2. novembra 2015 13:25
Used time: 1:30:18 Hour(s)

The scan has been done completely.

36470 Scanned directories
753032 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
753031 Files not concerned
10359 Archives were scanned
0 Warnings
1 Notes

poté ADWCleaner
# AdwCleaner v5.016 - Logfile created 02/11/2015 at 13:38:59
# Updated 01/11/2015 by Xplode
# Database : 2015-11-01.2 [Local]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Richard - NBRICHARD
# Running from : C:\Users\Richard\Desktop\adwcleaner_5.016.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\Kromtech
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\ProgramData\Babylon
[-] Folder Deleted : C:\ProgramData\Tarma Installer
[-] Folder Deleted : C:\ProgramData\dtdata
[-] Folder Deleted : C:\ProgramData\Kromtech
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rich Media Player
[-] Folder Deleted : C:\Users\Richard\AppData\Local\Rich Media Player
[-] Folder Deleted : C:\Users\Richard\AppData\LocalLow\IminentToolbar
[-] Folder Deleted : C:\Users\Richard\AppData\Roaming\Babylon
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\PackageAware

***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : DefaultCheck
[-] Task Deleted : DefaultReg

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKCU\Software\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
[-] Key Deleted : HKU\.DEFAULT\Software\VNT
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKLM\SOFTWARE\GeekBuddyRSP
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sl-dlc
[-] Key Deleted : [x64] HKLM\SOFTWARE\Kromtech

***** [ Web browsers ] *****

[-] [C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : swish.en.softonic.com

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3736 bytes] ##########

pak následoval RogueKiller:
RogueKiller V10.11.4.0 [Nov 2 2015] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Richard [Administrator]
Started from : C:\Users\Richard\Desktop\RogueKiller.exe
Mode : Delete -- Date : 11/02/2015 14:18:42

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 11 ¤¤¤
[PUP] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\KromtechAccountService ("C:\Program Files\Kromtech\Common\AccountService.exe") -> Deleted
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\KromtechAccountService ("C:\Program Files\Kromtech\Common\AccountService.exe") -> Deleted
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\KromtechAccountService ("C:\Program Files\Kromtech\Common\AccountService.exe") -> Deleted
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{811146CE-350F-4163-A078-78B21742B62E} | DhcpNameServer : 217.77.165.81 217.77.161.131 ([X][X]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{DEB75603-BAEF-42C2-9C62-F22FF89827B3} | DhcpNameServer : 10.0.0.15 10.0.0.138 ([X][X]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{811146CE-350F-4163-A078-78B21742B62E} | DhcpNameServer : 217.77.165.81 217.77.161.131 ([X][X]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{DEB75603-BAEF-42C2-9C62-F22FF89827B3} | DhcpNameServer : 10.0.0.15 10.0.0.138 ([X][X]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{811146CE-350F-4163-A078-78B21742B62E} | DhcpNameServer : 217.77.165.81 217.77.161.131 ([X][X]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{DEB75603-BAEF-42C2-9C62-F22FF89827B3} | DhcpNameServer : 10.0.0.15 10.0.0.138 ([X][X]) -> Replaced ()
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2697576798-3047597159-1036163815-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Replaced (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2697576798-3047597159-1036163815-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Replaced (1)

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 1 ¤¤¤
[PUP][Folder] C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} -> Deleted
[PUP][File] C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}\{D3742F82-1C1A-4DCC-ABBD-0E831C0185CC}.msi -> Deleted

¤¤¤ Hosts File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 624e722d5d2358e9be30290149d0b09f
[BSP] fde85cc8f7798e7b5e4a766cd45a535c : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 12029 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 24637440 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 24842240 | Size: 598349 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: +++++
--- User ---
[MBR] 4997e18ca45e5487d109d2c61ef9564d
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 8064 | Size: 7381 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )


Děkuji

a nakonec RSIT log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Richard at 2015-11-02 14:20:29
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 405 GB (68%) free of 598 GB
Total RAM: 3767 MB (45% free)

HijackThis download failed

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe"
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a0942e64-9dc4-4c1a-ae8c-991e352bec36 -SystemEventPortName:HostProcess-16ef7d0c-95fe-4f26-9eb3-a943c6492529 -IoCancelEventPortName:HostProcess-d86837aa-5aef-4d3f-8c58-8750b389891f -NonStateChangingEventPortName:HostProcess-6507e0f7-927b-426e-95ef-1549b69bcce1 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:458db900-5b9e-4663-bcac-656af095f275 -DeviceGroupId:
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe 29594560
\??\C:\Windows\system32\conhost.exe "-595459041982195843713156048119025711152242296-1531512297-911241926-1414115981
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"taskhost.exe"
taskeng.exe {05A12710-6EB4-4998-A849-FF7265B8261F}
taskeng.exe {2742A050-CE1C-487A-A8D8-34948E821606}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {21A02F25-E6EA-426E-85EF-79520776F7F5}
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" /Start
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe"
"C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -service
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2312
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_0000093c
"C:\Users\Richard\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe" "--run_as_user_process"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe" /Stationary
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e395b56d-d9ac-49e6-b76f-9ce9e5122764 -SystemEventPortName:HostProcess-f9fc10ac-0326-4870-b0c1-be84977d4070 -IoCancelEventPortName:HostProcess-026b6bb7-dad1-4820-9eef-6e41bae2a98b -NonStateChangingEventPortName:HostProcess-5a7a6c4d-7bf3-4c31-915c-2ac00ddf0c09 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:093d287c-473e-47d4-9cc9-5588ef98be7c -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files\Sony\VAIO Update\vuagent.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Sony\VAIO Power Management\SPMService.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\Sony\VAIO Care\VCSystemTray.exe" -versionsave -reminder -autoupdate
"C:\Program Files\Sony\VAIO Care\VCService.exe"
"C:\Program Files\Sony\VAIO Care\VCAgent.exe"
C:\Windows\system32\wbem\wmiprvse.exe

"C:\Users\Richard\Desktop\RSITx64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-07-19 43520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2013-07-19 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IntelWireless"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2010-07-19 1931024]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-01-08 418440]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-01-08 169096]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-01-08 393864]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-06-05 1427648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"f.lux"=C:\Users\Richard\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-23 1017224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2015-06-01 8358680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dropbox]
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2015-10-21 36711472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DT BEN]
C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [2014-04-04 122384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HW_OPENEYE_OUC_Mobile Card]
C:\Program Files\Mobile Card\UpdateDog\ouc.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-04 284696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PivotSoftware]
C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [2013-06-18 112424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher]
c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-05-27 10135584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-29 53282944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-28 2057000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tvncontrol]
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2015-06-29 2327248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2010-06-09 1128224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start GeekBuddy.lnk]
C:\PROGRA~1\COMODO\GEEKBU~1\launcher.exe [2015-06-29 48832]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2015-10-21 36711472]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2015-11-02 704512]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2015-11-02 126712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-01-08 390144]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-11-02 14:20:45 ----D---- C:\Program Files\trend micro
2015-11-02 14:20:29 ----D---- C:\rsit
2015-11-02 13:47:55 ----A---- C:\Windows\system32\drivers\TrueSight.sys
2015-11-02 13:47:53 ----D---- C:\ProgramData\RogueKiller
2015-11-02 13:41:39 ----D---- C:\ProgramData\Kromtech
2015-11-02 13:32:50 ----D---- C:\AdwCleaner
2015-11-02 11:45:55 ----D---- C:\ProgramData\Package Cache
2015-11-02 11:45:50 ----D---- C:\Users\Richard\AppData\Roaming\Avira
2015-11-02 11:44:42 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2015-11-02 11:44:42 ----A---- C:\Windows\system32\drivers\avipbb.sys
2015-11-02 11:44:42 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2015-11-02 11:44:41 ----D---- C:\ProgramData\Avira
2015-11-02 11:44:41 ----D---- C:\Program Files (x86)\Avira
2015-11-02 11:07:52 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-11-02 11:07:36 ----D---- C:\ProgramData\Malwarebytes
2015-11-02 11:07:36 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-02 11:07:36 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-11-02 11:07:36 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-11-02 11:07:36 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-11-02 10:59:24 ----D---- C:\ProgramData\MFAData
2015-11-02 10:28:36 ----D---- C:\Program Files\Bitdefender
2015-11-02 10:27:47 ----D---- C:\Users\Richard\AppData\Roaming\QuickScan
2015-10-18 14:12:52 ----A---- C:\Windows\system32\drivers\semav6msr64.sys
2015-10-18 14:12:47 ----A---- C:\Windows\SYSWOW64\mfc45.dll
2015-10-18 14:12:46 ----D---- C:\Users\Richard\AppData\Roaming\iolo
2015-10-18 14:12:46 ----D---- C:\ProgramData\iolo
2015-10-18 14:12:46 ----A---- C:\Windows\system32\iolorgdf64.exe
2015-10-16 20:51:10 ----HD---- C:\$Windows.~BT
2015-10-15 14:50:31 ----A---- C:\Windows\system32\shell32.dll
2015-10-15 14:50:30 ----A---- C:\Windows\system32\ExplorerFrame.dll
2015-10-15 14:50:29 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-10-15 14:50:29 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2015-10-15 14:50:13 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-10-15 14:50:13 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-10-15 14:50:13 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-10-15 14:50:12 ----A---- C:\Windows\SYSWOW64\occache.dll
2015-10-15 14:50:12 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-10-15 14:50:12 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-10-15 14:50:11 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-10-15 14:50:11 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-10-15 14:50:11 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-10-15 14:50:11 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-10-15 14:50:11 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-10-15 14:50:11 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-15 14:50:11 ----A---- C:\Windows\system32\iernonce.dll
2015-10-15 14:50:11 ----A---- C:\Windows\system32\ie4uinit.exe
2015-10-15 14:50:10 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-10-15 14:50:10 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-10-15 14:50:09 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-10-15 14:50:09 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-10-15 14:50:09 ----A---- C:\Windows\system32\occache.dll
2015-10-15 14:50:08 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-10-15 14:50:08 ----A---- C:\Windows\system32\urlmon.dll
2015-10-15 14:50:08 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-10-15 14:50:08 ----A---- C:\Windows\system32\iedkcs32.dll
2015-10-15 14:50:07 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-10-15 14:50:07 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-10-15 14:50:07 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-10-15 14:50:07 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-10-15 14:50:07 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-10-15 14:50:07 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-15 14:50:07 ----A---- C:\Windows\system32\dxtrans.dll
2015-10-15 14:50:06 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-10-15 14:50:06 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-10-15 14:50:06 ----A---- C:\Windows\system32\msfeeds.dll
2015-10-15 14:50:05 ----A---- C:\Windows\system32\iesetup.dll
2015-10-15 14:50:05 ----A---- C:\Windows\system32\ieapfltr.dll
2015-10-15 14:50:04 ----A---- C:\Windows\system32\iertutil.dll
2015-10-15 14:50:03 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-10-15 14:50:03 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-10-15 14:50:03 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-10-15 14:50:03 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-10-15 14:50:03 ----A---- C:\Windows\system32\vbscript.dll
2015-10-15 14:50:02 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-10-15 14:50:01 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-10-15 14:50:01 ----A---- C:\Windows\system32\jsproxy.dll
2015-10-15 14:49:59 ----A---- C:\Windows\system32\ieui.dll
2015-10-15 14:49:59 ----A---- C:\Windows\system32\ieframe.dll
2015-10-15 14:49:59 ----A---- C:\Windows\system32\dxtmsft.dll
2015-10-15 14:49:58 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-10-15 14:49:58 ----A---- C:\Windows\system32\mshtmled.dll
2015-10-15 14:49:58 ----A---- C:\Windows\system32\ieUnatt.exe
2015-10-15 14:49:57 ----A---- C:\Windows\system32\webcheck.dll
2015-10-15 14:49:57 ----A---- C:\Windows\system32\jscript9diag.dll
2015-10-15 14:49:57 ----A---- C:\Windows\system32\jscript9.dll
2015-10-15 14:49:57 ----A---- C:\Windows\system32\jscript.dll
2015-10-15 14:49:56 ----A---- C:\Windows\system32\wininet.dll
2015-10-15 14:49:55 ----A---- C:\Windows\system32\msrating.dll
2015-10-15 14:49:55 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-10-15 14:49:55 ----A---- C:\Windows\system32\mshtml.dll
2015-10-15 14:48:05 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-10-15 14:48:05 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-10-15 14:48:05 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-10-15 14:48:05 ----A---- C:\Windows\system32\wuwebv.dll
2015-10-15 14:48:05 ----A---- C:\Windows\system32\wudriver.dll
2015-10-15 14:48:05 ----A---- C:\Windows\system32\wucltux.dll
2015-10-15 14:48:05 ----A---- C:\Windows\system32\wuaueng.dll
2015-10-15 14:48:05 ----A---- C:\Windows\system32\wuauclt.exe
2015-10-15 14:48:05 ----A---- C:\Windows\system32\wuapi.dll
2015-10-15 14:48:05 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-10-15 14:48:04 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-10-15 14:48:04 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-10-15 14:48:04 ----A---- C:\Windows\system32\wups2.dll
2015-10-15 14:48:04 ----A---- C:\Windows\system32\wups.dll
2015-10-15 14:48:04 ----A---- C:\Windows\system32\wuapp.exe
2015-10-15 14:48:04 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-10-15 14:44:07 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-10-15 14:44:05 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-10-15 14:44:04 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-10-15 14:44:02 ----A---- C:\Windows\system32\kernel32.dll
2015-10-15 14:44:02 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-10-15 14:44:02 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-10-15 14:44:01 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-10-15 14:44:01 ----A---- C:\Windows\system32\ntdll.dll
2015-10-15 14:44:01 ----A---- C:\Windows\system32\lsasrv.dll
2015-10-15 14:44:01 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-10-15 14:43:59 ----A---- C:\Windows\system32\wow64.dll
2015-10-15 14:43:59 ----A---- C:\Windows\system32\rpcrt4.dll
2015-10-15 14:43:59 ----A---- C:\Windows\system32\KernelBase.dll
2015-10-15 14:43:59 ----A---- C:\Windows\system32\conhost.exe
2015-10-15 14:43:58 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-10-15 14:43:58 ----A---- C:\Windows\system32\winsrv.dll
2015-10-15 14:43:58 ----A---- C:\Windows\system32\srcore.dll
2015-10-15 14:43:57 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-10-15 14:43:57 ----A---- C:\Windows\system32\schannel.dll
2015-10-15 14:43:57 ----A---- C:\Windows\system32\rstrui.exe
2015-10-15 14:43:57 ----A---- C:\Windows\system32\kerberos.dll
2015-10-15 14:43:56 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-10-15 14:43:56 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-10-15 14:43:55 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-10-15 14:43:55 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-10-15 14:43:55 ----A---- C:\Windows\system32\wdigest.dll
2015-10-15 14:43:55 ----A---- C:\Windows\system32\TSpkg.dll
2015-10-15 14:43:55 ----A---- C:\Windows\system32\sspicli.dll
2015-10-15 14:43:55 ----A---- C:\Windows\system32\ncrypt.dll
2015-10-15 14:43:55 ----A---- C:\Windows\system32\msv1_0.dll
2015-10-15 14:43:54 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-10-15 14:43:54 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-10-15 14:43:54 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-10-15 14:43:54 ----A---- C:\Windows\system32\smss.exe
2015-10-15 14:43:54 ----A---- C:\Windows\system32\lsass.exe
2015-10-15 14:43:54 ----A---- C:\Windows\system32\auditpol.exe
2015-10-15 14:43:53 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-10-15 14:43:53 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-10-15 14:43:53 ----A---- C:\Windows\system32\sspisrv.dll
2015-10-15 14:43:53 ----A---- C:\Windows\system32\srclient.dll
2015-10-15 14:43:53 ----A---- C:\Windows\system32\ntvdm64.dll
2015-10-15 14:43:53 ----A---- C:\Windows\system32\csrsrv.dll
2015-10-15 14:43:53 ----A---- C:\Windows\system32\cryptbase.dll
2015-10-15 14:43:52 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-10-15 14:43:52 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-10-15 14:43:52 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-10-15 14:43:52 ----A---- C:\Windows\system32\wow64win.dll
2015-10-15 14:43:52 ----A---- C:\Windows\system32\secur32.dll
2015-10-15 14:43:52 ----A---- C:\Windows\system32\credssp.dll
2015-10-15 14:43:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-15 14:43:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-15 14:43:51 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-10-15 14:43:51 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-10-15 14:43:51 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-10-15 14:43:51 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-10-15 14:43:51 ----A---- C:\Windows\system32\wow64cpu.dll
2015-10-15 14:43:51 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-10-15 14:43:51 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-10-15 14:43:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-15 14:43:50 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-15 14:43:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-15 14:43:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-15 14:43:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-15 14:43:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-15 14:43:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-15 14:43:49 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-15 14:43:49 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-15 14:43:49 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-15 14:43:49 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-10-15 14:43:49 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-10-15 14:43:49 ----A---- C:\Windows\system32\apisetschema.dll
2015-10-15 14:43:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-15 14:43:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-15 14:43:48 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-15 14:43:48 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-15 14:43:48 ----A---- C:\Windows\SYSWOW64\user.exe
2015-10-15 14:43:47 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-10-15 14:43:47 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-10-15 14:43:47 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-10-15 14:43:47 ----A---- C:\Windows\system32\msobjs.dll
2015-10-15 14:43:47 ----A---- C:\Windows\system32\msaudite.dll
2015-10-15 14:43:47 ----A---- C:\Windows\system32\adtschema.dll
2015-10-15 14:42:46 ----A---- C:\Windows\system32\invagent.dll
2015-10-15 14:42:46 ----A---- C:\Windows\system32\devinv.dll
2015-10-15 14:42:46 ----A---- C:\Windows\system32\appraiser.dll
2015-10-15 14:42:45 ----A---- C:\Windows\system32\generaltel.dll
2015-10-15 14:42:45 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-10-15 14:42:45 ----A---- C:\Windows\system32\aeinv.dll
2015-10-15 14:42:44 ----A---- C:\Windows\system32\acmigration.dll
2015-10-15 14:42:12 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-10-15 14:42:11 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-10-15 14:42:11 ----A---- C:\Windows\system32\appidsvc.dll
2015-10-15 14:42:11 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-10-15 14:42:11 ----A---- C:\Windows\system32\appidapi.dll
2015-10-15 14:42:10 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-10-15 14:42:08 ----A---- C:\Windows\system32\drivers\appid.sys
2015-10-15 14:38:57 ----A---- C:\Windows\system32\ucrtbase.dll
2015-10-15 14:38:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-15 14:38:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-15 14:38:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-15 14:38:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-15 14:38:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-15 14:38:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-15 14:38:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-15 14:38:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-15 14:38:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-15 14:38:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-15 14:38:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-15 14:38:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-15 14:38:56 ----A---- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-15 14:38:56 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-15 14:38:56 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-15 14:38:56 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-15 14:38:56 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-15 14:38:56 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-15 14:38:56 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-15 14:38:56 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-15 14:38:56 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-15 14:38:56 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-15 14:38:56 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-15 14:38:56 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-15 14:38:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-15 14:38:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-15 14:38:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-15 14:38:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-15 14:38:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-15 14:38:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-15 14:38:55 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-15 14:38:55 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-15 14:38:55 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-15 14:38:55 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-15 14:38:54 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-15 14:38:54 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-15 14:38:54 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-15 14:38:54 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-15 14:38:54 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-15 14:38:54 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-15 14:38:54 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-15 14:38:54 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-15 14:38:54 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-15 14:38:54 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-15 14:38:54 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-15 14:38:54 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-15 14:38:53 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2015-10-11 21:31:56 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-10-11 21:31:56 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-11 19:46:58 ----D---- C:\Program Files (x86)\Comodo
2015-10-11 14:54:33 ----A---- C:\Windows\system32\InkEd.dll
2015-10-11 14:54:32 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-10-11 14:54:29 ----A---- C:\Windows\system32\jnwmon.dll
2015-10-11 14:54:24 ----A---- C:\Windows\system32\schedsvc.dll
2015-10-11 14:54:11 ----A---- C:\Windows\system32\sysmain.dll
2015-10-11 14:54:10 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-10-11 14:53:32 ----A---- C:\Windows\system32\msmmsp.dll
2015-10-11 14:50:57 ----A---- C:\Windows\system32\mstscax.dll
2015-10-11 14:50:56 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-10-11 14:50:53 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-10-11 14:50:53 ----A---- C:\Windows\system32\tsgqec.dll
2015-10-11 14:50:52 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2015-10-11 14:50:52 ----A---- C:\Windows\system32\aaclient.dll
2015-10-11 14:47:12 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-10-11 14:47:12 ----A---- C:\Windows\system32\tzres.dll
2015-10-11 14:47:03 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-10-11 14:47:03 ----A---- C:\Windows\system32\dwmcore.dll
2015-10-11 14:47:03 ----A---- C:\Windows\system32\dwmapi.dll
2015-10-11 14:47:02 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2015-10-11 14:46:47 ----A---- C:\Windows\system32\basesrv.dll
2015-10-11 14:45:30 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2015-10-11 14:45:30 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2015-10-11 14:45:30 ----A---- C:\Windows\system32\WebClnt.dll
2015-10-11 14:45:30 ----A---- C:\Windows\system32\davclnt.dll
2015-10-11 14:44:49 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-10-11 14:44:49 ----A---- C:\Windows\system32\FntCache.dll
2015-10-11 14:44:49 ----A---- C:\Windows\system32\DWrite.dll
2015-10-11 14:44:43 ----A---- C:\Windows\system32\d3d10warp.dll
2015-10-11 14:44:40 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2015-10-11 14:44:03 ----A---- C:\Windows\system32\UtcResources.dll
2015-10-11 14:44:03 ----A---- C:\Windows\system32\diagtrack.dll
2015-10-11 14:44:01 ----A---- C:\Windows\system32\tdh.dll
2015-10-11 14:43:54 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-10-11 14:43:51 ----A---- C:\Windows\system32\advapi32.dll
2015-10-11 14:43:50 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-10-11 14:42:35 ----A---- C:\Windows\SYSWOW64\notepad.exe
2015-10-11 14:42:35 ----A---- C:\Windows\system32\notepad.exe
2015-10-11 14:42:35 ----A---- C:\Windows\notepad.exe
2015-10-11 14:42:21 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-10-11 14:42:21 ----A---- C:\Windows\system32\consent.exe
2015-10-11 14:42:21 ----A---- C:\Windows\system32\authui.dll
2015-10-11 14:42:20 ----A---- C:\Windows\system32\appinfo.dll
2015-10-11 14:41:47 ----A---- C:\Windows\system32\msxml3.dll
2015-10-11 14:41:46 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-10-11 14:41:46 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-10-11 14:41:46 ----A---- C:\Windows\system32\msxml6.dll
2015-10-11 14:41:45 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-10-11 14:41:45 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-10-11 14:41:45 ----A---- C:\Windows\system32\msxml6r.dll
2015-10-11 14:41:45 ----A---- C:\Windows\system32\msxml3r.dll
2015-10-11 14:39:24 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-10-11 14:39:24 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-10-11 14:39:24 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-10-11 14:39:24 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-10-11 14:39:24 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-10-11 14:39:24 ----A---- C:\Windows\system32\win32k.sys
2015-10-11 14:39:24 ----A---- C:\Windows\system32\lpk.dll
2015-10-11 14:39:24 ----A---- C:\Windows\system32\fontsub.dll
2015-10-11 14:39:24 ----A---- C:\Windows\system32\dciman32.dll
2015-10-11 14:39:24 ----A---- C:\Windows\system32\atmlib.dll
2015-10-11 14:39:24 ----A---- C:\Windows\system32\atmfd.dll

======List of files/folders modified in the last 1 month======

2015-11-02 14:20:45 ----RD---- C:\Program Files
2015-11-02 14:20:11 ----D---- C:\Windows\temp
2015-11-02 14:18:41 ----D---- C:\ProgramData
2015-11-02 13:47:55 ----D---- C:\Windows\system32\drivers
2015-11-02 13:47:37 ----D---- C:\Windows\system32\config
2015-11-02 13:47:37 ----D---- C:\Windows\System32
2015-11-02 13:47:37 ----D---- C:\Windows\inf
2015-11-02 13:47:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-02 13:42:54 ----A---- C:\Windows\SYSWOW64\log.txt
2015-11-02 13:41:43 ----D---- C:\Windows\system32\catroot
2015-11-02 13:40:10 ----D---- C:\Windows\system32\Tasks
2015-11-02 12:54:11 ----SHD---- C:\System Volume Information
2015-11-02 11:46:44 ----SHD---- C:\Windows\Installer
2015-11-02 11:46:43 ----D---- C:\Config.Msi
2015-11-02 11:44:41 ----D---- C:\Program Files (x86)
2015-11-02 11:25:33 ----D---- C:\Windows\Web
2015-11-02 10:15:36 ----D---- C:\Windows\Prefetch
2015-11-01 21:40:07 ----D---- C:\Program Files\Sony
2015-11-01 21:39:02 ----D---- C:\Update
2015-11-01 01:42:56 ----D---- C:\Users\Richard\AppData\Roaming\vlc
2015-10-21 14:34:54 ----D---- C:\Users\Richard\AppData\Roaming\dvdcss
2015-10-21 09:14:14 ----D---- C:\Program Files (x86)\Dropbox
2015-10-20 13:08:50 ----D---- C:\Users\Richard\AppData\Roaming\Skype
2015-10-18 14:12:47 ----D---- C:\Windows\SysWOW64
2015-10-18 14:12:15 ----RSD---- C:\Windows\assembly
2015-10-18 13:57:47 ----D---- C:\ProgramData\Sony Corporation
2015-10-18 13:57:12 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-10-17 23:30:11 ----D---- C:\Windows\rescache
2015-10-16 21:01:42 ----D---- C:\Windows\Panther
2015-10-16 20:51:09 ----D---- C:\Windows\Logs
2015-10-15 19:27:41 ----D---- C:\Windows\winsxs
2015-10-15 19:23:37 ----D---- C:\Program Files\Internet Explorer
2015-10-15 19:23:36 ----D---- C:\Windows\SYSWOW64\en-US
2015-10-15 19:23:30 ----D---- C:\Windows\system32\en-US
2015-10-15 19:23:26 ----D---- C:\Program Files (x86)\Internet Explorer
2015-10-15 19:23:18 ----D---- C:\Windows\AppPatch
2015-10-15 19:23:17 ----SD---- C:\Windows\system32\CompatTel
2015-10-15 19:23:16 ----D---- C:\Windows\system32\appraiser
2015-10-15 19:23:12 ----D---- C:\Windows\system32\CodeIntegrity
2015-10-15 19:23:12 ----D---- C:\Windows\system32\Boot
2015-10-15 17:19:34 ----D---- C:\ProgramData\Microsoft Help
2015-10-15 17:16:49 ----A---- C:\Windows\win.ini
2015-10-15 11:31:10 ----D---- C:\Windows\system32\catroot2
2015-10-12 08:04:21 ----D---- C:\Windows\Microsoft.NET
2015-10-12 07:19:59 ----SD---- C:\Windows\system32\GWX
2015-10-12 07:06:57 ----D---- C:\Program Files\Windows Journal
2015-10-12 07:06:53 ----D---- C:\Windows\system32\drivers\en-US
2015-10-12 07:06:53 ----D---- C:\Windows\ehome
2015-10-12 07:06:49 ----D---- C:\Windows\PolicyDefinitions
2015-10-12 07:06:33 ----D---- C:\Windows
2015-10-12 07:06:31 ----SD---- C:\Windows\SYSWOW64\GWX
2015-10-11 21:30:22 ----D---- C:\Program Files\Microsoft Silverlight
2015-10-11 21:30:22 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-10-11 14:03:25 ----D---- C:\Program Files (x86)\Opera
2015-10-11 13:55:16 ----D---- C:\Windows\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-03-04 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2015-11-02 132120]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2015-11-02 28600]
R1 CFRMD;CFRMD; C:\Windows\system32\DRIVERS\CFRMD.sys [2014-06-26 37976]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2015-06-05 20672]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2015-06-05 797256]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2015-06-05 45856]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2015-06-05 104584]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2015-11-02 128536]
R2 rimspci;rimspci; C:\Windows\system32\drivers\rimssne64.sys [2010-06-22 94208]
R2 risdsnpe;risdsnpe; C:\Windows\system32\drivers\risdsne64.sys [2010-06-22 78848]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-01-08 12312896]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-06-25 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-05-27 2307616]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-01-08 317440]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-11-15 111216]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-11-02 25816]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2010-07-14 7821312]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2010-04-26 12032]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-28 316464]
R3 vpcbus;Virtual PC Host Bus Service; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;USB Virtualization Connector Service; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-06-18 342056]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-06-18 102952]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-06-18 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-06-18 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-06-18 21544]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys []
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 hidkmdf;KMDF Driver; C:\Windows\system32\DRIVERS\hidkmdf.sys [2014-10-25 14136]
S3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-07-29 29720]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-11-02 63704]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2012-09-10 22528]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-05-31 7689216]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-06-22 86120]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TrueSight;TrueSight; \??\C:\Windows\System32\drivers\TrueSight.sys [2015-11-02 35064]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WacHidRouter;Wacom Hid Router; C:\Windows\system32\DRIVERS\wachidrouter.sys []
S3 wacomrouterfilter;Wacom Router Filter Driver; C:\Windows\system32\DRIVERS\wacomrouterfilter.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2015-11-02 432888]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2015-11-02 432888]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2015-11-02 182520]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-06-09 952096]
R2 CLPSLauncher;COMODO LPS Launcher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2015-06-29 70848]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2015-06-05 5541960]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DTSRVC;Portrait Displays Display Tune Service; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [2014-04-04 138768]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-07-19 1429776]
R2 GeekBuddyRSP;GeekBuddyRSP Server; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2015-06-29 2327248]
R2 ChromodoUpdater;COMODO Chromodo Update Service; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [2015-10-18 1982648]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-02-23 268824]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-05-21 159336]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2014-01-22 122384]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-07-19 838928]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-02-23 2320920]
R2 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-06-22 575856]
R3 USER_ESRV_SVC;User Energy Server Service; C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe [2015-10-18 413336]
R3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2015-10-18 59928]
R3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [2015-10-18 1653272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-29 134512]
S2 ESRV_SVC;Energy Server Service; C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe [2015-10-18 413336]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-11 144200]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-11-02 1135416]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2015-06-05 2265792]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-29 134512]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-11 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-10-15 114688]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-07-19 340240]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SOHCImp;VAIO Media plus Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-21 108400]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-06-09 537456]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-06-09 384880]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-06-09 101232]
S4 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 SOHDms;VAIO Media plus Digital Media Server; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 423280]
S4 SOHDs;VAIO Media plus Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-21 67952]
S4 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-06-07 304496]
S4 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2014-08-04 5095264]
S4 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-06-17 851824]

-----------------EOF-----------------

Zdravím, a pokračujem


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.