Prosím o kontrolu logu

Zpráva

Bodynek · #1 Příspěvek od **Bodynek** » 15 úno 2014 15:32

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-02-2014 01
Ran by vaio (administrator) on VAIO-VAIO on 15-02-2014 15:26:46
Running from C:\Users\vaio\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Adobe Systems Incorporated) c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
(Microsoft Corporation) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
() C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\BMDStreamingServer.exe
(Blackmagic Design) C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\CheckVersionPCI.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Advanced Micro Devices Inc.) c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Blackmagic Design\Blackmagic Media Express\MediaExpress.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\vaio\Desktop\FRST64 (1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [208384 2009-08-03] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7938080 2009-07-24] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-07-24] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Blackmagic Streaming Server] - C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\BMDStreamingServer.exe [1102336 2013-01-22] ()
HKLM\...\Run: [Blackmagic CheckVersion PCI] - C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\CheckVersionPCI.exe [34087520 2013-01-22] (Blackmagic Design)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [317288 2009-05-26] (Sony Corporation)
HKLM-x32\...\Run: [StartCCC] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [538472 2009-06-18] (Symantec Corporation)
HKLM-x32\...\Run: [PowerDVD12DMREngine] - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [506480 2012-12-28] (CyberLink)
HKLM-x32\...\Run: [PowerDVD12Agent] - C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [375168 2012-12-28] (CyberLink Corp.)
HKLM-x32\...\Run: [Blackmagic CheckVersion] - C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\CheckVersion.exe
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCEPServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
Winlogon\Notify\VESWinlogon-x32: VESWinlogon.dll [X]
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\Run: [] - [X]
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: G - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: H - H:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {04de4ee4-702f-11e2-9212-806e6f6e6963} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {08a7c687-0a2a-11e3-8672-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {1c648874-d5ba-11e2-933f-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {2842595a-799c-11e2-b5bf-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {4f7b37f8-96ad-11e2-8971-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {541b8764-e19f-11e2-9523-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {7e95cdfc-8241-11e2-bc7b-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {87b0eb93-6544-11e2-b8d1-002643a93d54} - H:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {87b0eb9f-6544-11e2-b8d1-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {90e3a8f9-88a0-11e2-88fc-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {94e4db88-058e-11e3-86b8-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {9c5c8453-8255-11e2-8915-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {bede6e79-8404-11e2-884a-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {c4335df2-0315-11e3-9e56-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {c8f54d68-0573-11e3-9edf-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {cdbf12b4-2cbc-11e3-97a3-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {d66e0f69-e192-11e2-b891-002643a93d54} - H:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {fcd2853b-d5b5-11e2-9ef5-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {ff2e581a-d5bb-11e2-8642-002643a93d54} - G:\Autorun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=EU01
SearchScopes: HKCU - {0F9DF43B-70F8-47FD-B453-80295D1DF8AE} URL = http://services.zinio.com/search?s={sel ... sonyslices
SearchScopes: HKCU - {820BDAC4-CFC2-419A-A551-BB6E3D5F5576} URL = http://www.google.co.uk/search?hl=en&q= ... rms}&meta=
SearchScopes: HKCU - {E71FFF25-AE48-4259-9B81-22A389F87A25} URL = http://websearch.ask.com/redirect?clien ... D0B81CAE3C
SearchScopes: HKCU - {EE6E5539-2C6E-4E05-816B-FD1B4DD9EA67} URL = http://rover.ebay.com/rover/1/710-42480 ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{007175F9-4EEE-49EB-ACFF-4CA50A153CF4}: [NameServer]176.67.229.194,193.179.1.54

Chrome:
=======
CHR HomePage:
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.140.8) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U14) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Extension: (YouTube) - C:\Users\vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-28]
CHR Extension: (Vyhledávání Google) - C:\Users\vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-28]
CHR Extension: (Cut the Rope) - C:\Users\vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2013-05-18]
CHR Extension: (avast! Online Security) - C:\Users\vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-05-22]
CHR Extension: (Skype Click to Call) - C:\Users\vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-09-24]
CHR Extension: (Peněženka Google) - C:\Users\vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-28]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-01-03]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640 2014-01-03] (Microsoft Corporation)
R2 CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [91248 2012-12-28] (CyberLink Corp.)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [78960 2012-12-28] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [296048 2012-12-28] (CyberLink)
R2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [417128 2013-12-02] (Gemfor s.r.o.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-06-26] (Sonic Solutions)
S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-06-26] (Sonic Solutions)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [189984 2009-07-24] (Realtek Semiconductor)
S3 SOHDBSvr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [70952 2009-07-28] (Sony Corporation)
S3 SOHPlMgr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [91432 2009-07-28] (Sony Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2009-07-23] (Sony Corporation)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [642920 2009-07-23] (Sony Corporation)
R3 Vcsw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [313264 2009-07-23] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [206336 2009-07-23] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-05-09] (AVAST Software)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [218624 2011-09-09] (Huawei Technologies Co., Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R2 ntk_PowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [83704 2012-09-10] (Cyberlink Corp.)
R2 risdptsk; C:\Windows\system32\DRIVERS\risdsn64.sys [76288 2009-07-31] (REDC)
S3 seu4bus; C:\Windows\System32\DRIVERS\seu4bus.sys [335872 2008-06-13] (MCCI Corporation)
S3 seu4card; C:\Windows\System32\DRIVERS\seu4card.sys [394752 2008-06-13] (MCCI Corporation)
S3 seu4mdfl; C:\Windows\System32\DRIVERS\seu4mdfl.sys [19456 2008-06-13] (MCCI Corporation)
S3 seu4mdfl2; C:\Windows\System32\DRIVERS\seu4mdfl2.sys [19456 2008-06-13] (MCCI Corporation)
S3 seu4mdm; C:\Windows\System32\DRIVERS\seu4mdm.sys [439296 2008-06-13] (MCCI Corporation)
S3 seu4mdm2; C:\Windows\System32\DRIVERS\seu4mdm2.sys [490496 2008-06-13] (MCCI Corporation)
S3 seu4nd5; C:\Windows\System32\DRIVERS\seu4nd5.sys [34304 2008-06-13] (MCCI Corporation)
S3 seu4unic; C:\Windows\System32\DRIVERS\seu4unic.sys [453120 2008-06-13] (MCCI Corporation)
S3 Sony_EricssonWWSC; C:\Windows\System32\DRIVERS\seu4scard64.sys [29736 2008-06-23] (Sony Ericsson)
R3 Streaming; C:\Windows\System32\DRIVERS\BlackmagicStreaming.sys [12288 2013-01-22] (Blackmagic Design)
R2 {73526619-C24F-470B-9BED-53D455FBB5C6}; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [130320 2012-12-28] (CyberLink Corp.)
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-02-15 15:26 - 2014-02-15 15:27 - 00022074 _____ () C:\Users\vaio\Desktop\FRST.txt
2014-02-15 15:25 - 2014-02-15 15:26 - 00000000 ____D () C:\FRST
2014-02-15 15:25 - 2014-02-15 15:25 - 02152960 _____ (Farbar) C:\Users\vaio\Desktop\FRST64 (1).exe
2014-02-15 15:24 - 2014-02-15 15:25 - 02152960 _____ (Farbar) C:\Users\vaio\Downloads\FRST64.exe
2014-02-13 14:17 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 14:17 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 14:16 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 14:16 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-13 14:16 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 14:16 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 14:16 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 14:16 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 14:16 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 14:16 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 14:16 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 14:16 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 14:16 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 14:16 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 14:16 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 14:16 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 14:16 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 14:16 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 14:15 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 14:15 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 14:15 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 14:15 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 14:15 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 14:15 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 14:15 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 14:15 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 14:15 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 14:15 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 14:15 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 14:15 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 14:15 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 14:15 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 14:15 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 14:15 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 14:15 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 14:15 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 14:15 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 14:15 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 14:15 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 14:15 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 14:15 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 13:35 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 13:35 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 13:35 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 13:35 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 13:35 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 13:35 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 13:35 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 13:35 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 13:35 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 13:35 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 13:35 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 13:35 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 13:35 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 13:35 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 13:35 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 13:35 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 13:35 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 13:35 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 13:35 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 13:35 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 13:35 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 13:35 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 13:35 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 13:35 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 13:35 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 13:35 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 13:35 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 13:35 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-13 13:29 - 2014-02-13 13:29 - 00000000 ____D () C:\Windows\pss
2014-02-11 13:38 - 2014-02-11 13:39 - 00000000 ____D () C:\Users\vaio\Downloads\ExtFat32_v2.00
2014-02-11 13:37 - 2014-02-11 13:37 - 00564213 _____ () C:\Users\vaio\Downloads\ExtFat32_v2.00.zip
2014-02-11 13:35 - 2014-02-11 13:36 - 02461442 _____ () C:\Users\vaio\Downloads\MyBook_98SE_Driver_1.00.01.zip
2014-02-11 13:35 - 2014-02-11 13:36 - 00000022 _____ () C:\Users\vaio\Downloads\MyBook_98SE_Driver_1.00.01 (1).zip
2014-02-11 13:28 - 2014-02-11 13:37 - 00000022 _____ () C:\Users\vaio\Downloads\WD Passport 2.5 W98 installer.zip
2014-02-10 16:20 - 2014-02-11 14:55 - 00000000 ____D () C:\Users\vaio\Documents\akce 4-5 12
2014-01-17 16:41 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-17 16:41 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-17 16:41 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-17 16:41 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-17 16:41 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-17 16:41 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-17 16:41 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-17 16:41 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-17 16:41 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

2014-02-15 15:27 - 2014-02-15 15:26 - 00022074 _____ () C:\Users\vaio\Desktop\FRST.txt
2014-02-15 15:26 - 2014-02-15 15:25 - 00000000 ____D () C:\FRST
2014-02-15 15:25 - 2014-02-15 15:25 - 02152960 _____ (Farbar) C:\Users\vaio\Desktop\FRST64 (1).exe
2014-02-15 15:25 - 2014-02-15 15:24 - 02152960 _____ (Farbar) C:\Users\vaio\Downloads\FRST64.exe
2014-02-15 15:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-02-15 15:11 - 2013-01-28 08:12 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-15 15:06 - 2013-07-06 13:04 - 07450619 _____ () C:\Users\vaio\Documents\Untitled 02.mp4
2014-02-15 15:06 - 2013-01-23 02:21 - 01177837 _____ () C:\Windows\WindowsUpdate.log
2014-02-15 15:04 - 2013-06-30 18:20 - 32953677 _____ () C:\Users\vaio\Documents\Untitled 01.mp4
2014-02-15 15:02 - 2009-07-14 05:45 - 00010096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-15 15:02 - 2009-07-14 05:45 - 00010096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-15 15:00 - 2013-01-22 18:19 - 00003970 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{78B8294A-6AE4-4AED-81E4-F80B4D6C876D}
2014-02-15 14:53 - 2013-06-10 07:54 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-02-15 14:53 - 2013-01-28 08:11 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-15 14:52 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-15 14:52 - 2009-07-14 05:51 - 00274960 _____ () C:\Windows\setupact.log
2014-02-14 16:51 - 2013-02-23 09:32 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-14 14:39 - 2013-09-22 13:34 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3316435760-3872344062-735843174-1000UA.job
2014-02-14 14:39 - 2013-09-22 13:34 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3316435760-3872344062-735843174-1000Core.job
2014-02-14 08:54 - 2013-01-25 09:40 - 00000000 ____D () C:\Users\vaio\AppData\Local\Adobe
2014-02-13 13:29 - 2014-02-13 13:29 - 00000000 ____D () C:\Windows\pss
2014-02-13 13:28 - 2013-09-23 13:34 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-13 13:28 - 2013-01-23 02:47 - 00000000 ____D () C:\ProgramData\Skype
2014-02-13 13:25 - 2013-02-01 14:26 - 00000000 ____D () C:\Users\vaio\AppData\Roaming\Skype
2014-02-13 12:54 - 2013-01-28 09:23 - 01686950 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-13 12:54 - 2009-08-19 00:43 - 00713152 _____ () C:\Windows\system32\perfh005.dat
2014-02-13 12:54 - 2009-08-19 00:43 - 00157630 _____ () C:\Windows\system32\perfc005.dat
2014-02-13 12:54 - 2009-07-14 06:13 - 01686950 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-12 15:57 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-11 15:02 - 2013-11-20 11:32 - 00000000 ____D () C:\Users\vaio\Desktop\konverze
2014-02-11 14:55 - 2014-02-10 16:20 - 00000000 ____D () C:\Users\vaio\Documents\akce 4-5 12
2014-02-11 14:53 - 2013-09-09 16:12 - 00000000 ____D () C:\Users\Public\Documents\101GOPRO
2014-02-11 13:51 - 2013-02-23 09:32 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-11 13:51 - 2013-02-23 09:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-11 13:51 - 2013-02-23 09:32 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-11 13:39 - 2014-02-11 13:38 - 00000000 ____D () C:\Users\vaio\Downloads\ExtFat32_v2.00
2014-02-11 13:37 - 2014-02-11 13:37 - 00564213 _____ () C:\Users\vaio\Downloads\ExtFat32_v2.00.zip
2014-02-11 13:37 - 2014-02-11 13:28 - 00000022 _____ () C:\Users\vaio\Downloads\WD Passport 2.5 W98 installer.zip
2014-02-11 13:36 - 2014-02-11 13:35 - 02461442 _____ () C:\Users\vaio\Downloads\MyBook_98SE_Driver_1.00.01.zip
2014-02-11 13:36 - 2014-02-11 13:35 - 00000022 _____ () C:\Users\vaio\Downloads\MyBook_98SE_Driver_1.00.01 (1).zip
2014-02-11 13:22 - 2013-12-15 17:16 - 00339968 _____ (Western Digital Technologies, Inc.) C:\Windows\SysWOW64\WDBtnMgr.exe
2014-02-11 13:18 - 2013-02-12 13:47 - 00000349 _____ () C:\Users\Public\Documents\PCLECHAL.INI
2014-02-11 12:44 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-02-07 16:32 - 2014-01-07 15:42 - 00008311 _____ () C:\Users\vaio\Documents\Tab 1.xlsx
2014-02-06 13:16 - 2014-02-13 14:15 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-13 14:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-13 14:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-13 14:15 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-13 14:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-13 14:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-13 14:16 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-13 14:16 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-13 14:16 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-13 14:16 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-13 14:15 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-13 14:15 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-13 14:15 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-13 14:16 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-13 14:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-13 14:16 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-13 14:15 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-13 14:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-13 14:15 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-13 14:16 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:57 - 2014-02-13 14:15 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:52 - 2014-02-13 14:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-13 14:15 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-13 14:15 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-13 14:16 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-13 14:16 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-13 14:15 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-13 14:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:25 - 2014-02-13 14:15 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:24 - 2014-02-13 14:15 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-13 14:15 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-13 14:16 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-13 14:15 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-13 14:15 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-13 14:15 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-13 14:15 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-13 14:15 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-13 14:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-13 14:15 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-01-20 12:50 - 2009-07-14 05:45 - 05193120 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-20 12:43 - 2013-05-30 14:39 - 00000000 ____D () C:\Users\vaio\AppData\Roaming\vlc
2014-01-20 12:32 - 2013-01-23 02:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-19 08:33 - 2013-01-23 15:46 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-17 16:43 - 2013-08-15 08:16 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-17 16:39 - 2013-01-28 07:44 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\vaio\AppData\Local\Temp\AAMHelper.exe
C:\Users\vaio\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\vaio\AppData\Local\Temp\APNStub.exe
C:\Users\vaio\AppData\Local\Temp\COMAP.EXE
C:\Users\vaio\AppData\Local\Temp\DiskMax64.exe
C:\Users\vaio\AppData\Local\Temp\FW_screensaver.exe
C:\Users\vaio\AppData\Local\Temp\Hammer0.exe
C:\Users\vaio\AppData\Local\Temp\InstHelper.exe
C:\Users\vaio\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\vaio\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\vaio\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exe
C:\Users\vaio\AppData\Local\Temp\oi_{C04A7B51-F1F4-4659-B178-791B93CD911D}.exe
C:\Users\vaio\AppData\Local\Temp\setup.exe
C:\Users\vaio\AppData\Local\Temp\setup32.exe
C:\Users\vaio\AppData\Local\Temp\setup64.exe
C:\Users\vaio\AppData\Local\Temp\SkypeSetup.exe
C:\Users\vaio\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\vaio\AppData\Local\Temp\Uninstaller.exe
C:\Users\vaio\AppData\Local\Temp\Update.exe
C:\Users\vaio\AppData\Local\Temp\_is3BC8.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-06-03 11:50

==================== End Of Log ============================

#2 Příspěvek od **Rudy** » 16 úno 2014 17:54

Zdravím!

Otevřte poznámkový blok a zkopírujte do něj:

Start
Winlogon\Notify\VESWinlogon-x32: VESWinlogon.dll [X]
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\Run: [] - [X]
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: G - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: H - H:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {04de4ee4-702f-11e2-9212-806e6f6e6963} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {08a7c687-0a2a-11e3-8672-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {1c648874-d5ba-11e2-933f-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {2842595a-799c-11e2-b5bf-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {4f7b37f8-96ad-11e2-8971-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {541b8764-e19f-11e2-9523-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {7e95cdfc-8241-11e2-bc7b-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {87b0eb93-6544-11e2-b8d1-002643a93d54} - H:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {87b0eb9f-6544-11e2-b8d1-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {90e3a8f9-88a0-11e2-88fc-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {94e4db88-058e-11e3-86b8-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {9c5c8453-8255-11e2-8915-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {bede6e79-8404-11e2-884a-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {c4335df2-0315-11e3-9e56-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {c8f54d68-0573-11e3-9edf-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {cdbf12b4-2cbc-11e3-97a3-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {d66e0f69-e192-11e2-b891-002643a93d54} - H:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {fcd2853b-d5b5-11e2-9ef5-002643a93d54} - G:\Autorun.exe
HKU\S-1-5-21-3316435760-3872344062-735843174-1000\...\MountPoints2: {ff2e581a-d5bb-11e2-8642-002643a93d54} - G:\Autorun.exe
earchScopes: HKCU - {0F9DF43B-70F8-47FD-B453-80295D1DF8AE} URL = http://services.zinio.com/search?s={sel ... sonyslices
SearchScopes: HKCU - {E71FFF25-AE48-4259-9B81-22A389F87A25} URL = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=FC722363-5380-4C7E-B491-C0DD91412471&apn_sauid=56846D5B-977D-41CC-B32B-ADD0B81CAE3C
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
C:\Users\vaio\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu