Haved v PC.

[andrejj]

uz som to skopiroval spravne.

ComboFix 13-04-17.01 - Andrej . 04. 2013 15:38:34.2.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.2047.1110 [GMT 2:00]
Running from: c:\users\Andrej\Desktop\ComboFix.exe
Command switches used :: c:\users\Andrej\Desktop\CFScript.txt
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\tasks\Adobe Flash Player Updater.job"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-57048970-2663454264-3034485676-1000Core.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-57048970-2663454264-3034485676-1000UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Hotspot Shield
c:\program files (x86)\Hotspot Shield\bin\af_proxy.dll
c:\program files (x86)\Hotspot Shield\bin\af_proxy_cmd.exe
c:\program files (x86)\Hotspot Shield\bin\cfghlp.dll
c:\program files (x86)\Hotspot Shield\bin\cpau.dll
c:\program files (x86)\Hotspot Shield\bin\FBW.exe
c:\program files (x86)\Hotspot Shield\bin\FBWMgr.exe
c:\program files (x86)\Hotspot Shield\bin\ffinst.exe
c:\program files (x86)\Hotspot Shield\bin\hssfixme.exe
c:\program files (x86)\Hotspot Shield\bin\hssinst.dll
c:\program files (x86)\Hotspot Shield\bin\HssInstaller.exe
c:\program files (x86)\Hotspot Shield\bin\HssInstaller64.exe
c:\program files (x86)\Hotspot Shield\bin\HSSTrayService.exe
c:\program files (x86)\Hotspot Shield\bin\hsswd.exe
c:\program files (x86)\Hotspot Shield\bin\lang\gui-ara.dll
c:\program files (x86)\Hotspot Shield\bin\lang\gui-bur.dll
c:\program files (x86)\Hotspot Shield\bin\lang\gui-eng.dll
c:\program files (x86)\Hotspot Shield\bin\lang\gui-fre.dll
c:\program files (x86)\Hotspot Shield\bin\lang\gui-ger.dll
c:\program files (x86)\Hotspot Shield\bin\lang\gui-chi.dll
c:\program files (x86)\Hotspot Shield\bin\lang\gui-jpn.dll
c:\program files (x86)\Hotspot Shield\bin\lang\gui-per.dll
c:\program files (x86)\Hotspot Shield\bin\lang\gui-rus.dll
c:\program files (x86)\Hotspot Shield\bin\lang\gui-spa.dll
c:\program files (x86)\Hotspot Shield\bin\lang\gui-tur.dll
c:\program files (x86)\Hotspot Shield\bin\lang\gui-vie.dll
c:\program files (x86)\Hotspot Shield\bin\libeay32.dll
c:\program files (x86)\Hotspot Shield\bin\libpkcs11-helper-1.dll
c:\program files (x86)\Hotspot Shield\bin\libssl32.dll
c:\program files (x86)\Hotspot Shield\bin\NetworkRep.dll
c:\program files (x86)\Hotspot Shield\bin\openvpn.exe
c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe
c:\program files (x86)\Hotspot Shield\bin\openvpntray.exe
c:\program files (x86)\Hotspot Shield\bin\tapinstall.exe
c:\program files (x86)\Hotspot Shield\bin\vistahlp.dll
c:\program files (x86)\Hotspot Shield\bin\wddll.dll
c:\program files (x86)\Hotspot Shield\bin\zlib1.dll
c:\program files (x86)\Hotspot Shield\config\config.hvpn
c:\program files (x86)\Hotspot Shield\config\hss_data\00f0e347ddc91c7073b200812ac55e22
c:\program files (x86)\Hotspot Shield\config\hss_data\08992b06b3293e13e4d5f53f6e067d2c
c:\program files (x86)\Hotspot Shield\config\hss_data\1d69ef28104409d2c1aa05fd5263544b
c:\program files (x86)\Hotspot Shield\config\hss_data\2fec6e628a4ee57f125b1c87a354c42a
c:\program files (x86)\Hotspot Shield\config\hss_data\32ff50b259fdb532aba3bfd4fc9c19f0
c:\program files (x86)\Hotspot Shield\config\hss_data\5406084c3c923ce2680bd4748190cf40
c:\program files (x86)\Hotspot Shield\config\hss_data\59b38185f045fa2903cc032fcc2a2846
c:\program files (x86)\Hotspot Shield\config\hss_data\5d96080e62e2f6aa3f301cb94d5f30d0
c:\program files (x86)\Hotspot Shield\config\hss_data\64735a456ebed180d8c50ca48e9c0398
c:\program files (x86)\Hotspot Shield\config\hss_data\8656bc2e83f419aef98316770b6540cd
c:\program files (x86)\Hotspot Shield\config\hss_data\86946fd54bc6bdfc0022fa6e9c4ebfe3
c:\program files (x86)\Hotspot Shield\config\hss_data\8a25bbd5affbb3ae75f6fb82c390dcee
c:\program files (x86)\Hotspot Shield\config\hss_data\8a960e9fe506c22c9d02c52b5fee5c0a
c:\program files (x86)\Hotspot Shield\config\hss_data\a56d666e246c6ebf4364757c1748e59f
c:\program files (x86)\Hotspot Shield\config\hss_data\b0b81b0d25d24bfc152d89daf297918a
c:\program files (x86)\Hotspot Shield\config\hss_data\bb3dbc851f22daeee9284269aa835db5
c:\program files (x86)\Hotspot Shield\config\hss_data\bbcc7b91a52816a7b60d5c21a379f57e
c:\program files (x86)\Hotspot Shield\config\hss_data\c238afdc1b457c4e55fb8be6ec521074
c:\program files (x86)\Hotspot Shield\config\hss_data\d19ddb95ec9640b0e0b21a6ef33be077
c:\program files (x86)\Hotspot Shield\config\hss_data\d4218dfa2777e1d8452dcb7c82c5e24f
c:\program files (x86)\Hotspot Shield\config\hss_data\f1075ba7d8a7dbdb33eb05a925bb0dea
c:\program files (x86)\Hotspot Shield\config\hss_data\sess_unified
c:\program files (x86)\Hotspot Shield\config\hss_data\stats
c:\program files (x86)\Hotspot Shield\config\hss_data\wrurl
c:\program files (x86)\Hotspot Shield\config\hsscon.cfg
c:\program files (x86)\Hotspot Shield\config\hssst.cfg
c:\program files (x86)\Hotspot Shield\config\hssst.cfg.bak
c:\program files (x86)\Hotspot Shield\config\icooff.cfg
c:\program files (x86)\Hotspot Shield\config\proxy.hvpn
c:\program files (x86)\Hotspot Shield\config\sd-info-direct.cfg
c:\program files (x86)\Hotspot Shield\config\sd-info-main.cfg
c:\program files (x86)\Hotspot Shield\config\sd-info-saved.cfg
c:\program files (x86)\Hotspot Shield\config\sdcon.cfg
c:\program files (x86)\Hotspot Shield\config\upd_dat.cfg
c:\program files (x86)\Hotspot Shield\config\update.cfg
c:\program files (x86)\Hotspot Shield\config\update_info.cfg
c:\program files (x86)\Hotspot Shield\driver\taphss6.cat
c:\program files (x86)\Hotspot Shield\driver\taphss6.inf
c:\program files (x86)\Hotspot Shield\driver\taphss6.sys
c:\program files (x86)\Hotspot Shield\hss.ico
c:\program files (x86)\Hotspot Shield\HssFF\config_ff.txt
c:\program files (x86)\Hotspot Shield\HssFF\config_ff_srch.txt
c:\program files (x86)\Hotspot Shield\HssIE\config.txt
c:\program files (x86)\Hotspot Shield\HssIE\config_srch.txt
c:\program files (x86)\Hotspot Shield\HssIE\HssIE.dll
c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
c:\program files (x86)\Hotspot Shield\hsswd\default\default.cfg
c:\program files (x86)\Hotspot Shield\HssWPR\hssdrv6.cat
c:\program files (x86)\Hotspot Shield\HssWPR\hssdrv6.sys
c:\program files (x86)\Hotspot Shield\HssWPR\hssinst.dll
c:\program files (x86)\Hotspot Shield\HssWPR\HssInstaller64.exe
c:\program files (x86)\Hotspot Shield\HssWPR\HssSrv.exe
c:\program files (x86)\Hotspot Shield\HssWPR\nethss6.inf
c:\program files (x86)\Hotspot Shield\HssWPR\wpr.conf
c:\program files (x86)\Hotspot Shield\htdocs\bg_btn_sing.png
c:\program files (x86)\Hotspot Shield\htdocs\blank.html
c:\program files (x86)\Hotspot Shield\htdocs\btn_blue_bg.png
c:\program files (x86)\Hotspot Shield\htdocs\btn_buy.png
c:\program files (x86)\Hotspot Shield\htdocs\btn_close.png
c:\program files (x86)\Hotspot Shield\htdocs\btn_close_20.png
c:\program files (x86)\Hotspot Shield\htdocs\btn_green_bg.png
c:\program files (x86)\Hotspot Shield\htdocs\btn_green_big_bg.png
c:\program files (x86)\Hotspot Shield\htdocs\btn_help.png
c:\program files (x86)\Hotspot Shield\htdocs\btn_info.png
c:\program files (x86)\Hotspot Shield\htdocs\btn_red_bg.png
c:\program files (x86)\Hotspot Shield\htdocs\btn_select.png
c:\program files (x86)\Hotspot Shield\htdocs\btn_settings.png
c:\program files (x86)\Hotspot Shield\htdocs\btn_share.png
c:\program files (x86)\Hotspot Shield\htdocs\common.css
c:\program files (x86)\Hotspot Shield\htdocs\common.js
c:\program files (x86)\Hotspot Shield\htdocs\connected.png
c:\program files (x86)\Hotspot Shield\htdocs\connected12.bmp
c:\program files (x86)\Hotspot Shield\htdocs\connected12.png
c:\program files (x86)\Hotspot Shield\htdocs\connected16.bmp
c:\program files (x86)\Hotspot Shield\htdocs\connected16.png
c:\program files (x86)\Hotspot Shield\htdocs\connected20.bmp
c:\program files (x86)\Hotspot Shield\htdocs\connected20.png
c:\program files (x86)\Hotspot Shield\htdocs\connected24.bmp
c:\program files (x86)\Hotspot Shield\htdocs\connected24.png
c:\program files (x86)\Hotspot Shield\htdocs\connecting.png
c:\program files (x86)\Hotspot Shield\htdocs\connecting12.bmp
c:\program files (x86)\Hotspot Shield\htdocs\connecting12.png
c:\program files (x86)\Hotspot Shield\htdocs\connecting16.bmp
c:\program files (x86)\Hotspot Shield\htdocs\connecting16.png
c:\program files (x86)\Hotspot Shield\htdocs\connecting20.bmp
c:\program files (x86)\Hotspot Shield\htdocs\connecting20.png
c:\program files (x86)\Hotspot Shield\htdocs\connecting24.bmp
c:\program files (x86)\Hotspot Shield\htdocs\connecting24.png
c:\program files (x86)\Hotspot Shield\htdocs\disconnected12.bmp
c:\program files (x86)\Hotspot Shield\htdocs\disconnected12.png
c:\program files (x86)\Hotspot Shield\htdocs\disconnected16.bmp
c:\program files (x86)\Hotspot Shield\htdocs\disconnected16.png
c:\program files (x86)\Hotspot Shield\htdocs\disconnected20.bmp
c:\program files (x86)\Hotspot Shield\htdocs\disconnected20.png
c:\program files (x86)\Hotspot Shield\htdocs\disconnected24.bmp
c:\program files (x86)\Hotspot Shield\htdocs\disconnected24.png
c:\program files (x86)\Hotspot Shield\htdocs\elite_box.png
c:\program files (x86)\Hotspot Shield\htdocs\elite_ex.gif
c:\program files (x86)\Hotspot Shield\htdocs\elite_text.png
c:\program files (x86)\Hotspot Shield\htdocs\error.html
c:\program files (x86)\Hotspot Shield\htdocs\faq.html
c:\program files (x86)\Hotspot Shield\htdocs\first_prompt.html
c:\program files (x86)\Hotspot Shield\htdocs\green_btn_point.png
c:\program files (x86)\Hotspot Shield\htdocs\green_btn_point_big.png
c:\program files (x86)\Hotspot Shield\htdocs\green_shield_tool.png
c:\program files (x86)\Hotspot Shield\htdocs\green_tape_new.png
c:\program files (x86)\Hotspot Shield\htdocs\greenico.png
c:\program files (x86)\Hotspot Shield\htdocs\hover.html
c:\program files (x86)\Hotspot Shield\htdocs\chbox_off.png
c:\program files (x86)\Hotspot Shield\htdocs\chbox_on.png
c:\program files (x86)\Hotspot Shield\htdocs\ico_attention.png
c:\program files (x86)\Hotspot Shield\htdocs\ico_clock.png
c:\program files (x86)\Hotspot Shield\htdocs\ico_ok.png
c:\program files (x86)\Hotspot Shield\htdocs\lang.js
c:\program files (x86)\Hotspot Shield\htdocs\logo.png
c:\program files (x86)\Hotspot Shield\htdocs\logo_.png
c:\program files (x86)\Hotspot Shield\htdocs\logo_elite.png
c:\program files (x86)\Hotspot Shield\htdocs\logo2.png
c:\program files (x86)\Hotspot Shield\htdocs\mail.html
c:\program files (x86)\Hotspot Shield\htdocs\main_bg.png
c:\program files (x86)\Hotspot Shield\htdocs\menu.html
c:\program files (x86)\Hotspot Shield\htdocs\message.html
c:\program files (x86)\Hotspot Shield\htdocs\oac.html
c:\program files (x86)\Hotspot Shield\htdocs\preuninstall.html
c:\program files (x86)\Hotspot Shield\htdocs\progress.gif
c:\program files (x86)\Hotspot Shield\htdocs\prompt.html
c:\program files (x86)\Hotspot Shield\htdocs\radio_off.png
c:\program files (x86)\Hotspot Shield\htdocs\radio_on.png
c:\program files (x86)\Hotspot Shield\htdocs\red_btn_point.png
c:\program files (x86)\Hotspot Shield\htdocs\red_shield_tool.png
c:\program files (x86)\Hotspot Shield\htdocs\red_tape_new.png
c:\program files (x86)\Hotspot Shield\htdocs\redico.png
c:\program files (x86)\Hotspot Shield\htdocs\s_checkbox.png
c:\program files (x86)\Hotspot Shield\htdocs\settings_tape.png
c:\program files (x86)\Hotspot Shield\htdocs\t.gif
c:\program files (x86)\Hotspot Shield\htdocs\t.png
c:\program files (x86)\Hotspot Shield\htdocs\t_in.gif
c:\program files (x86)\Hotspot Shield\htdocs\t_out.gif
c:\program files (x86)\Hotspot Shield\htdocs\tooltip.html
c:\program files (x86)\Hotspot Shield\htdocs\tooltip_bg.png
c:\program files (x86)\Hotspot Shield\htdocs\up_hss_logo.png
c:\program files (x86)\Hotspot Shield\htdocs\update.gif
c:\program files (x86)\Hotspot Shield\htdocs\updatestatus.html
c:\program files (x86)\Hotspot Shield\htdocs\yellow_shield_tool.png
c:\program files (x86)\Hotspot Shield\htdocs\yellow_tape_new.png
c:\program files (x86)\Hotspot Shield\htdocs\yelred_tape_new.png
c:\program files (x86)\Hotspot Shield\license.txt
c:\program files (x86)\Hotspot Shield\log\config.log
c:\program files (x86)\Hotspot Shield\log\oas.log
c:\program files (x86)\Hotspot Shield\Uninstall.exe
c:\program files (x86)\Hotspot Shield\update\hss-update.upd
c:\programdata\Hotspot Shield
c:\programdata\Hotspot Shield\config\defprxy.cfg
c:\programdata\Hotspot Shield\config\fbw-info-direct.cfg
c:\programdata\Hotspot Shield\config\firstrun_update.rpt
c:\programdata\Hotspot Shield\config\hsspx\hsspx.cfg
c:\programdata\Hotspot Shield\config\hsspx\proxy.pac
c:\programdata\Hotspot Shield\config\hssstate.cfg
c:\programdata\Hotspot Shield\config\hsswd\config\saved_ai.cfg
c:\programdata\Hotspot Shield\config\hsswd\hsswd.cfg
c:\programdata\Hotspot Shield\config\startup.cfg
c:\programdata\Hotspot Shield\config\wlnet.cfg
c:\programdata\Hotspot Shield\config\wlnet_st.cfg
c:\programdata\Hotspot Shield\na\na_stats1365702641.log
c:\programdata\Hotspot Shield\na\na_stats1365711880.log
c:\programdata\Hotspot Shield\na\na_stats1365786406.log
c:\programdata\Hotspot Shield\na\na_stats1365786439.log
c:\programdata\Hotspot Shield\na\na_stats1365791257.log
c:\programdata\Hotspot Shield\na\na_stats1365947528.log
c:\users\Andrej\AppData\Roaming\Hotspot Shield
c:\users\Andrej\AppData\Roaming\Hotspot Shield\report\af_proxy.dll
c:\users\Andrej\AppData\Roaming\Hotspot Shield\report\af_proxy_cmd.exe
c:\users\Andrej\AppData\Roaming\Hotspot Shield\report\zlib1.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_hshld
-------\Service_HssSrv
-------\Service_HssTrayService
-------\Service_HssWd
-------\Service_hshld
-------\Service_HssSrv
-------\Service_HssTrayService
-------\Service_HssWd
.
.
((((((((((((((((((((((((( Files Created from 2013-03-17 to 2013-04-17 )))))))))))))))))))))))))))))))
.
.
2013-04-17 13:47 . 2013-04-17 13:47 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-04-17 13:47 . 2013-04-17 13:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-17 13:47 . 2013-04-17 13:47 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-04-17 00:48 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{64E4FDB4-71FE-419B-A4D7-7F3D79F901F5}\mpengine.dll
2013-04-14 14:14 . 2013-04-14 14:15 98 ----a-w- c:\windows\DeleteOnReboot.bat
2013-04-11 20:27 . 2013-04-11 20:27 -------- d-----w- c:\users\fbwuser
2013-04-11 19:46 . 2013-04-11 19:47 -------- d-----w- c:\program files (x86)\trend micro
2013-04-11 19:46 . 2013-04-11 19:47 -------- d-----w- C:\rsit
2013-04-11 18:26 . 2013-04-11 18:26 -------- d-----w- c:\users\Andrej\AppData\Roaming\TeamViewer
2013-04-11 17:16 . 2013-04-17 11:21 -------- d-----w- c:\users\Andrej\AppData\Roaming\uTorrent
2013-04-11 16:57 . 2013-04-11 16:58 -------- d-----w- c:\windows\SysWow64\jmdp
2013-04-11 16:57 . 2013-04-11 16:57 -------- d-----w- c:\windows\SysWow64\ARFC
2013-04-11 16:57 . 2013-02-27 11:24 1273648 ----a-w- c:\windows\system32\dmwu.exe
2013-04-11 16:57 . 2013-02-27 11:23 35328 ----a-w- c:\windows\system32\ImHttpComm.dll
2013-04-11 16:57 . 2011-06-10 23:15 829264 ----a-w- c:\windows\system32\msvcr100.dll
2013-04-11 16:57 . 2011-06-10 23:15 608080 ----a-w- c:\windows\system32\msvcp100.dll
2013-04-11 01:03 . 2013-02-22 06:29 10925568 ----a-w- c:\windows\system32\ieframe.dll
2013-04-09 13:34 . 2013-04-09 13:34 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-04-08 20:05 . 2013-04-10 15:30 -------- d-----w- c:\users\Andrej\AppData\Roaming\vlc
2013-04-08 20:04 . 2013-04-08 20:04 -------- d-----w- c:\program files (x86)\VideoLAN
2013-04-03 00:54 . 2013-04-03 00:54 46280 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
2013-03-26 06:52 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-11 01:07 . 2012-07-07 07:16 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-03-13 00:45 . 2012-07-07 06:53 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-13 00:45 . 2012-07-07 06:53 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-11 23:10 . 2012-07-07 06:39 282744 ------w- c:\windows\system32\MpSigStub.exe
2013-03-06 23:33 . 2013-03-15 02:33 178624 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-06 23:33 . 2013-03-15 02:33 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-06 23:33 . 2012-07-08 05:47 377920 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2012-07-08 05:47 68920 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2012-07-08 05:46 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2012-07-07 06:52 70992 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-03-06 23:33 . 2013-03-15 02:33 22600 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-03-06 23:33 . 2012-07-08 05:47 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:33 . 2012-07-08 05:46 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:32 . 2012-07-08 05:46 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2012-07-07 06:52 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-25 22:32 . 2013-02-25 22:32 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2013-02-25 22:32 . 2012-10-10 20:22 2505144 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-02-25 22:32 . 2012-10-10 20:22 15129960 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-02-25 22:32 . 2013-02-25 22:32 6262608 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-02-25 22:32 . 2012-10-10 20:23 2826040 ----a-w- c:\windows\system32\nvapi64.dll
2013-02-25 22:32 . 2013-02-25 22:32 18055184 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-02-25 22:32 . 2012-02-09 20:43 1814304 ----a-w- c:\windows\system32\nvdispco64.dll
2013-02-25 22:32 . 2013-02-25 22:32 2720544 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-02-25 22:32 . 2013-02-25 22:32 26929440 ----a-w- c:\windows\system32\nvoglv64.dll
2013-02-25 22:32 . 2013-02-25 22:32 7932256 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-02-25 22:32 . 2013-02-25 22:32 2346784 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-02-25 22:32 . 2013-02-25 22:32 11036448 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-02-25 22:32 . 2012-10-10 20:23 1510176 ----a-w- c:\windows\system32\nvdispgenco64.dll
2013-02-25 22:32 . 2013-02-25 22:32 2904352 ----a-w- c:\windows\system32\nvcuvid.dll
2013-02-25 22:32 . 2013-02-25 22:32 20449056 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-02-25 22:32 . 2012-10-10 20:23 15053264 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-02-25 22:32 . 2013-02-25 22:32 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-02-25 22:32 . 2013-02-25 22:32 7564040 ----a-w- c:\windows\system32\nvopencl.dll
2013-02-25 22:32 . 2013-02-25 22:32 1985824 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-02-25 22:32 . 2013-02-25 22:32 12641992 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-02-25 22:32 . 2013-02-25 22:32 9390760 ----a-w- c:\windows\system32\nvcuda.dll
2013-02-22 01:53 . 2013-02-22 01:53 42184 ----a-w- c:\windows\system32\drivers\taphss6.sys
2013-02-12 05:45 . 2013-03-14 05:44 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-14 05:44 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-14 05:44 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 05:45 . 2013-03-14 05:44 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 04:48 . 2013-03-14 05:44 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-14 05:44 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-01-18 15:00 . 2012-07-08 10:17 3460896 ----a-w- c:\windows\system32\nvsvc64.dll
2013-01-18 15:00 . 2012-07-08 10:17 6390048 ----a-w- c:\windows\system32\nvcpl.dll
2013-01-18 15:00 . 2012-11-18 14:04 2558240 ----a-w- c:\windows\system32\nvsvcr.dll
2013-01-18 15:00 . 2012-07-08 10:17 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-01-18 15:00 . 2012-07-08 10:17 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-01-18 15:00 . 2012-07-08 10:17 118560 ----a-w- c:\windows\system32\nvmctray.dll
2013-01-18 06:15 . 2013-01-18 06:15 550176 ----a-w- c:\windows\SysWow64\nvStreaming.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2012-07-08 36864]
"SoundMAXPnP"="c:\program files (x86)\Analog Devices\Core\smax4pnp.exe" [2012-07-08 1310720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 aswVmm;aswVmm; [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-09-22 14448]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-08 1255736]
S0 aswRvrt;aswRvrt; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-08 283200]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys [2013-04-03 46280]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-03-19 3289208]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys [2013-02-22 42184]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-07 00:45]
.
2013-04-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-01 22:18]
.
2013-04-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-01 22:18]
.
2013-04-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57048970-2663454264-3034485676-1000Core.job
- c:\users\Andrej\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17 08:02]
.
2013-04-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57048970-2663454264-3034485676-1000UA.job
- c:\users\Andrej\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17 08:02]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.sk/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\g03iqxe0.default\
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-HotspotShield - c:\program files (x86)\Hotspot Shield\Uninstall.exe
AddRemove-SweetIM Bundle by SweetPacks - c:\program files (x86)\sweetpacks bundle uninstaller\uninstaller.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Completion time: 2013-04-17 15:55:06 - machine was rebooted
ComboFix-quarantined-files.txt 2013-04-17 13:55
ComboFix2.txt 2013-04-16 21:33
.
Pre-Run: 64 399 097 856 bytes free
Post-Run: 63 912 632 320 bytes free
.
- - End Of File - - 09A3894C4E11CB39BB635960939C8306

[vyosek]

No vidite, takze chyba byla preci jen ve vasem kopirovani nazvu skriptu

Jak se chova PC nyni?

[andrejj]

Chcem sa Vam podakovat za cas a trpezlivost do dnes to islo v pohode no prave mi opat naskocila miesto google chrom
toto ( http://home.sweetim.com/?barid={34A21A5 ... 0000&st=23 )

[vyosek]

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Prohledat
• Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

[andrejj]

toto by malo byt ono
# AdwCleaner v2.202 - Log vytvorený 24/04/2013 o 18:13:48
# Aktualizované 23/04/2013 Xplode
# Operaený systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživateľ : Andrej - ANDREJ-PC
# Spustený systém : Normálny
# Spustené z : C:\Users\Andrej\Desktop\adwcleaner.exe
# Voľba [Prehľada?]


***** [Služby] *****


***** [Súbory / Adresáre] *****


***** [Registre] *****


***** [Internetové prehliadaee] *****

-\\ Internet Explorer v9.0.8112.16476

[OK] Registre sú eisté.

-\\ Mozilla Firefox v12.0 (sk)

Súbor : C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\g03iqxe0.default\prefs.js

[OK] Súbor je eistý.

-\\ Google Chrome v26.0.1410.64

Súbor : C:\Users\Andrej\AppData\Local\Google\Chrome\User Data\Default\Preferences

Nájdené [l.2453] : urls_to_restore_on_startup = [ "hxxp://home.sweetim.com/?barid={34A21A52-A2C8-11E2-B9FE-001BFCF57866}&crg=3.1010000&st=23" ]

-\\ Opera v12.15.1748.0

Súbor : C:\Users\Andrej\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Súbor je eistý.

*************************

AdwCleaner[R1].txt - [4382 octets] - [11/04/2013 22:32:32]
AdwCleaner[R2].txt - [4442 octets] - [14/04/2013 16:11:36]
AdwCleaner[R3].txt - [1311 octets] - [14/04/2013 17:01:53]
AdwCleaner[R4].txt - [1494 octets] - [17/04/2013 00:01:38]
AdwCleaner[R5].txt - [1315 octets] - [24/04/2013 18:13:48]
AdwCleaner[S1].txt - [4533 octets] - [14/04/2013 16:13:37]
AdwCleaner[S2].txt - [328 octets] - [17/04/2013 00:02:02]
AdwCleaner[S3].txt - [328 octets] - [17/04/2013 00:02:20]
AdwCleaner[S4].txt - [328 octets] - [17/04/2013 00:04:39]
AdwCleaner[S5].txt - [1705 octets] - [17/04/2013 00:05:07]

########## EOF - C:\AdwCleaner[R5].txt - [1672 octets] ##########

[vyosek]

Tak jeste uklidime

Odinstalujte Combofix

• Prejmenujte ComboFix na Uninstall
• Spustte jej
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Dejte novy log z RSIT