otazka na virut

[ringov]

Dobry den prajem,chcel by som sa opytat na virut,či ho zachyti antivirus a ako sa da odstranit.

[motji]

Dobrý den ,
virut anitivirus může zachytit, ale většinou pozdě. Máte podezdření na viruta?

Virut je potvůrka napadající všechny spustitelné soubory, exe, scr, htm...a systémové soubory. Připojuje se k IRC siti.Je možné ho na dálku ovládat.Virus hledá spustitelné soubory exe,src.Spustitelné soubory virus infikuje připojením svého kódu k poslední sekci. Hostitelský soubor modifikuje tak, ze před během původního kódu se spustí virus.Dokáže se aktualizovat anebo spustit libovolný soubor.

Léčení je zdlouhavé a málokdy uspěšné. Záleží jak moc je postižený pc napaden. Je důležité jej okamžitě odpojit od sítě, aby nenakazil ostatní pc, nepoužívat flešky, aby se infekce nepřenesla na jiný pc.

[ringov]

Mam Comodo Internet security,zapnute Autosandbox a Hips uzivatelsky rezim ,je to dostačujuca ochrana?Ako sa prejavuje sa virut?dakujem

[motji]

Proč máte podedzření na viruta? Stahoval jste snad nějaký neznámý soubor?

[ringov]

Nie nemam podozrenie,len keby bol aby som vedel ,ale asi by bolo najlepšie preinštalovat keby bol dam pre istotu log -----Logfile of random's system information tool 1.09 (written by random/random)
Run by marek at 2013-11-30 16:10:01
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 401 GB (42%) free of 946 GB
Total RAM: 8149 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:10:08, on 30. 11. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\marek.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE10ENUS/MSE_WCP
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 4738 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-9d752337-c137-465f-8b56-8d252c785f46 -SystemEventPortName:HostProcess-3202c3de-93a2-4218-bb76-f8f9df1fdae7 -IoCancelEventPortName:HostProcess-f022567e-35e0-4911-9ad8-a5c2d56d353a -NonStateChangingEventPortName:HostProcess-cc4ed6c7-20eb-4828-9955-f52bdb64f631 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:758b7c44-4cc0-4333-a8e9-d116e5bcab18 -DeviceGroupId:WpdFsGroup
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2180.0.2098410380\639816187" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,18,21,24,26 --gpu-vendor-id=0x10de --gpu-device-id=0x0f00 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3182 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group3 pct:10b stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --instant-process --enable-threaded-compositing --disable-html-notifications --channel="2180.1.1422400330\1272835068" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group3 pct:10b stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="2180.2.1690771135\639369173" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group3 pct:10b stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="2180.3.1460641357\744643255" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group3 pct:10b stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="2180.4.666264311\645636260" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group3 pct:10b stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="2180.10.141250567\1030985063" /prefetch:673131151
taskeng.exe {DAF9ACC9-6895-467E-8850-57585DCB3DDC}
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Moje Subory\Cleanery\RSITx64.exe"
taskeng.exe {D4C97AE8-F473-45A0-A482-B8B69F463FD2}
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2013-11-11 1612504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ashampoo HDD-Control 2 Guard]
C:\Moje Subory\Programy\Ashampoo\Ashampoo HDD Control\Ashampoo HDD Control 2\AHDDC2_Guard.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Moje Subory\Programy\DaemonTools\DAEMON Tools Lite\DTLite.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Ultra Agent]
C:\Moje Subory\Programy\DaemonTools\DAEMON Tools Ultra\DTAgent.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DefragTaskBar]
C:\Moje Subory\Programy\Ashampoo\Ashampoo Magical Defrag 3\defragtaskbar.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
C:\Program Files (x86)\Nokia\Nokia Music Player\NokiaMusicPlayer.exe /command:faststart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent]
C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe -onlytray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Printsrv]
c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2013-11-08 6604568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-11-30 16:10:01 ----D---- C:\rsit
2013-11-30 15:47:25 ----SHD---- C:\$RECYCLE.BIN
2013-11-30 15:47:23 ----D---- C:\Windows\temp
2013-11-30 14:15:26 ----SHD---- C:\ProgramData\SecuROM
2013-11-29 16:40:22 ----D---- C:\Users\marek\AppData\Roaming\Maxthon3
2013-11-29 04:37:30 ----D---- C:\VTRoot
2013-11-29 04:37:29 ----A---- C:\Windows\system32\drivers\fvstore.dat
2013-11-28 06:29:27 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-11-28 06:24:13 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-11-28 06:24:13 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2013-11-28 06:24:13 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-11-28 06:24:13 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-11-28 06:24:13 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2013-11-28 06:24:13 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2013-11-28 06:24:13 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2013-11-28 06:24:13 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2013-11-28 06:24:13 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-11-28 06:24:13 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-11-28 06:24:13 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-11-28 06:24:13 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-11-28 06:24:13 ----A---- C:\Windows\system32\nvopencl.dll
2013-11-28 06:24:13 ----A---- C:\Windows\system32\nvoglv64.dll
2013-11-28 06:24:13 ----A---- C:\Windows\system32\nvoglshim64.dll
2013-11-28 06:24:13 ----A---- C:\Windows\system32\nvinitx.dll
2013-11-28 06:24:13 ----A---- C:\Windows\system32\NvIFR64.dll
2013-11-28 06:24:13 ----A---- C:\Windows\system32\NvFBC64.dll
2013-11-28 06:24:13 ----A---- C:\Windows\system32\nvdispgenco6433182.dll
2013-11-28 06:24:13 ----A---- C:\Windows\system32\nvdispco6433182.dll
2013-11-28 06:24:13 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-11-28 06:24:13 ----A---- C:\Windows\system32\nvcuvid.dll
2013-11-28 06:24:13 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-11-28 06:24:13 ----A---- C:\Windows\system32\nvcuda.dll
2013-11-28 06:24:13 ----A---- C:\Windows\system32\nvcompiler.dll
2013-11-28 06:24:13 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-11-27 21:29:35 ----D---- C:\ProgramData\Oracle
2013-11-27 21:28:36 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-11-27 21:28:28 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-11-27 21:28:28 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-11-27 21:28:28 ----A---- C:\Windows\SYSWOW64\java.exe
2013-11-27 21:21:52 ----D---- C:\ProgramData\SystemRequirementsLab
2013-11-27 21:21:52 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2013-11-26 18:06:11 ----D---- C:\ProgramData\McAfee
2013-11-25 22:23:47 ----A---- C:\Windows\system32\IEUDINIT.EXE
2013-11-25 22:20:54 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-11-25 22:20:54 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-25 22:20:48 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-11-25 22:20:48 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-11-25 22:20:48 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2013-11-25 22:20:48 ----A---- C:\Windows\system32\elshyph.dll
2013-11-25 22:20:47 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-11-25 22:20:47 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-11-25 22:20:47 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-11-25 22:20:47 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-11-25 22:20:47 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-11-25 22:20:46 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-11-25 22:20:46 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-11-25 22:20:46 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-11-25 22:20:45 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-11-25 22:20:45 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-11-25 22:20:45 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-11-25 22:20:44 ----A---- C:\Windows\SYSWOW64\url.dll
2013-11-25 22:20:44 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-11-25 22:20:44 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-11-25 22:20:44 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-11-25 22:20:44 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-11-25 22:20:43 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-11-25 22:20:43 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-11-25 22:20:43 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-11-25 22:20:43 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-11-25 22:20:43 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-11-25 22:20:43 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-11-25 22:20:42 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-11-25 22:20:42 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-11-25 22:20:42 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-11-25 22:20:42 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-11-25 22:20:41 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-11-25 22:20:41 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-11-25 22:20:41 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-11-25 22:20:41 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-11-25 22:20:40 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2013-11-25 22:20:40 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-11-25 22:20:40 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-11-25 22:20:40 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-11-25 22:20:40 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2013-11-25 22:20:39 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-11-25 22:20:39 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-11-25 22:20:39 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-11-25 22:20:39 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-11-25 22:20:38 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-11-25 22:20:38 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-11-25 22:20:38 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-11-25 22:20:38 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-11-25 22:20:37 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-11-25 22:20:33 ----A---- C:\Windows\system32\wininet.dll
2013-11-25 22:20:33 ----A---- C:\Windows\system32\urlmon.dll
2013-11-25 22:20:33 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-11-25 22:20:33 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-25 22:20:33 ----A---- C:\Windows\system32\msrating.dll
2013-11-25 22:20:33 ----A---- C:\Windows\system32\msls31.dll
2013-11-25 22:20:33 ----A---- C:\Windows\system32\mshtmler.dll
2013-11-25 22:20:33 ----A---- C:\Windows\system32\msfeedssync.exe
2013-11-25 22:20:33 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-11-25 22:20:33 ----A---- C:\Windows\system32\jsproxy.dll
2013-11-25 22:20:33 ----A---- C:\Windows\system32\jsIntl.dll
2013-11-25 22:20:33 ----A---- C:\Windows\system32\jscript9diag.dll
2013-11-25 22:20:33 ----A---- C:\Windows\system32\jscript9.dll
2013-11-25 22:20:33 ----A---- C:\Windows\system32\ieui.dll
2013-11-25 22:20:33 ----A---- C:\Windows\system32\iesysprep.dll
2013-11-25 22:20:33 ----A---- C:\Windows\system32\iertutil.dll
2013-11-25 22:20:33 ----A---- C:\Windows\system32\ieframe.dll
2013-11-25 22:20:33 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-11-25 22:20:32 ----A---- C:\Windows\system32\wextract.exe
2013-11-25 22:20:32 ----A---- C:\Windows\system32\webcheck.dll
2013-11-25 22:20:32 ----A---- C:\Windows\system32\vbscript.dll
2013-11-25 22:20:32 ----A---- C:\Windows\system32\url.dll
2013-11-25 22:20:32 ----A---- C:\Windows\system32\pngfilt.dll
2013-11-25 22:20:32 ----A---- C:\Windows\system32\occache.dll
2013-11-25 22:20:32 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-11-25 22:20:32 ----A---- C:\Windows\system32\mshtmled.dll
2013-11-25 22:20:32 ----A---- C:\Windows\system32\MshtmlDac.dll
2013-11-25 22:20:32 ----A---- C:\Windows\system32\mshtml.dll
2013-11-25 22:20:32 ----A---- C:\Windows\system32\mshta.exe
2013-11-25 22:20:32 ----A---- C:\Windows\system32\msfeeds.dll
2013-11-25 22:20:32 ----A---- C:\Windows\system32\licmgr10.dll
2013-11-25 22:20:32 ----A---- C:\Windows\system32\jscript.dll
2013-11-25 22:20:32 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-25 22:20:32 ----A---- C:\Windows\system32\inseng.dll
2013-11-25 22:20:32 ----A---- C:\Windows\system32\imgutil.dll
2013-11-25 22:20:32 ----A---- C:\Windows\system32\iexpress.exe
2013-11-25 22:20:32 ----A---- C:\Windows\system32\ieUnatt.exe
2013-11-25 22:20:32 ----A---- C:\Windows\system32\iesetup.dll
2013-11-25 22:20:32 ----A---- C:\Windows\system32\iernonce.dll
2013-11-25 22:20:32 ----A---- C:\Windows\system32\iepeers.dll
2013-11-25 22:20:32 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-11-25 22:20:32 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-11-25 22:20:32 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-11-25 22:20:32 ----A---- C:\Windows\system32\iedkcs32.dll
2013-11-25 22:20:32 ----A---- C:\Windows\system32\ieapfltr.dll
2013-11-25 22:20:32 ----A---- C:\Windows\system32\ieapfltr.dat
2013-11-25 22:20:32 ----A---- C:\Windows\system32\ie4uinit.exe
2013-11-25 22:20:32 ----A---- C:\Windows\system32\icardie.dll
2013-11-25 22:20:32 ----A---- C:\Windows\system32\dxtrans.dll
2013-11-25 22:20:32 ----A---- C:\Windows\system32\dxtmsft.dll
2013-11-25 21:56:41 ----D---- C:\ProgramData\TuneUp Software
2013-11-25 15:23:46 ----D---- C:\ProgramData\Malwarebytes
2013-11-24 22:34:39 ----D---- C:\Program Files (x86)\Codec Pack - All In 1
2013-11-16 17:31:08 ----D---- C:\ProgramData\Electronic Arts
2013-11-16 17:02:19 ----D---- C:\Users\marek\AppData\Roaming\DAEMON Tools Ult
2013-11-16 17:02:19 ----D---- C:\ProgramData\DAEMON Tools Ult
2013-11-16 06:08:33 ----D---- C:\Program Files\AdTrustMedia
2013-11-16 06:07:42 ----D---- C:\ProgramData\Comodo Downloader
2013-11-14 21:54:44 ----A---- C:\Windows\AvastEmUpdate.ini
2013-11-13 07:13:56 ----A---- C:\Windows\system32\crypt32.dll
2013-11-13 07:13:55 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-11-13 07:13:43 ----A---- C:\Windows\system32\drivers\afd.sys
2013-11-13 07:13:41 ----A---- C:\Windows\system32\authui.dll
2013-11-13 07:13:40 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-11-13 07:13:40 ----A---- C:\Windows\SYSWOW64\credui.dll
2013-11-13 07:13:40 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-11-13 07:13:40 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 07:13:40 ----A---- C:\Windows\system32\credui.dll
2013-11-13 07:13:33 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-11-13 07:13:33 ----A---- C:\Windows\system32\schannel.dll
2013-11-13 07:13:33 ----A---- C:\Windows\system32\lsasrv.dll
2013-11-13 07:13:33 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-11-13 07:13:33 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-11-13 07:13:33 ----A---- C:\Windows\system32\drivers\cng.sys
2013-11-13 07:13:32 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-11-13 07:13:32 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-11-13 07:13:32 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-11-13 07:13:32 ----A---- C:\Windows\system32\sspisrv.dll
2013-11-13 07:13:32 ----A---- C:\Windows\system32\sspicli.dll
2013-11-13 07:13:32 ----A---- C:\Windows\system32\secur32.dll
2013-11-13 07:13:32 ----A---- C:\Windows\system32\ncrypt.dll
2013-11-13 07:13:32 ----A---- C:\Windows\system32\lsass.exe
2013-11-13 07:13:30 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2013-11-13 07:13:30 ----A---- C:\Windows\system32\gdi32.dll
2013-11-13 07:13:26 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2013-11-13 07:13:26 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2013-11-13 07:13:26 ----A---- C:\Windows\system32\nshwfp.dll
2013-11-13 07:13:26 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-11-13 07:13:26 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-11-11 08:59:28 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2013-11-08 18:53:34 ----A---- C:\Windows\system32\drivers\revoflt.sys
2013-11-08 09:41:56 ----D---- C:\Program Files (x86)\Cheat Engine 6.3
2013-11-05 20:06:30 ----D---- C:\Program Files\trend micro
2013-11-03 21:13:19 ----D---- C:\ProgramData\AVAST Software
2013-10-31 22:11:40 ----D---- C:\Windows\SYSWOW64\directx
2013-10-31 21:57:40 ----D---- C:\Program Files (x86)\Steam
2013-10-31 17:17:09 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2013-10-31 17:17:09 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2013-10-31 17:17:09 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2013-10-31 17:17:09 ----A---- C:\Windows\system32\XAudio2_7.dll
2013-10-31 17:17:09 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2013-10-31 17:17:09 ----A---- C:\Windows\system32\xactengine3_7.dll
2013-10-31 17:17:08 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2013-10-31 17:17:08 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2013-10-31 17:17:08 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2013-10-31 17:17:08 ----A---- C:\Windows\system32\d3dx11_43.dll
2013-10-31 17:17:08 ----A---- C:\Windows\system32\d3dcsx_43.dll
2013-10-31 17:17:08 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2013-10-31 17:17:07 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2013-10-31 17:17:07 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2013-10-31 17:17:07 ----A---- C:\Windows\system32\D3DX9_43.dll
2013-10-31 17:17:07 ----A---- C:\Windows\system32\d3dx10_43.dll

======List of files/folders modified in the last 1 month======

2013-11-30 16:10:08 ----D---- C:\Windows\Prefetch
2013-11-30 16:06:23 ----D---- C:\Windows\inf
2013-11-30 16:06:23 ----D---- C:\Windows
2013-11-30 16:06:06 ----D---- C:\ProgramData
2013-11-30 16:05:38 ----D---- C:\Windows\system32\drivers
2013-11-30 15:58:22 ----D---- C:\Windows\System32
2013-11-30 15:58:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-30 15:54:11 ----D---- C:\ProgramData\NVIDIA
2013-11-30 15:53:41 ----D---- C:\Windows\system32\catroot2
2013-11-30 15:52:57 ----D---- C:\Qoobox
2013-11-30 15:46:24 ----A---- C:\Windows\system.ini
2013-11-30 15:45:17 ----D---- C:\Windows\SYSWOW64\drivers
2013-11-30 15:45:17 ----D---- C:\Windows\SysWOW64
2013-11-30 15:45:17 ----D---- C:\Windows\AppPatch
2013-11-30 15:45:16 ----D---- C:\Program Files (x86)\Common Files
2013-11-30 15:37:57 ----D---- C:\Windows\system32\config
2013-11-30 14:22:34 ----D---- C:\Windows\SoftwareDistribution
2013-11-30 14:20:46 ----D---- C:\Users\marek\AppData\Roaming\uTorrent
2013-11-29 16:40:25 ----RSD---- C:\Windows\Fonts
2013-11-29 16:40:24 ----D---- C:\Windows\system32\Tasks
2013-11-29 16:00:39 ----D---- C:\Users\marek\AppData\Roaming\.minecraft
2013-11-29 05:56:17 ----SD---- C:\ProgramData\Shared Space
2013-11-28 18:26:29 ----D---- C:\Windows\Microsoft.NET
2013-11-28 06:52:05 ----D---- C:\Config.Msi
2013-11-28 06:51:28 ----SHD---- C:\Windows\Installer
2013-11-28 06:36:06 ----SHD---- C:\System Volume Information
2013-11-28 06:31:59 ----D---- C:\Windows\system32\catroot
2013-11-28 06:31:58 ----RD---- C:\Users
2013-11-28 06:31:58 ----D---- C:\Windows\system32\DriverStore
2013-11-28 06:31:58 ----D---- C:\Program Files\NVIDIA Corporation
2013-11-28 06:31:58 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-11-28 06:31:48 ----D---- C:\ProgramData\NVIDIA Corporation
2013-11-28 06:29:27 ----RD---- C:\Program Files (x86)
2013-11-28 06:26:41 ----D---- C:\Temp
2013-11-27 21:28:28 ----D---- C:\Program Files (x86)\Java
2013-11-27 21:12:40 ----RSD---- C:\Windows\assembly
2013-11-27 21:08:47 ----D---- C:\Windows\SYSWOW64\en-US
2013-11-27 21:08:47 ----D---- C:\Windows\system32\en-US
2013-11-26 22:20:26 ----D---- C:\ProgramData\Comodo
2013-11-26 19:50:44 ----RD---- C:\Program Files
2013-11-26 19:49:18 ----D---- C:\Program Files\DIFX
2013-11-26 19:24:06 ----D---- C:\Windows\system32\drivers\etc
2013-11-25 23:31:02 ----D---- C:\Windows\panther
2013-11-25 23:31:02 ----D---- C:\Windows\Logs
2013-11-25 23:28:34 ----D---- C:\Windows\winsxs
2013-11-25 23:26:53 ----D---- C:\Windows\SYSWOW64\wbem
2013-11-25 23:26:53 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-11-25 23:26:53 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-11-25 23:26:53 ----D---- C:\Windows\SYSWOW64\migration
2013-11-25 23:26:53 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-11-25 23:26:53 ----D---- C:\Windows\system32\sk-SK
2013-11-25 23:26:53 ----D---- C:\Program Files\Internet Explorer
2013-11-25 23:26:53 ----D---- C:\Program Files (x86)\Internet Explorer
2013-11-25 23:26:52 ----D---- C:\Windows\system32\wbem
2013-11-25 23:26:52 ----D---- C:\Windows\system32\pl-PL
2013-11-25 23:26:52 ----D---- C:\Windows\system32\migration
2013-11-25 23:26:52 ----D---- C:\Windows\system32\cs-CZ
2013-11-25 23:26:52 ----D---- C:\Windows\PolicyDefinitions
2013-11-25 22:18:59 ----SD---- C:\ProgramData\Microsoft
2013-11-24 22:35:47 ----SD---- C:\Users\marek\AppData\Roaming\Microsoft
2013-11-24 21:53:21 ----D---- C:\Windows\system32\NDF
2013-11-24 19:40:45 ----DC---- C:\Windows\system32\DRVSTORE
2013-11-24 18:57:34 ----D---- C:\Program Files\COMODO
2013-11-23 23:11:47 ----D---- C:\ProgramData\Ashampoo
2013-11-21 09:01:56 ----D---- C:\Windows\rescache
2013-11-18 16:50:07 ----D---- C:\Program Files (x86)\Cheat Engine 6.2
2013-11-14 12:56:47 ----A---- C:\Windows\system32\nvwgf2umx.dll
2013-11-14 12:56:45 ----A---- C:\Windows\system32\nvumdshimx.dll
2013-11-14 12:56:36 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2013-11-14 12:56:25 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2013-11-14 12:56:25 ----A---- C:\Windows\system32\nvapi64.dll
2013-11-14 12:38:02 ----A---- C:\Windows\system32\cmdcsr.dll
2013-11-13 20:59:37 ----D---- C:\Windows\debug
2013-11-13 07:16:49 ----D---- C:\Windows\system32\MRT
2013-11-13 07:16:07 ----A---- C:\Windows\system32\MRT.exe
2013-11-11 16:02:02 ----A---- C:\Windows\system32\nvsvc64.dll
2013-11-11 16:02:02 ----A---- C:\Windows\system32\nvcpl.dll
2013-11-11 16:01:59 ----A---- C:\Windows\system32\nvvsvc.exe
2013-11-11 16:01:59 ----A---- C:\Windows\system32\nvsvcr.dll
2013-11-11 16:01:59 ----A---- C:\Windows\system32\nvshext.dll
2013-11-11 16:01:59 ----A---- C:\Windows\system32\nvmctray.dll
2013-11-08 00:20:24 ----D---- C:\Program Files\SUPERAntiSpyware
2013-11-03 21:14:14 ----D---- C:\Program Files\Windows Sidebar

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-05-22 17720]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2013-09-24 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2013-11-14 709144]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2013-09-24 48872]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2013-09-24 96800]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-10-27 196384]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-02-03 677480]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2011-11-11 2182768]
S0 tljkva;tljkva; C:\Windows\system32\drivers\tljkva.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 MSICDSetup;MSICDSetup; \??\D:\CDriver64.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-09-29 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-09-29 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2013-09-29 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S4 FileMonitor;FileMonitor; \??\C:\Moje Subory\Programy\IObit Malware Fighter 2\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys []
S4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2013-10-20 6254152]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-11-11 922912]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-11 414496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-09-24 164056]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-25 111616]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-10-30 566696]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-31 1255736]
S4 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2013-05-23 143120]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2011-11-11 27760]

-----------------EOF-----------------

[motji]

Co ten použitý combofix? . když se ptáte na ten virut, nenapsal Vám právě combofix, že je napadený? Máte log?
Jste tu už nějakou dobu, jistě víte, že se nedoporučuje spouštět combofix bez dozoru rádců, nehledě na to, že log je ted čistý, nebot combofix mohl smazat stopy po infekci .

Stahněte MBAM http://www.viry.cz/forum/viewtopic.php?f=29&t=115222
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

[ringov]

ComboFix je určen pro pokročilé uživatele a specialisty, kteří správně rozpoznají, kdy je vhodné použít ComboFix. Pokud si nejste jisti, zda je pro váš systém vhodné ComboFix použít, vyhledejte odbornou radu. Při neodborném použití může dojít ke ztrátě dat nebo poškození operačního systému.-----------------------------------nemam log lebo som potom použil T -cleaner ale combofix nenasiel nič.Ani MBAM nič nenašiel ale aj tak je pc pomalši ako pred tym.Za Combofix sa ospravedulnujem.

[motji]

A Vy rozpoznáte, zda je vhodné jej použít? problém je, že Vy jej použijete, on mi skryje stopy po havěti a já pak v logu nic nevidím. Stahoval jste nějaký neznámý soubor?

[ringov]

Nie nerozpoznam či je ho vhodne použit,to bola iba moja hlupost,neviem čitat logy hoci by som chcel.Log bol čisty?diky

[motji]

Čistý byl, po použití combofixu. Máte na disku složku qoobox, prosím zararujte ji a pošlete třeba na leteckou poštu, link mi sem vložte .
CCleaner používáte?
A stále jste mi neodpověděl na moji otázku

Stahoval jste nějaký neznámý soubor?

[ringov]

Stahoval som nejake hry-----------------http://leteckaposta.cz/282180027.Pc už ide lepšie,bol problem z pripojenim :)Ccleaner použivam

[motji]

Já potřebuji celý qoobox.

[motji]

Tak se omlouvám, celý qoobox už nemáte po použití t-cleaneru.
Pokud je z pc vše v pořádku,je to vše.

[ringov]

Pc ide dobre,dakujem za pomoc