dwm.exe - virus

Zpráva

force · #1 Příspěvek od **force** » 06 led 2014 23:44

Dobrý deň,
na notebooku sa spúšťať proces dwm.exe a úplne mi zahatáva RAM-ku. Viem že jeden je proces spravcu okien a grafiky (aero) ale mne tam beží ešte jeden proces a ten ma v popise iba dwm. Myslím si že je to vírus. Môžete mi prosím poradiť? ďakujem

force · #2 Příspěvek od **force** » 06 led 2014 23:53

: dwm.png (166.4 KiB) Zobrazeno 4888 x

#3 Příspěvek od **vyosek** » 07 led 2014 00:01

Zdravim a pekny vecer preji

Jelikoz nevime o Vasem PC nic a z kristalove koule se spatne vesti,navic v noci neni nic videt

Ale dosti legracek, kouknem na to

Dejte log z RSIT http://forum.viry.cz/viewtopic.php?f=24&t=130784 - navod Vas povede...

force · #4 Příspěvek od **force** » 07 led 2014 00:17

ďakujem za vašu ochotu. Tu je log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Ondrej at 2014-01-07 00:14:30
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 311 GB (65%) free of 477 GB
Total RAM: 3941 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:14:52, on 7. 1. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
C:\Program Files (x86)\Opera\18.0.1284.68\opera_crashreporter.exe
C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
C:\Program Files\trend micro\Ondrej.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [{CDF13D74-E6AA-4006-818A-B360D6A3573C}] "C:\Program Files (x86)\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre7\bin\jusched.exe"
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [tsiVideo] C:\Windows\SysWOW64\rundll32.exe C:\Users\Ondrej\AppData\Local\Temp\\mdi164.dll,runme
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll ,C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Intel® PROSet/Wireless WiMAX Red Bend Device Management Service (DMAgent) - Red Bend Ltd. - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Intel® PROSet/Wireless WiMAX Service (WiMAXAppSrv) - Intel(R) Corporation - C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 12076 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe"
"C:\Program Files (x86)\Launch Manager\WisLMSvc.exe"
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-926446245-110751209-2016680781355820986814007287-2053597233688659694-1857619958
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe" /tasktray /nosplash
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Windows\SysWOW64\rundll32.exe" C:\Users\Ondrej\AppData\Local\Temp\\mdi164.dll,runme
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Launch Manager\HotkeyApp.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe" KMPProcess
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"taskhost.exe"
taskmgr.exe /3
"C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe" --ran-launcher /crash-reporter-parent-id=6740
"C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe" --type=gpu-process --channel="6740.0.484524834\1623102756" --crash-reporter-pid=6728 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22 --disable-accelerated-video-decode --reduce-gpu-sandbox --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2656 --crash-reporter-pid=6728 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe" --type=renderer --lang=sk --extension-process --disable-client-side-phishing-detection --crash-reporter-pid=6728 --disable-accelerated-video-decode --channel="6740.1.395952008\1889052289" /prefetch:673131151
"C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe" --type=renderer --lang=sk --disable-client-side-phishing-detection --crash-reporter-pid=6728 --disable-accelerated-video-decode --channel="6740.4.1681298321\1147564029" /prefetch:673131151
"C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe" --type=renderer --lang=sk --extension-process --disable-client-side-phishing-detection --crash-reporter-pid=6728 --disable-accelerated-video-decode --channel="6740.6.1100024441\1083165790" /prefetch:673131151
"C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe" --type=renderer --lang=sk --extension-process --disable-client-side-phishing-detection --crash-reporter-pid=6728 --disable-accelerated-video-decode --channel="6740.7.90539625\567765013" /prefetch:673131151
"C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe" --type=renderer --lang=sk --extension-process --disable-client-side-phishing-detection --crash-reporter-pid=6728 --disable-accelerated-video-decode --channel="6740.8.307759139\422537" /prefetch:673131151
"C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe" --type=renderer --lang=sk --disable-client-side-phishing-detection --crash-reporter-pid=6728 --disable-accelerated-video-decode --channel="6740.163.1595493814\171028705" /prefetch:673131151
C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
"C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe" -scan -tt_on
"C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll" --lang=sk --channel="6740.260.1581202273\1005000283" --crash-reporter-pid=6728 /prefetch:-390060480
"C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe" --type=renderer --lang=sk --disable-client-side-phishing-detection --crash-reporter-pid=6728 --disable-accelerated-video-decode --channel="6740.363.690949066\2060903249" /prefetch:673131151
"C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe" --type=renderer --lang=sk --disable-client-side-phishing-detection --crash-reporter-pid=6728 --disable-accelerated-video-decode --channel="6740.366.677437168\90193843" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe16_ Global\UsGthrCtrlFltPipeMssGthrPipe16 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Ondrej\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

=========Mozilla firefox=========

ProfilePath - C:\Users\Ondrej\AppData\Roaming\Mozilla\Firefox\Profiles\9f56kzqt.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-11-03 1567016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-11-04 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-11-04 210856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-10 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-10-28 51872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-11-03 606544]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-10 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DDA57003-0068-4ed2-9D32-4D1EC707D94D}]
Microsoft Web Test Recorder 10.0 Helper - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19 61360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-11-03 1567016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-11-03 606544]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-02-24 170264]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-02-24 398616]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-02-24 440600]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-01-10 12445288]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-11-15 1156712]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2011-12-21 368728]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-03-08 2887440]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-10-28 984224]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-10-28 800416]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2013-11-03 8069024]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2013-11-03 6201248]
"IntelWirelessWiMAX"=C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [2011-12-01 1626112]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-11-08 1028384]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2013-12-10 1100248]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"tsiVideo"=C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-11-29 284440]
"snp2uvc"=C:\Windows\vsnp2uvc.exe []
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-01-26 291608]
"{CDF13D74-E6AA-4006-818A-B360D6A3573C}"=C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [2012-03-01 415272]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-11-03 3567800]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre7\bin\jusched.exe []
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2013-08-26 1989920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-02-17 430080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-01-07 00:14:38 ----D---- C:\Program Files\trend micro
2014-01-07 00:14:30 ----D---- C:\rsit
2014-01-06 23:43:11 ----A---- C:\autoexec.bat
2014-01-06 23:42:23 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2014-01-06 23:42:05 ----D---- C:\sh4ldr
2014-01-06 23:42:05 ----D---- C:\Program Files\Enigma Software Group
2014-01-06 23:39:47 ----D---- C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-06 21:30:37 ----D---- C:\Program Files (x86)\CommViewWiFi
2014-01-05 22:15:21 ----D---- C:\Users\Ondrej\AppData\Roaming\NetBeans
2014-01-05 14:26:16 ----A---- C:\Windows\system32\tsnotify.dll
2014-01-05 14:26:16 ----A---- C:\Windows\system32\drivers\tscomm.sys
2014-01-03 17:30:23 ----D---- C:\ProgramData\TamoSoft
2013-12-18 23:09:52 ----D---- C:\ProgramData\PDFEditor
2013-12-18 23:09:49 ----D---- C:\Users\Ondrej\AppData\Roaming\Wondershare
2013-12-18 15:23:10 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2013-12-18 15:23:10 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2013-12-14 10:27:22 ----D---- C:\ProgramData\FLEXnet
2013-12-14 10:07:08 ----D---- C:\Program Files\Common Files\Autodesk Shared
2013-12-14 09:55:53 ----D---- C:\Users\Ondrej\AppData\Roaming\Autodesk
2013-12-14 09:55:53 ----D---- C:\ProgramData\Autodesk
2013-12-13 18:20:56 ----D---- C:\Users\Ondrej\AppData\Roaming\Quest3D
2013-12-12 22:33:12 ----D---- C:\Users\Ondrej\AppData\Roaming\Caphyon
2013-12-12 22:31:15 ----D---- C:\ProgramData\regid.2003-04.com.caphyon
2013-12-12 22:31:15 ----D---- C:\Program Files (x86)\Caphyon
2013-12-12 22:30:17 ----D---- C:\ProgramData\Caphyon
2013-12-10 08:24:34 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-12-10 08:24:34 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-12-10 08:24:34 ----A---- C:\Windows\SYSWOW64\java.exe
2013-12-10 08:23:21 ----D---- C:\ProgramData\Oracle
2013-12-10 08:22:59 ----D---- C:\ProgramData\Sun
2013-12-10 08:22:41 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-12-10 08:22:27 ----D---- C:\Program Files (x86)\Java
2013-12-10 08:18:41 ----D---- C:\Users\Ondrej\AppData\Roaming\Mozilla
2013-12-10 08:18:33 ----D---- C:\ProgramData\Mozilla
2013-12-10 08:18:33 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-10 08:18:30 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-12-08 17:57:49 ----D---- C:\Program Files (x86)\MSECache

======List of files/folders modified in the last 1 month======

2014-01-07 00:14:38 ----RD---- C:\Program Files
2014-01-06 23:42:34 ----SHD---- C:\Windows\Installer
2014-01-06 23:42:27 ----D---- C:\Windows\Temp
2014-01-06 23:42:25 ----D---- C:\Windows\system32\drivers
2014-01-06 23:42:20 ----D---- C:\Windows\system32\Tasks
2014-01-06 23:41:06 ----SHD---- C:\System Volume Information
2014-01-06 23:39:47 ----AD---- C:\Windows
2014-01-06 23:39:37 ----D---- C:\Program Files (x86)\Common Files
2014-01-06 23:34:10 ----D---- C:\Windows\system32\config
2014-01-06 22:31:30 ----A---- C:\Windows\SYSWOW64\log.txt
2014-01-06 22:30:46 ----D---- C:\Users\Ondrej\AppData\Roaming\uTorrent
2014-01-06 22:18:03 ----D---- C:\Windows\Prefetch
2014-01-06 21:51:00 ----D---- C:\Windows\system32\NDF
2014-01-06 21:37:05 ----SD---- C:\ProgramData\Microsoft
2014-01-06 21:30:37 ----RD---- C:\Program Files (x86)
2014-01-06 21:07:49 ----AD---- C:\Windows\System32
2014-01-06 21:05:17 ----D---- C:\Windows\SysWOW64
2014-01-05 14:52:22 ----RD---- C:\Users
2014-01-05 14:52:22 ----HD---- C:\ProgramData
2014-01-05 14:48:08 ----D---- C:\Windows\inf
2014-01-05 14:48:07 ----D---- C:\Windows\system32\DriverStore
2014-01-05 14:48:07 ----D---- C:\Windows\system32\catroot
2014-01-05 14:30:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-05 14:28:08 ----D---- C:\Windows\system32\catroot2
2014-01-05 14:01:03 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2014-01-03 17:32:04 ----SD---- C:\Users\Ondrej\AppData\Roaming\Microsoft
2014-01-02 11:43:54 ----D---- C:\Games
2013-12-30 18:17:20 ----D---- C:\Windows\Tasks
2013-12-30 18:17:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-12-23 21:13:19 ----D---- C:\Users\Ondrej\AppData\Roaming\Atheros
2013-12-20 20:23:24 ----D---- C:\Windows\system32\oobe
2013-12-18 16:16:17 ----D---- C:\ProgramData\Unity
2013-12-18 16:15:58 ----D---- C:\Users\Ondrej\AppData\Roaming\Unity
2013-12-18 15:24:27 ----D---- C:\Windows\Microsoft.NET
2013-12-17 06:01:05 ----D---- C:\Program Files (x86)\Opera
2013-12-15 17:46:00 ----RSD---- C:\Windows\assembly
2013-12-14 15:01:48 ----D---- C:\Windows\winsxs
2013-12-14 14:53:48 ----D---- C:\Users\Ondrej\AppData\Roaming\Seznam.cz
2013-12-14 14:51:47 ----D---- C:\Windows\system32\appmgmt
2013-12-14 14:42:21 ----RSD---- C:\Windows\Fonts
2013-12-14 14:40:51 ----D---- C:\Program Files\Common Files
2013-12-14 10:02:27 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-12-14 10:00:53 ----D---- C:\Windows\SYSWOW64\en-US
2013-12-14 10:00:53 ----D---- C:\Windows\system32\en-US
2013-12-13 18:21:58 ----D---- C:\Windows\LiveKernelReports
2013-12-10 03:13:11 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2013-12-10 03:13:01 ----A---- C:\Windows\system32\nvspcap64.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-11-03 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-11-03 205320]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-11-29 568600]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-01-26 16152]
R0 LHDmgr;LHDmgr; C:\Windows\System32\DRIVERS\LhdX64.sys [2013-11-03 39008]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-11-14 32544]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-11-03 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-11-03 1032416]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-11-08 409832]
R1 aswTdi;aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [2013-11-03 65264]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-11-03 283064]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; \??\C:\Windows\system32\drivers\aswFsBlk.sys [2013-11-03 38984]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-11-03 84328]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2013-11-03 30816]
R3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys [2011-12-05 195584]
R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2011-12-15 85080]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-10-28 36000]
R3 bpenum;Intel(R) Centrino(R) WiMAX Enumerator; C:\Windows\system32\DRIVERS\bpenum.sys [2011-11-30 84480]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-10-28 330912]
R3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2011-10-28 110240]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-10-28 30368]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-10-28 167584]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-10-28 68256]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-10-28 280992]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-10-28 521376]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-02-17 14692896]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-01-10 4731112]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-05 331264]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-01-26 356120]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-01-26 787736]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-11-15 111216]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-05 39200]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2011-10-11 3532160]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-03-08 425232]
R3 TS_ARN5416;[CommView] Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\ts_athrx.sys [2013-08-16 3543752]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed; C:\Windows\system32\DRIVERS\amppal.sys [2011-12-05 195584]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-05-24 2750464]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 CV2K1;CommView Network Monitor; C:\Windows\system32\DRIVERS\cv2k1.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2012-06-22 22704]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2013-06-21 42184]
S3 TSCOMM;CommStudio Virtual Adapter by TamoSoft; C:\Windows\system32\DRIVERS\tscomm.sys [2008-11-12 50728]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 VSPerfDrv100;Performance Tools Driver 10.0; \??\C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-03-17 68440]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-05 659968]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-10-28 106144]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-03 50344]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-12-05 135952]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2011-11-30 514048]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-12-08 618256]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-08 607456]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-12-16 277784]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 15129376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-11-11 922912]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [2013-07-08 1922600]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-12-08 148752]
R2 SpyHunter 4 Service;SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2013-10-18 1025408]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 156016]
R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2011-11-30 979456]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-02-24 276248]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-26 119408]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-11-04 1255736]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]

-----------------EOF-----------------

force · #5 Příspěvek od **force** » 07 led 2014 00:36

btw...znovu sa to spustilo a v task manageri sa mi podarilo zobrazit vlastnosti procesu....

: dwm1.PNG (89.47 KiB) Zobrazeno 4875 x

#6 Příspěvek od **vyosek** » 07 led 2014 09:45

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe

Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe

Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe
Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
Na plose vznikne log Rkill.txt ten mi sem vlozte
Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

force · #7 Příspěvek od **force** » 07 led 2014 10:27

tu je log z Rkillu:

Rkill 2.6.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/07/2014 09:56:14 AM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Ondrej\Desktop\rkill\rkill-01-07-2014-09-56-18.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 01/07/2014 09:56:50 AM
Execution time: 0 hours(s), 0 minute(s), and 36 seconds(s)

a log z combofixu

ComboFix 14-01-04.03 - Ondrej . 01. 2014 10:01:44.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1029.18.3941.1878 [GMT 1:00]
Running from: c:\users\Ondrej\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 12 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Ondrej\AppData\Local\assembly\tmp
c:\users\Ondrej\AppData\Local\Temp\iswizard05\dwm.exe
c:\users\Ondrej\AppData\Local\Temp\mdi164.dll
c:\windows\SysWow64\html
c:\windows\SysWow64\images
.
.
((((((((((((((((((((((((( Files Created from 2013-12-07 to 2014-01-07 )))))))))))))))))))))))))))))))
.
.
2014-01-07 09:12 . 2014-01-07 09:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-06 23:58 . 2014-01-06 23:58 -------- d-----w- c:\programdata\McAfee
2014-01-06 23:14 . 2014-01-06 23:14 -------- d-----w- c:\program files\trend micro
2014-01-06 23:14 . 2014-01-06 23:15 -------- d-----w- C:\rsit
2014-01-06 22:39 . 2014-01-06 23:50 -------- d-----w- c:\windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-06 22:39 . 2014-01-06 22:39 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2014-01-06 20:30 . 2014-01-06 21:30 -------- d-----w- c:\program files (x86)\CommViewWiFi
2014-01-05 21:15 . 2014-01-05 21:15 -------- d-----w- c:\users\Ondrej\AppData\Roaming\NetBeans
2014-01-05 21:15 . 2014-01-05 21:15 -------- d-----w- c:\users\Ondrej\AppData\Local\NetBeans
2014-01-05 13:26 . 2008-11-12 13:40 56872 ----a-w- c:\windows\system32\tsnotify.dll
2014-01-05 13:26 . 2008-11-12 13:40 50728 ----a-w- c:\windows\system32\drivers\tscomm.sys
2014-01-03 16:30 . 2014-01-06 21:30 -------- d-----w- c:\programdata\TamoSoft
2013-12-20 19:20 . 2013-12-20 19:35 -------- d-----w- c:\users\Ondrej\AppData\Local\http___www.julien-manici
2013-12-18 22:10 . 2013-12-18 22:10 -------- d-----w- c:\users\Ondrej\AppData\Local\Wondershare
2013-12-18 22:10 . 2013-12-18 22:10 -------- d-----w- c:\program files (x86)\Common Files\Wondershare
2013-12-18 22:09 . 2013-12-18 22:26 -------- d-----w- c:\programdata\PDFEditor
2013-12-18 22:09 . 2013-12-18 22:11 -------- d-----w- c:\users\Ondrej\AppData\Roaming\Wondershare
2013-12-18 14:23 . 2013-12-05 08:42 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-12-18 14:23 . 2013-12-05 08:42 32544 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-12-14 09:27 . 2013-12-14 09:27 -------- d-----w- c:\programdata\FLEXnet
2013-12-14 09:25 . 2013-12-14 09:27 -------- d-----w- c:\users\Ondrej\AppData\Local\Autodesk
2013-12-14 09:07 . 2013-12-14 13:43 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2013-12-14 09:07 . 2013-12-14 13:43 -------- d-----w- c:\program files (x86)\Common Files\Autodesk Shared
2013-12-14 08:55 . 2013-12-14 13:43 -------- d-----w- c:\programdata\Autodesk
2013-12-14 08:55 . 2013-12-14 09:25 -------- d-----w- c:\users\Ondrej\AppData\Roaming\Autodesk
2013-12-13 17:20 . 2013-12-13 17:20 -------- d-----w- c:\users\Ondrej\AppData\Roaming\Quest3D
2013-12-12 21:33 . 2013-12-12 21:33 -------- d-----w- c:\users\Ondrej\AppData\Roaming\Caphyon
2013-12-12 21:31 . 2013-12-12 21:31 -------- d-----w- c:\programdata\regid.2003-04.com.caphyon
2013-12-12 21:31 . 2013-12-12 21:31 -------- d-----w- c:\program files (x86)\Caphyon
2013-12-12 21:30 . 2013-12-16 12:13 -------- d-----w- c:\programdata\Caphyon
2013-12-08 16:57 . 2013-12-08 16:57 -------- d-----w- c:\program files (x86)\MSECache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-30 17:17 . 2013-11-04 04:46 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-30 17:17 . 2013-11-04 04:46 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-10 02:13 . 2013-11-03 18:38 982232 ----a-w- c:\windows\SysWow64\nvspcap.dll
2013-12-10 02:13 . 2013-11-03 18:38 1100248 ----a-w- c:\windows\system32\nvspcap64.dll
2013-12-05 08:42 . 2013-11-03 18:27 35104 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-11-14 11:58 . 2013-12-03 04:52 18293608 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-11-14 11:58 . 2013-12-03 04:52 15862272 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-11-14 11:58 . 2013-11-03 17:22 1436528 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-11-14 11:58 . 2013-12-03 04:52 9619872 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-11-14 11:58 . 2013-12-03 04:52 32544 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2013-11-14 11:58 . 2013-11-03 18:27 1242400 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2013-11-14 11:58 . 2013-12-03 04:52 11514624 ----a-w- c:\windows\system32\nvopencl.dll
2013-11-14 11:58 . 2013-12-03 04:52 30361888 ----a-w- c:\windows\system32\nvoglv64.dll
2013-11-14 11:58 . 2013-12-03 04:52 22951200 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-11-14 11:58 . 2013-12-03 04:52 317472 ----a-w- c:\windows\system32\nvoglshim64.dll
2013-11-14 11:58 . 2013-12-03 04:52 266984 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2013-11-14 11:58 . 2013-12-03 04:52 12613408 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-11-14 11:58 . 2013-11-03 17:22 168616 ----a-w- c:\windows\system32\nvinitx.dll
2013-11-14 11:58 . 2013-11-03 17:22 141336 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-11-14 11:58 . 2013-12-03 04:52 707360 ----a-w- c:\windows\system32\NvFBC64.dll
2013-11-14 11:58 . 2013-12-03 04:52 657184 ----a-w- c:\windows\system32\NvIFR64.dll
2013-11-14 11:58 . 2013-12-03 04:52 609568 ----a-w- c:\windows\SysWow64\NvFBC.dll
2013-11-14 11:58 . 2013-12-03 04:52 562464 ----a-w- c:\windows\SysWow64\NvIFR.dll
2013-11-14 11:58 . 2013-12-03 04:52 1884448 ----a-w- c:\windows\system32\nvdispco6433182.dll
2013-11-14 11:58 . 2013-12-03 04:52 18208624 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-11-14 11:58 . 2013-12-03 04:52 1511712 ----a-w- c:\windows\system32\nvdispgenco6433182.dll
2013-11-14 11:58 . 2013-12-03 04:52 3132704 ----a-w- c:\windows\system32\nvcuvid.dll
2013-11-14 11:58 . 2013-12-03 04:52 3125024 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-11-14 11:58 . 2013-12-03 04:52 2947872 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-11-14 11:58 . 2013-12-03 04:52 2747680 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-11-14 11:58 . 2013-12-03 04:52 15218504 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-11-14 11:58 . 2013-12-03 04:52 9691888 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-11-14 11:58 . 2013-12-03 04:52 11600432 ----a-w- c:\windows\system32\nvcuda.dll
2013-11-14 11:58 . 2013-12-03 04:52 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-11-14 11:58 . 2013-12-03 04:52 25257248 ----a-w- c:\windows\system32\nvcompiler.dll
2013-11-14 11:58 . 2013-11-03 18:27 2697248 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-11-14 11:58 . 2013-11-03 17:22 3069608 ----a-w- c:\windows\system32\nvapi64.dll
2013-11-11 15:02 . 2013-11-03 17:23 6674208 ----a-w- c:\windows\system32\nvcpl.dll
2013-11-11 15:02 . 2013-11-03 17:23 3490080 ----a-w- c:\windows\system32\nvsvc64.dll
2013-11-11 15:01 . 2013-11-03 17:23 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-11-11 15:01 . 2013-11-03 17:23 67072 ----a-w- c:\windows\system32\nv3dappshextr.dll
2013-11-11 15:01 . 2013-11-03 17:23 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-11-11 15:01 . 2013-11-03 17:23 598304 ----a-w- c:\windows\SysWow64\oemdspif.dll
2013-11-11 15:01 . 2013-11-03 17:23 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-11-11 15:01 . 2013-11-03 17:23 219424 ----a-w- c:\windows\system32\nvmctray.dll
2013-11-11 15:01 . 2013-11-03 17:23 1065248 ----a-w- c:\windows\system32\nv3dappshext.dll
2013-11-11 15:01 . 2013-11-03 17:23 3467927 ----a-w- c:\windows\system32\nvcoproc.bin
2013-11-08 15:52 . 2013-11-03 19:41 409832 ----a-w- c:\windows\system32\drivers\aswsp.sys
2013-11-04 18:08 . 2013-11-04 18:08 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-04 18:08 . 2013-11-04 18:08 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-04 18:08 . 2013-11-04 18:08 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-04 18:08 . 2013-11-04 18:08 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-04 18:08 . 2013-11-04 18:08 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-04 18:08 . 2013-11-04 18:08 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-04 18:08 . 2013-11-04 18:08 2876928 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-11-04 18:08 . 2013-11-04 18:08 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-11-04 18:08 . 2013-11-04 18:08 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-11-04 18:08 . 2013-11-04 18:08 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-04 18:08 . 2013-11-04 18:08 1767936 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-04 18:08 . 2013-11-04 18:08 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-04 18:08 . 2013-11-04 18:08 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-04 18:08 . 2013-11-04 18:08 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-04 18:08 . 2013-11-04 18:08 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-04 18:08 . 2013-11-04 18:08 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-04 18:08 . 2013-11-04 18:08 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-04 18:08 . 2013-11-04 18:08 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-04 18:08 . 2013-11-04 18:08 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-04 18:08 . 2013-11-04 18:08 89600 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-04 18:08 . 2013-11-04 18:08 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-04 18:08 . 2013-11-04 18:08 61440 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-04 18:08 . 2013-11-04 18:08 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-11-04 18:08 . 2013-11-04 18:08 2647552 ----a-w- c:\windows\system32\iertutil.dll
2013-11-04 18:08 . 2013-11-04 18:08 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-04 18:08 . 2013-11-04 18:08 197120 ----a-w- c:\windows\system32\msrating.dll
2013-11-04 18:08 . 2013-11-04 18:08 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-11-04 18:08 . 2013-11-04 18:08 1365504 ----a-w- c:\windows\system32\urlmon.dll
2013-11-04 18:08 . 2013-11-04 18:08 216064 ----a-w- c:\windows\system32\msls31.dll
2013-11-04 18:08 . 2013-11-04 18:08 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-04 18:08 . 2013-11-04 18:08 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-04 18:08 . 2013-11-04 18:08 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-04 18:08 . 2013-11-04 18:08 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-11-04 18:08 . 2013-11-04 18:08 67072 ----a-w- c:\windows\system32\iesetup.dll
2013-11-04 18:08 . 2013-11-04 18:08 603136 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-04 18:08 . 2013-11-04 18:08 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-11-04 18:08 . 2013-11-04 18:08 53248 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-04 18:08 . 2013-11-04 18:08 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2013-11-04 18:08 . 2013-11-04 18:08 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-04 18:08 . 2013-11-04 18:08 441856 ----a-w- c:\windows\system32\html.iec
2013-11-04 18:08 . 2013-11-04 18:08 39936 ----a-w- c:\windows\system32\iernonce.dll
2013-11-04 18:08 . 2013-11-04 18:08 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-04 18:08 . 2013-11-04 18:08 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-04 18:08 . 2013-11-04 18:08 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-04 18:08 . 2013-11-04 18:08 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-11-04 18:08 . 2013-11-04 18:08 235008 ----a-w- c:\windows\system32\url.dll
2013-11-04 18:08 . 2013-11-04 18:08 2241024 ----a-w- c:\windows\system32\wininet.dll
2013-11-04 18:08 . 2013-11-04 18:08 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-04 18:08 . 2013-11-04 18:08 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-04 18:08 . 2013-11-04 18:08 144896 ----a-w- c:\windows\system32\wextract.exe
2013-11-04 18:08 . 2013-11-04 18:08 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-04 18:08 . 2013-11-04 18:08 102912 ----a-w- c:\windows\system32\inseng.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-26 291608]
"{CDF13D74-E6AA-4006-818A-B360D6A3573C}"="c:\program files (x86)\Launch Manager\HotkeyApp.exe" [2012-03-01 415272]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-11-03 3567800]
"Wondershare Helper Compact.exe"="c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2013-08-26 1989920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 CV2K1;CommView Network Monitor;c:\windows\system32\DRIVERS\cv2k1.sys;c:\windows\SYSNATIVE\DRIVERS\cv2k1.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TSCOMM;CommStudio Virtual Adapter by TamoSoft;c:\windows\system32\DRIVERS\tscomm.sys;c:\windows\SYSNATIVE\DRIVERS\tscomm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys;c:\windows\SYSNATIVE\drivers\aswFsBlk.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:\program files\Intel\WiMAX\Bin\DMAgent.exe;c:\program files\Intel\WiMAX\Bin\DMAgent.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\KMPService.exe;c:\program files (x86)\PANDORA.TV\PanService\KMPService.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:\program files\Intel\WiMAX\Bin\AppSrv.exe;c:\program files\Intel\WiMAX\Bin\AppSrv.exe [x]
S2 WisLMSvc;WisLMSvc;c:\program files (x86)\Launch Manager\WisLMSvc.exe;c:\program files (x86)\Launch Manager\WisLMSvc.exe [x]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 bpenum;Intel(R) Centrino(R) WiMAX Enumerator;c:\windows\system32\DRIVERS\bpenum.sys;c:\windows\SYSNATIVE\DRIVERS\bpenum.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 TS_ARN5416;[CommView] Atheros Extensible Wireless LAN device driver;c:\windows\system32\DRIVERS\ts_athrx.sys;c:\windows\SYSNATIVE\DRIVERS\ts_athrx.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-11-03 19:41 326944 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-24 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-24 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-02-24 440600]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-10 12445288]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-12-21 368728]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-10-28 984224]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-10-28 800416]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2013-11-03 8069024]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2013-11-03 6201248]
"IntelWirelessWiMAX"="c:\program files\Intel\WiMAX\Bin\WiMAXCU.exe" [2011-12-01 1626112]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-08 1028384]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Ondrej\AppData\Roaming\Mozilla\Firefox\Profiles\9f56kzqt.default\
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-snp2uvc - c:\windows\vsnp2uvc.exe
Wow6432Node-HKLM-Run-seznam-listicka-distribuce - c:\program files (x86)\Seznam.cz\distribution\szninstall.exe
Wow6432Node-HKLM-Run-SunJavaUpdateSched - c:\program files (x86)\Java\jre7\bin\jusched.exe
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-01-07 10:26:17
ComboFix-quarantined-files.txt 2014-01-07 09:26
.
Pre-Run: Volných bajtů: 325 739 536 384
Post-Run: Volných bajtů: 325 410 091 008
.
- - End Of File - - CE2CE50758FA4BD7B58377167CA44185

#8 Příspěvek od **vyosek** » 07 led 2014 10:57

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Folder::
C:\sh4ldr
C:\Program Files\Enigma Software Group

File::
C:\Windows\system32\drivers\EsgScanner.sys

Registry::
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"=-
"NvBackend"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
"tsiVideo"-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"seznam-listicka-distribuce"=-
"SunJavaUpdateSched"=-
"Wondershare Helper Compact.exe"=-

Driver::
esgiguard

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

ClearJavaCache::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

force · #9 Příspěvek od **force** » 07 led 2014 11:34

tu je log vygenerovany po restarte

ComboFix 14-01-04.03 - Ondrej . 01. 2014 11:04:16.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1029.18.3941.1889 [GMT 1:00]
Running from: c:\users\Ondrej\Desktop\ComboFix.exe
Command switches used :: c:\users\Ondrej\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\drivers\EsgScanner.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ESGIGUARD
-------\Service_esgiguard
.
.
((((((((((((((((((((((((( Files Created from 2013-12-07 to 2014-01-07 )))))))))))))))))))))))))))))))
.
.
2014-01-07 10:15 . 2014-01-07 10:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-06 23:58 . 2014-01-06 23:58 -------- d-----w- c:\programdata\McAfee
2014-01-06 23:14 . 2014-01-06 23:14 -------- d-----w- c:\program files\trend micro
2014-01-06 23:14 . 2014-01-06 23:15 -------- d-----w- C:\rsit
2014-01-06 22:39 . 2014-01-06 23:50 -------- d-----w- c:\windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-06 22:39 . 2014-01-06 22:39 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2014-01-06 20:30 . 2014-01-06 21:30 -------- d-----w- c:\program files (x86)\CommViewWiFi
2014-01-05 21:15 . 2014-01-05 21:15 -------- d-----w- c:\users\Ondrej\AppData\Roaming\NetBeans
2014-01-05 21:15 . 2014-01-05 21:15 -------- d-----w- c:\users\Ondrej\AppData\Local\NetBeans
2014-01-05 13:26 . 2008-11-12 13:40 56872 ----a-w- c:\windows\system32\tsnotify.dll
2014-01-05 13:26 . 2008-11-12 13:40 50728 ----a-w- c:\windows\system32\drivers\tscomm.sys
2014-01-03 16:30 . 2014-01-06 21:30 -------- d-----w- c:\programdata\TamoSoft
2013-12-20 19:20 . 2013-12-20 19:35 -------- d-----w- c:\users\Ondrej\AppData\Local\http___www.julien-manici
2013-12-18 22:10 . 2013-12-18 22:10 -------- d-----w- c:\users\Ondrej\AppData\Local\Wondershare
2013-12-18 22:10 . 2013-12-18 22:10 -------- d-----w- c:\program files (x86)\Common Files\Wondershare
2013-12-18 22:09 . 2013-12-18 22:26 -------- d-----w- c:\programdata\PDFEditor
2013-12-18 22:09 . 2013-12-18 22:11 -------- d-----w- c:\users\Ondrej\AppData\Roaming\Wondershare
2013-12-18 14:23 . 2013-12-05 08:42 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-12-18 14:23 . 2013-12-05 08:42 32544 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-12-14 09:27 . 2013-12-14 09:27 -------- d-----w- c:\programdata\FLEXnet
2013-12-14 09:25 . 2013-12-14 09:27 -------- d-----w- c:\users\Ondrej\AppData\Local\Autodesk
2013-12-14 09:07 . 2013-12-14 13:43 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2013-12-14 09:07 . 2013-12-14 13:43 -------- d-----w- c:\program files (x86)\Common Files\Autodesk Shared
2013-12-14 08:55 . 2013-12-14 13:43 -------- d-----w- c:\programdata\Autodesk
2013-12-14 08:55 . 2013-12-14 09:25 -------- d-----w- c:\users\Ondrej\AppData\Roaming\Autodesk
2013-12-13 17:20 . 2013-12-13 17:20 -------- d-----w- c:\users\Ondrej\AppData\Roaming\Quest3D
2013-12-12 21:33 . 2013-12-12 21:33 -------- d-----w- c:\users\Ondrej\AppData\Roaming\Caphyon
2013-12-12 21:31 . 2013-12-12 21:31 -------- d-----w- c:\programdata\regid.2003-04.com.caphyon
2013-12-12 21:31 . 2013-12-12 21:31 -------- d-----w- c:\program files (x86)\Caphyon
2013-12-12 21:30 . 2013-12-16 12:13 -------- d-----w- c:\programdata\Caphyon
2013-12-08 16:57 . 2013-12-08 16:57 -------- d-----w- c:\program files (x86)\MSECache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-30 17:17 . 2013-11-04 04:46 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-30 17:17 . 2013-11-04 04:46 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-10 02:13 . 2013-11-03 18:38 982232 ----a-w- c:\windows\SysWow64\nvspcap.dll
2013-12-10 02:13 . 2013-11-03 18:38 1100248 ----a-w- c:\windows\system32\nvspcap64.dll
2013-12-05 08:42 . 2013-11-03 18:27 35104 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-11-14 11:58 . 2013-12-03 04:52 18293608 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-11-14 11:58 . 2013-12-03 04:52 15862272 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-11-14 11:58 . 2013-11-03 17:22 1436528 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-11-14 11:58 . 2013-12-03 04:52 9619872 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-11-14 11:58 . 2013-12-03 04:52 32544 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2013-11-14 11:58 . 2013-11-03 18:27 1242400 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2013-11-14 11:58 . 2013-12-03 04:52 11514624 ----a-w- c:\windows\system32\nvopencl.dll
2013-11-14 11:58 . 2013-12-03 04:52 30361888 ----a-w- c:\windows\system32\nvoglv64.dll
2013-11-14 11:58 . 2013-12-03 04:52 22951200 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-11-14 11:58 . 2013-12-03 04:52 317472 ----a-w- c:\windows\system32\nvoglshim64.dll
2013-11-14 11:58 . 2013-12-03 04:52 266984 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2013-11-14 11:58 . 2013-12-03 04:52 12613408 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-11-14 11:58 . 2013-11-03 17:22 168616 ----a-w- c:\windows\system32\nvinitx.dll
2013-11-14 11:58 . 2013-11-03 17:22 141336 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-11-14 11:58 . 2013-12-03 04:52 707360 ----a-w- c:\windows\system32\NvFBC64.dll
2013-11-14 11:58 . 2013-12-03 04:52 657184 ----a-w- c:\windows\system32\NvIFR64.dll
2013-11-14 11:58 . 2013-12-03 04:52 609568 ----a-w- c:\windows\SysWow64\NvFBC.dll
2013-11-14 11:58 . 2013-12-03 04:52 562464 ----a-w- c:\windows\SysWow64\NvIFR.dll
2013-11-14 11:58 . 2013-12-03 04:52 1884448 ----a-w- c:\windows\system32\nvdispco6433182.dll
2013-11-14 11:58 . 2013-12-03 04:52 18208624 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-11-14 11:58 . 2013-12-03 04:52 1511712 ----a-w- c:\windows\system32\nvdispgenco6433182.dll
2013-11-14 11:58 . 2013-12-03 04:52 3132704 ----a-w- c:\windows\system32\nvcuvid.dll
2013-11-14 11:58 . 2013-12-03 04:52 3125024 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-11-14 11:58 . 2013-12-03 04:52 2947872 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-11-14 11:58 . 2013-12-03 04:52 2747680 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-11-14 11:58 . 2013-12-03 04:52 15218504 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-11-14 11:58 . 2013-12-03 04:52 9691888 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-11-14 11:58 . 2013-12-03 04:52 11600432 ----a-w- c:\windows\system32\nvcuda.dll
2013-11-14 11:58 . 2013-12-03 04:52 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-11-14 11:58 . 2013-12-03 04:52 25257248 ----a-w- c:\windows\system32\nvcompiler.dll
2013-11-14 11:58 . 2013-11-03 18:27 2697248 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-11-14 11:58 . 2013-11-03 17:22 3069608 ----a-w- c:\windows\system32\nvapi64.dll
2013-11-11 15:02 . 2013-11-03 17:23 6674208 ----a-w- c:\windows\system32\nvcpl.dll
2013-11-11 15:02 . 2013-11-03 17:23 3490080 ----a-w- c:\windows\system32\nvsvc64.dll
2013-11-11 15:01 . 2013-11-03 17:23 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-11-11 15:01 . 2013-11-03 17:23 67072 ----a-w- c:\windows\system32\nv3dappshextr.dll
2013-11-11 15:01 . 2013-11-03 17:23 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-11-11 15:01 . 2013-11-03 17:23 598304 ----a-w- c:\windows\SysWow64\oemdspif.dll
2013-11-11 15:01 . 2013-11-03 17:23 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-11-11 15:01 . 2013-11-03 17:23 219424 ----a-w- c:\windows\system32\nvmctray.dll
2013-11-11 15:01 . 2013-11-03 17:23 1065248 ----a-w- c:\windows\system32\nv3dappshext.dll
2013-11-11 15:01 . 2013-11-03 17:23 3467927 ----a-w- c:\windows\system32\nvcoproc.bin
2013-11-08 15:52 . 2013-11-03 19:41 409832 ----a-w- c:\windows\system32\drivers\aswsp.sys
2013-11-04 18:08 . 2013-11-04 18:08 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-04 18:08 . 2013-11-04 18:08 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-04 18:08 . 2013-11-04 18:08 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-04 18:08 . 2013-11-04 18:08 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-04 18:08 . 2013-11-04 18:08 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-04 18:08 . 2013-11-04 18:08 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-04 18:08 . 2013-11-04 18:08 2876928 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-11-04 18:08 . 2013-11-04 18:08 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-11-04 18:08 . 2013-11-04 18:08 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-11-04 18:08 . 2013-11-04 18:08 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-04 18:08 . 2013-11-04 18:08 1767936 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-04 18:08 . 2013-11-04 18:08 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-04 18:08 . 2013-11-04 18:08 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-04 18:08 . 2013-11-04 18:08 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-04 18:08 . 2013-11-04 18:08 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-04 18:08 . 2013-11-04 18:08 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-04 18:08 . 2013-11-04 18:08 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-04 18:08 . 2013-11-04 18:08 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-04 18:08 . 2013-11-04 18:08 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-04 18:08 . 2013-11-04 18:08 89600 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-04 18:08 . 2013-11-04 18:08 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-04 18:08 . 2013-11-04 18:08 61440 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-04 18:08 . 2013-11-04 18:08 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-11-04 18:08 . 2013-11-04 18:08 2647552 ----a-w- c:\windows\system32\iertutil.dll
2013-11-04 18:08 . 2013-11-04 18:08 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-04 18:08 . 2013-11-04 18:08 197120 ----a-w- c:\windows\system32\msrating.dll
2013-11-04 18:08 . 2013-11-04 18:08 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-11-04 18:08 . 2013-11-04 18:08 1365504 ----a-w- c:\windows\system32\urlmon.dll
2013-11-04 18:08 . 2013-11-04 18:08 216064 ----a-w- c:\windows\system32\msls31.dll
2013-11-04 18:08 . 2013-11-04 18:08 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-04 18:08 . 2013-11-04 18:08 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-04 18:08 . 2013-11-04 18:08 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-04 18:08 . 2013-11-04 18:08 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-11-04 18:08 . 2013-11-04 18:08 67072 ----a-w- c:\windows\system32\iesetup.dll
2013-11-04 18:08 . 2013-11-04 18:08 603136 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-04 18:08 . 2013-11-04 18:08 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-11-04 18:08 . 2013-11-04 18:08 53248 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-04 18:08 . 2013-11-04 18:08 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2013-11-04 18:08 . 2013-11-04 18:08 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-04 18:08 . 2013-11-04 18:08 441856 ----a-w- c:\windows\system32\html.iec
2013-11-04 18:08 . 2013-11-04 18:08 39936 ----a-w- c:\windows\system32\iernonce.dll
2013-11-04 18:08 . 2013-11-04 18:08 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-04 18:08 . 2013-11-04 18:08 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-04 18:08 . 2013-11-04 18:08 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-04 18:08 . 2013-11-04 18:08 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-11-04 18:08 . 2013-11-04 18:08 235008 ----a-w- c:\windows\system32\url.dll
2013-11-04 18:08 . 2013-11-04 18:08 2241024 ----a-w- c:\windows\system32\wininet.dll
2013-11-04 18:08 . 2013-11-04 18:08 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-04 18:08 . 2013-11-04 18:08 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-04 18:08 . 2013-11-04 18:08 144896 ----a-w- c:\windows\system32\wextract.exe
2013-11-04 18:08 . 2013-11-04 18:08 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-04 18:08 . 2013-11-04 18:08 102912 ----a-w- c:\windows\system32\inseng.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-26 291608]
"{CDF13D74-E6AA-4006-818A-B360D6A3573C}"="c:\program files (x86)\Launch Manager\HotkeyApp.exe" [2012-03-01 415272]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-11-03 3567800]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 CV2K1;CommView Network Monitor;c:\windows\system32\DRIVERS\cv2k1.sys;c:\windows\SYSNATIVE\DRIVERS\cv2k1.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TSCOMM;CommStudio Virtual Adapter by TamoSoft;c:\windows\system32\DRIVERS\tscomm.sys;c:\windows\SYSNATIVE\DRIVERS\tscomm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys;c:\windows\SYSNATIVE\drivers\aswFsBlk.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:\program files\Intel\WiMAX\Bin\DMAgent.exe;c:\program files\Intel\WiMAX\Bin\DMAgent.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\KMPService.exe;c:\program files (x86)\PANDORA.TV\PanService\KMPService.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:\program files\Intel\WiMAX\Bin\AppSrv.exe;c:\program files\Intel\WiMAX\Bin\AppSrv.exe [x]
S2 WisLMSvc;WisLMSvc;c:\program files (x86)\Launch Manager\WisLMSvc.exe;c:\program files (x86)\Launch Manager\WisLMSvc.exe [x]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 bpenum;Intel(R) Centrino(R) WiMAX Enumerator;c:\windows\system32\DRIVERS\bpenum.sys;c:\windows\SYSNATIVE\DRIVERS\bpenum.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 TS_ARN5416;[CommView] Atheros Extensible Wireless LAN device driver;c:\windows\system32\DRIVERS\ts_athrx.sys;c:\windows\SYSNATIVE\DRIVERS\ts_athrx.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-11-03 19:41 326944 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-24 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-24 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-02-24 440600]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-10 12445288]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-12-21 368728]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-10-28 984224]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-10-28 800416]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2013-11-03 8069024]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2013-11-03 6201248]
"IntelWirelessWiMAX"="c:\program files\Intel\WiMAX\Bin\WiMAXCU.exe" [2011-12-01 1626112]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Ondrej\AppData\Roaming\Mozilla\Firefox\Profiles\9f56kzqt.default\
.
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
c:\program files (x86)\PANDORA.TV\PanService\KMPProcess.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2014-01-07 11:33:17 - machine was rebooted
ComboFix-quarantined-files.txt 2014-01-07 10:33
ComboFix2.txt 2014-01-07 09:26
.
Pre-Run: Volných bajtů: 325 430 444 032
Post-Run: Volných bajtů: 325 136 556 032
.
- - End Of File - - F601169E5B9A27C1CDBBCFE981C63E30

#10 Příspěvek od **vyosek** » 07 led 2014 17:33

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:services
PanService

:files
c:\program files (x86)\PANDORA.TV
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

force · #11 Příspěvek od **force** » 07 led 2014 21:58

log z OLDtimeru po restarte

All processes killed
========== SERVICES/DRIVERS ==========
Service PanService stopped successfully!
Service PanService deleted successfully!
========== FILES ==========
c:\program files (x86)\PANDORA.TV\PanService folder moved successfully.
c:\program files (x86)\PANDORA.TV folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP folder moved successfully.
C:\Windows\msdownld.tmp folder moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Ondrej
->Temp folder emptied: 12699088 bytes
->Temporary Internet Files folder emptied: 11465019 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 16746690 bytes
->Flash cache emptied: 22445 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 857 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 43258428 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 80,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Ondrej
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Ondrej
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 01072014_215410

Files\Folders moved on Reboot...
C:\Users\Ondrej\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Ondrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#12 Příspěvek od **vyosek** » 07 led 2014 22:10

Fajn, jak se chova PC??

force · #13 Příspěvek od **force** » 07 led 2014 22:15

ide ako má...vlastne už po vyčistení ComboFixom sa neobjavili problémy s dwm. ďakujem Vám veľmi pekne za Váš čas a ochotu pomôcť
P.S
môžem teraz programy ktoré som stiahol odstrániť?

#14 Příspěvek od **vyosek** » 08 led 2014 13:28

Tak jeste uklidime

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

force · #15 Příspěvek od **force** » 08 led 2014 17:36

Urobil som všetko podľa Vášho návodu a všetko je v poriadku. ďakujem veľmi pekne za pomoc

VIRY.CZ

dwm.exe - virus

dwm.exe - virus

Re: dwm.exe - virus

Re: dwm.exe - virus

Re: dwm.exe - virus

Re: dwm.exe - virus

Re: dwm.exe - virus

Re: dwm.exe - virus

Re: dwm.exe - virus

Re: dwm.exe - virus

Re: dwm.exe - virus

Re: dwm.exe - virus

Re: dwm.exe - virus

Re: dwm.exe - virus

Re: dwm.exe - virus

Re: dwm.exe - virus