Kontrola pc - internet vkuse pada

Zpráva

dex73r · #16 Příspěvek od **dex73r** » 06 led 2013 16:59

Wifi, ale vypada to lepsie a zda sa mi ze aj pc ide sviznejsie! Vdaka

#17 Příspěvek od **vyosek** » 06 led 2013 17:53

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

dex73r · #18 Příspěvek od **dex73r** » 06 led 2013 18:19

Dakujem vam velmi pekne, zahrnam u toho i vdaku za rychlu reakciu!

Majte sa tu pekne

#19 Příspěvek od **vyosek** » 06 led 2013 22:22

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

#20 Příspěvek od **vyosek** » 15 led 2013 19:01

Na zadost uzivatele odemknuto

dex73r · #21 Příspěvek od **dex73r** » 15 led 2013 20:30

Ahojda, chvilku som nehal kamarata na pc a uz som zbadal v procesoch nejake nepekne veci.. nasiel som tam 1 urcity program ktory sa vkuse zapina kvoly
nejakemu .VBS skriptu - ten som smazal, pretoze som pozeral v ccleanerovy programy ktore sa spustaju po starte.. ten vbs skript obsahoval nejake zahadne
znaky .. dufam ze som to mal vymazat, lebo ak som spravil chybu tak neviem ako to ziskam spet.. no, a zistil som to tak - jednoduchou nahodou isiel som zapinat
left 4 dead 2 (ktore mam samozrejme kupene !) a vyskocilo na mna, ze neni zapnuty windows defender, ta vlajocka v panele uloh bola preciarknuta a pisalo to ze
sa win defender neda zapnut - nahly reset, skumal som cim to je, pretoze bez resetu mi isiel brutalne pomaly pc.. resetol som a naskocil mi aj internet, dufam ze to pre popis co sa stalo staci..

PS: uz len pohlad na X poslednych riadkov v RSIT mi nerobi dobre, nejake nezname drivery premna.. no, dufam ze som na tom az tak zle neni.
tu je RSIT:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Spravca at 2013-01-15 20:24:42
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 246 GB (52%) free of 477 GB
Total RAM: 8189 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:24:45, on 15. 1. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Spravca.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [Adobe] C:\ProgramData\Adobe\F9A336.vbe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [GarenaPlus] "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-144053010-3787646527-420655005-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-144053010-3787646527-420655005-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Show avast! EasyPass Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Show avast! EasyPass Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11673 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\Sandboxie\SbieSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
taskeng.exe {331453E2-FC70-4623-A8AE-7D8EBE61F18E}
C:\Windows\SysWOW64\rundll32.exe "C:\Program Files (x86)\Garena Plus\ggspawn.dll",rundll_entry -p 0
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Sandboxie\SbieCtrl.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\SpeedFan\speedfan.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
"taskhost.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3244.1.209570800\560410419" --supports-dual-gpus=false --skip-gpu-full-info-collection --gpu-vendor-id=0x10de --gpu-device-id=0x11c0 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1090 --ignored=" --type=renderer " /prefetch:12
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=EnableStage3D/enabled/ForceCompositingMode/thread/GlobalSdch/global_enable_sdch/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2012Q4/2/OneClickSignIn/Standard/Prerender/PrerenderEnabled/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetching/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="3244.2.1802402202\1110903061" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=EnableStage3D/enabled/ForceCompositingMode/thread/GlobalSdch/global_enable_sdch/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2012Q4/2/OneClickSignIn/Standard/Prerender/PrerenderEnabled/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetching/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="3244.3.558491066\1394692654" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=EnableStage3D/enabled/ForceCompositingMode/thread/GlobalSdch/global_enable_sdch/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2012Q4/2/OneClickSignIn/Standard/Prerender/PrerenderEnabled/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetching/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="3244.4.1336839832\1081897061" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\plugin/rf-np-plugin.dll" --lang=sk --channel="3244.5.1487977355\902874594" /prefetch:4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3244.10.1314776447\1977609969" --lang=sk --ignored=" --type=renderer " /prefetch:13
"C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" -sf
"C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe"
"C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" "-launchedbycsxs"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=CacheSensitivityAnalysis/No/EnableStage3D/enabled/ForceCompositingMode/thread/GlobalSdch/global_enable_sdch/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2012Q4/2/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetching/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --enable-threaded-compositing --channel="3244.28.802152047\1361844723" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=CacheSensitivityAnalysis/No/EnableStage3D/enabled/ForceCompositingMode/thread/GlobalSdch/global_enable_sdch/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2012Q4/2/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetching/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --enable-threaded-compositing --channel="3244.29.1076127045\1352454889" /prefetch:3
"C:\Windows\System32\taskmgr.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=CacheSensitivityAnalysis/No/EnableStage3D/enabled/ForceCompositingMode/thread/GlobalSdch/global_enable_sdch/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2012Q4/2/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetching/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --enable-threaded-compositing --channel="3244.38.1764274815\1684305433" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=CacheSensitivityAnalysis/No/EnableStage3D/enabled/ForceCompositingMode/thread/GlobalSdch/global_enable_sdch/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2012Q4/2/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetching/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_78/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --enable-threaded-compositing --channel="3244.39.1858045132\1507792290" /prefetch:3
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Spravca\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 50C7F08F-0F46-7126-C823-21C41EB968E0 -Reinvoke

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-10-30 1502288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
avast! EasyPass Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2012-12-27 24518144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-11-15 537576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2012-12-13 6304016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-11-15 193512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
avast! EasyPass Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2012-12-27 18425000]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-11-14 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-12-13 4527888]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-11-14 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-10-30 1502288]
{724d43a0-0d85-11d4-9908-00400523e39a} - avast! EasyPass Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2012-12-27 24518144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]
{724d43a0-0d85-11d4-9908-00400523e39a} - avast! EasyPass Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2012-12-27 18425000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-10-17 13307496]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-11-09 17877168]
"SandboxieControl"=C:\Program Files\Sandboxie\SbieCtrl.exe [2012-08-25 765200]
"GarenaPlus"=C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [2012-12-17 9152968]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2012-11-15 968592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2007-12-13 1688872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2012-12-08 3093624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [2007-12-14 50472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2012-08-24 336992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [2008-03-20 83240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoboForm]
C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2012-12-27 96056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files (x86)\uTorrent\uTorrent.exe [2012-11-15 968592]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-12-14 2255360]
"AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"Adobe"=C:\ProgramData\Adobe\F9A336.vbe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"HideSCAHealth"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-01-15 20:24:42 ----D---- C:\rsit
2013-01-15 17:32:41 ----D---- C:\skyrim
2013-01-11 07:07:48 ----D---- C:\ProgramData\Orbit
2013-01-10 20:25:44 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-01-10 20:25:44 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2013-01-10 20:25:44 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-01-10 20:25:44 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-01-10 20:25:44 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2013-01-10 20:25:44 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2013-01-10 20:25:44 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-01-10 20:25:44 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-01-10 20:25:44 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-01-10 20:25:44 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-01-10 20:25:44 ----A---- C:\Windows\system32\nvwgf2umx.dll
2013-01-10 20:25:44 ----A---- C:\Windows\system32\nvopencl.dll
2013-01-10 20:25:44 ----A---- C:\Windows\system32\nvoglv64.dll
2013-01-10 20:25:44 ----A---- C:\Windows\system32\nvinitx.dll
2013-01-10 20:25:44 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2013-01-10 20:25:44 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-01-10 20:25:44 ----A---- C:\Windows\system32\nvcuvid.dll
2013-01-10 20:25:44 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-01-10 20:25:44 ----A---- C:\Windows\system32\nvcuda.dll
2013-01-10 20:25:44 ----A---- C:\Windows\system32\nvcompiler.dll
2013-01-10 20:25:44 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-01-10 20:14:26 ----D---- C:\NVIDIA
2013-01-09 17:11:09 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-01-09 17:11:09 ----A---- C:\Windows\system32\win32spl.dll
2013-01-09 17:11:00 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-01-09 17:11:00 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-01-09 17:11:00 ----A---- C:\Windows\system32\msxml6.dll
2013-01-09 17:11:00 ----A---- C:\Windows\system32\msxml3.dll
2013-01-09 17:10:58 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-01-09 17:10:58 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-09 17:10:57 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-01-09 17:10:57 ----A---- C:\Windows\system32\usp10.dll
2013-01-09 17:10:54 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-01-09 17:10:54 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-01-09 17:10:54 ----A---- C:\Windows\system32\Wpc.dll
2013-01-09 17:10:54 ----A---- C:\Windows\system32\gameux.dll
2013-01-09 17:10:35 ----A---- C:\Windows\system32\KernelBase.dll
2013-01-09 17:10:34 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-01-09 17:10:33 ----A---- C:\Windows\system32\kernel32.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-09 17:10:32 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 17:10:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-01-09 17:10:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-01-09 17:10:32 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-01-09 17:10:32 ----A---- C:\Windows\system32\wow64win.dll
2013-01-09 17:10:32 ----A---- C:\Windows\system32\wow64cpu.dll
2013-01-09 17:10:32 ----A---- C:\Windows\system32\wow64.dll
2013-01-09 17:10:32 ----A---- C:\Windows\system32\winsrv.dll
2013-01-09 17:10:32 ----A---- C:\Windows\system32\ntvdm64.dll
2013-01-09 17:10:32 ----A---- C:\Windows\system32\conhost.exe
2013-01-09 17:10:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 17:10:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-09 17:10:31 ----A---- C:\Windows\SYSWOW64\user.exe
2013-01-09 17:10:31 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-01-09 17:10:31 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-01-09 17:10:24 ----A---- C:\Windows\system32\taskhost.exe
2013-01-09 17:10:23 ----A---- C:\Windows\system32\win32k.sys
2013-01-08 15:34:09 ----D---- C:\Valve hammer editor
2013-01-06 11:11:47 ----A---- C:\AdwCleaner[S1].txt
2013-01-05 20:05:48 ----D---- C:\Program Files (x86)\Adobe Story
2013-01-05 12:19:02 ----A---- C:\AdwCleaner[R1].txt
2013-01-04 14:06:10 ----D---- C:\Users\Spravca\AppData\Roaming\Sony Creative Software Inc
2013-01-02 22:26:50 ----D---- C:\Program Files\Games
2012-12-31 21:51:10 ----D---- C:\Users\Spravca\AppData\Roaming\Garena
2012-12-31 21:51:10 ----D---- C:\ProgramData\Garena
2012-12-29 02:54:24 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2012-12-28 19:20:22 ----D---- C:\Users\Spravca\AppData\Roaming\PSpad
2012-12-28 19:20:17 ----D---- C:\Program Files (x86)\PSPad editor
2012-12-28 17:36:15 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2012-12-27 09:17:39 ----D---- C:\ProgramData\RoboForm
2012-12-27 09:17:19 ----D---- C:\Program Files (x86)\Siber Systems
2012-12-27 09:16:54 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2012-12-27 09:16:52 ----A---- C:\Windows\system32\drivers\aswSP.sys
2012-12-27 09:16:51 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2012-12-27 09:16:50 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2012-12-27 09:16:49 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2012-12-27 09:16:48 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2012-12-27 09:16:48 ----A---- C:\Windows\system32\aswBoot.exe
2012-12-27 09:16:38 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2012-12-27 09:16:30 ----D---- C:\ProgramData\AVAST Software
2012-12-27 09:16:30 ----D---- C:\Program Files\AVAST Software
2012-12-24 17:18:17 ----D---- C:\ProgramData\NexonSG
2012-12-24 17:18:17 ----D---- C:\ProgramData\Nexon
2012-12-22 21:31:39 ----D---- C:\Users\Spravca\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2012-12-22 16:58:28 ----A---- C:\Windows\patchw32.dll
2012-12-22 16:58:28 ----A---- C:\Windows\patchw.dll
2012-12-22 16:57:00 ----D---- C:\Program Files (x86)\Outspark
2012-12-22 10:45:58 ----D---- C:\Users\Spravca\AppData\Roaming\.minecraft
2012-12-22 08:27:12 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2012-12-22 08:27:12 ----A---- C:\Windows\system32\atmlib.dll
2012-12-22 08:27:10 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2012-12-22 08:27:10 ----A---- C:\Windows\system32\atmfd.dll
2012-12-18 13:10:01 ----D---- C:\Program Files (x86)\Secunia
2012-12-17 23:50:44 ----D---- C:\Program Files\trend micro

======List of files/folders modified in the last 1 months======

2013-01-15 20:24:45 ----D---- C:\Windows\Prefetch
2013-01-15 20:24:44 ----D---- C:\Windows\Temp
2013-01-15 20:24:37 ----D---- C:\Users\Spravca\AppData\Roaming\Skype
2013-01-15 19:35:21 ----D---- C:\Users\Spravca\AppData\Roaming\uTorrent
2013-01-15 18:54:14 ----D---- C:\Windows\System32
2013-01-15 18:54:14 ----D---- C:\Windows\inf
2013-01-15 18:54:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-15 18:51:58 ----D---- C:\GAMES
2013-01-15 18:22:24 ----D---- C:\Users\Spravca\AppData\Roaming\GarenaPlus
2013-01-15 18:22:24 ----D---- C:\ProgramData\GarenaMessenger
2013-01-15 18:05:38 ----D---- C:\Program Files (x86)\Internet Explorer
2013-01-15 18:04:22 ----D---- C:\Program Files (x86)\SpeedFan
2013-01-15 18:02:18 ----D---- C:\Windows\system32\Tasks
2013-01-15 18:01:59 ----D---- C:\ProgramData\NVIDIA
2013-01-15 18:01:15 ----D---- C:\Windows\system32\config
2013-01-15 17:57:22 ----HD---- C:\ProgramData\Adobe
2013-01-15 17:54:28 ----D---- C:\temp
2013-01-15 17:49:25 ----D---- C:\Windows\SysWOW64
2013-01-15 17:49:24 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-01-15 16:31:31 ----D---- C:\Program Files (x86)\Steam
2013-01-15 08:07:21 ----SHD---- C:\System Volume Information
2013-01-14 14:34:54 ----D---- C:\Windows\system32\catroot2
2013-01-11 22:52:15 ----D---- C:\Windows
2013-01-11 22:52:15 ----A---- C:\Windows\Sandboxie.ini
2013-01-11 07:07:48 ----D---- C:\ProgramData
2013-01-11 06:51:36 ----D---- C:\GFX
2013-01-10 23:14:31 ----D---- C:\Windows\rescache
2013-01-10 20:28:22 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-01-10 20:27:59 ----D---- C:\Windows\system32\DriverStore
2013-01-10 20:27:59 ----D---- C:\Windows\system32\catroot
2013-01-10 20:26:27 ----D---- C:\Windows\system32\drivers
2013-01-10 06:48:29 ----RSD---- C:\Windows\assembly
2013-01-10 06:48:29 ----D---- C:\Windows\Microsoft.NET
2013-01-10 06:32:06 ----D---- C:\Windows\winsxs
2013-01-09 22:59:14 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-01-09 22:59:14 ----D---- C:\Windows\system32\sk-SK
2013-01-09 22:59:14 ----D---- C:\Windows\AppPatch
2013-01-09 22:53:51 ----SHD---- C:\Windows\Installer
2013-01-09 22:53:43 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-01-09 22:49:02 ----D---- C:\Windows\debug
2013-01-09 22:49:00 ----A---- C:\Windows\system32\MRT.exe
2013-01-08 18:25:53 ----D---- C:\Users\Spravca\AppData\Roaming\TS3Client
2013-01-05 20:56:27 ----D---- C:\Users\Spravca\AppData\Roaming\Adobe
2013-01-05 20:56:13 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2013-01-05 20:08:35 ----D---- C:\Program Files\Adobe
2013-01-05 20:07:34 ----D---- C:\Program Files (x86)\Adobe
2013-01-05 20:06:00 ----D---- C:\Program Files\Common Files\Adobe
2013-01-05 20:05:48 ----RD---- C:\Program Files (x86)
2013-01-05 20:04:02 ----D---- C:\Program Files (x86)\Common Files
2013-01-05 15:40:17 ----D---- C:\Users\Spravca\AppData\Roaming\Winamp
2013-01-04 21:48:05 ----D---- C:\Windows\Logs
2013-01-04 12:50:38 ----D---- C:\Users\Spravca\AppData\Roaming\Sony
2013-01-02 22:26:50 ----RD---- C:\Program Files
2012-12-30 21:28:33 ----D---- C:\Program Files (x86)\Garena Plus
2012-12-29 11:34:47 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2012-12-29 11:34:47 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2012-12-29 11:34:47 ----A---- C:\Windows\system32\nvumdshimx.dll
2012-12-29 11:34:47 ----A---- C:\Windows\system32\nvdispgenco64.dll
2012-12-29 11:34:47 ----A---- C:\Windows\system32\nvdispco64.dll
2012-12-29 11:34:47 ----A---- C:\Windows\system32\nvapi64.dll
2012-12-29 09:40:27 ----A---- C:\Windows\system32\nvsvc64.dll
2012-12-29 09:40:27 ----A---- C:\Windows\system32\nvcpl.dll
2012-12-29 09:40:09 ----A---- C:\Windows\system32\nvvsvc.exe
2012-12-29 09:40:09 ----A---- C:\Windows\system32\nvsvcr.dll
2012-12-29 09:40:09 ----A---- C:\Windows\system32\nvshext.dll
2012-12-29 09:40:09 ----A---- C:\Windows\system32\nvmctray.dll
2012-12-28 17:32:37 ----D---- C:\Users\Spravca\AppData\Roaming\Hamachi
2012-12-27 09:19:18 ----D---- C:\ProgramData\MFAData
2012-12-25 09:28:54 ----D---- C:\Users\Spravca\AppData\Roaming\.techniclauncher
2012-12-25 09:28:42 ----D---- C:\Users\Spravca\AppData\Roaming\logs
2012-12-23 21:47:01 ----A---- C:\Windows\win.ini
2012-12-22 16:56:59 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-12-22 16:30:24 ----D---- C:\ProgramData\PMB Files
2012-12-20 19:36:08 ----D---- C:\Users\Spravca\AppData\Roaming\vlc
2012-12-20 12:36:12 ----D---- C:\ProgramData\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-11-02 21616]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 54072]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 984144]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 370288]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 59728]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2012-08-24 126944]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [2008-02-01 32240]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
R3 AR9271;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athuwx.sys [2011-07-28 2224160]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2011-07-29 56960]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2011-07-29 79104]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-10-18 2957544]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-07-03 189288]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2012-08-25 202632]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 X6va003;X6va003; \??\C:\Users\Spravca\AppData\Local\Temp\0034C84.tmp []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-14 2466304]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-12-29 884152]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-12-29 1260472]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2012-08-25 123664]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-12-29 383416]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-14 116648]
S2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-11-22 76888]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-14 116648]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2007-12-13 447784]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-01-12 541608]
S3 SwitchBoard;Adobe SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-14 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

EDIT:
Nasiel som kopiu toho skriptu, spravil som si to predtym nez som to mazal..

meno:F9A336.vbs
toto obsahuje ten skript:

#@~^wR0AAA==2MWaH{!DV,',E\l!+Y4R^4bm3U3bVV. mK:r@#@&w.GXXmhK.3D~x,J\XTZ)-*ZTr@#@&sk +D|EMsP{PE\l!TO4Rm4rm0+x0rsVDcmG:E@#@&@#@&4KGVA6rOwVlL~{Pol^d@#@&Kwxm^P{~Um.kaY /M+lDnr(L+1OcPrUm.k2Oc?4+^sJ,# 3XwlU[Ax-kMG :n YUYDbxTd`r] qgf(]uJ#,'Pr-/HdO+s&y-6wnU;S N^sJ@#@&rW,0ksnA6r/DcKwn m^#PDtU@#@&d^l^V~jD+w8@#@&ifW@#@&7dEP;tnmV~DW~/nPb0~(,mlU~T+OPm~akUTPM+/aW d+,0.WsPOCMo+D@#@&idq6~Kk ovJLWGL^+ mKhJ*PP4x@#@&7idvP;C^V~DtPmKN~YKP.E PGU,mW U+1Y@#@&77d;l^V~HCr P~P,~P,P~~,PP~@#@&d7d(GKV3XkDsVmo,xP:D;+@#@&77AxN,(0@#@&di jmMkaY /snw~FZT!,B~KmE/n~6W.P8~k+^Kx9/P(+6GDPU+XY~CDY+s2Y@#@&ddGGw,h4ks+~8KWs2XrYwVCL,@!@*~PMEn@#@&n N~b0@#@&@#@&/!8Ptlrx@#@&7OswP{~UmDb2OR;DlO+68N+^Yv~Jq?^.bwY j4+sVr~*R3XwmxNAx7rDKxh+ YjOMkxTd`r]KA\K]r#@#@&7mh[,'~PDhw,[~E'/\^4K/ORaJ@#@&dalDm:k~',J~OKP4ODw)J&J,[Pa.G6H{!DsP'E,O6Pr~[,w.GXX{AGM3nD,'rPR^P8J@#@&d!.V,'~J4YO2=zzr~[,:k n.{!D^@#@&dFr^VKDK^m/d~1:N@#@&iNGh sKl[,EMVPLPr&/7m4WkY nX+JB~YswPL~Ezk\1tG/O 6nJ@#@&d9WAU^Wl[~!DsPL~rzsb41ED^OW N^VE~,Yh2,[Pr&Vb4m!.sOWR9VsJ@#@&iNGh sWmN~;MVP'~rzsk(nmXfyR9VVr~,O:aP'Przsr(+lHf cNV^E@#@&iNKhUVGC9P;D^~[,J&sb4k[U FqR9s^JS,YswPLPr&Vb4rN OqqcNV^E@#@&dNKAUVKl9P;Ds~LPEz^r4!/8R8R! [^VE~,Osw~LPrzVb4!d4 F !cNssr@#@&i[WSxVKC[P!D^P'PE&9kC4^GFyFTq+RmsEBPO:a~LPEJNbl4^W8+FZFR1VE@#@&dNKAx^Wl9~;D^PLPEz24mYVFyq!8v ^^J~~Osw~[,EJw4mY0F 8!8R1VE@#@&d[GSxVKCN,ED^~'PrzaW^V8h8 q!8R1VES,Y:2~LPEzaG1V8sFyF!8vc^Vr@#@&d9WAU^Wl9~EMVPL~EzaY4Dnl[!; N^sJBPOhaP[~EJwOtMnmN!; cNV^J@#@&d9WAx^WC[,ED^~[,Jzkds+mX2 Nssr~~Ys2PLPE&k/VnCH&+R9s^J@#@&d9Wh VKCN,E.V,[~EJyVb8FcNV^ESPD:aP'PE&.Vr48 N^VE@#@&d/4n^V~m4.v&**PLPmsN,~[,m4Dv&*b,[PaCDm:/@#@&nx9PkE8@#@&@#@&s;x1OkKx~KbxocdDDuWkO*@#@&@#@&,PP,?OPK4%nbxL~{PMOr(L+1OcJSk :L:Od= r:anDkWUCDkWUJ\nV{rswnM/KxlD+)E#c2a+1p;nMX`rd+^+mD~MP6DK:~rU2 mnbUoUYCO!/PA4DnPm[9Dnk/,'PEJ,'PkY.CK/O~LPJEE#@#@&@#@&~~P,y,'~!@#@&,P~PGGP,P~@#@&PP~~,P~P.~{P",_,F@#@&P,~P,P~PwW.~Alm4~W(LIOjYmY!/~qU~K4%nbUo,P~~,PP~@#@&P~P,~,P~,P,Pq6P&d1!Vs`K4%]Y?DCY!/RUOCY!/;W[+b~}D~W(%IYjOmYEd UYCY!d;W[P@!@*PZP:4+ P~P,P~~,PP,~@#@&PP,~~P,P,P~P~~,PKk L?DlO;kP'~omVd+,~,P~,P,@#@&,P,~P,P~P,P~3^/+@#@&P,PP,~~P,P,P~P~~hkUoUOlDEd~{PK.;P~P,~,P~,P,PP,@#@&~P,P~P,P~~,P2 [P&0P,~~P,@#@&P~P~~,P~1aY,P~~@#@&@#@&~,P~P,~,B~:DHPl,0APDkh+kPrU,mlknPslm4rU+,NK+dxvO,Dn/aGx9P.rTtY~CSlz@#@&~,P~,P,PhkmMrwDRdV+2~y!!@#@&P,PP,~~P&0,y~'~*,K4+ ~2XkO~GW@#@&@#@&P~P,JKW2,E Yk^PhrxT?OlDEd~{PKM;+@#@&@#@&~~P,q6PKkULUYCY!dP{PP.!+PP4x~@#@&~,P~,P,PnbxT~',K.E@#@&~,PPAs/@#@&,~~P,P,PKkUL,'~sms/@#@&~,PP3U9P(0@#@&@#@&3 N,sE mDrW @#@&@#@&0;U1YkKUP9Wh sGl9`ksrVni"SSPkJW1lOrKx#@#@&,@#@&dE^M+CD+,6:^tDOw,W8LmO@#@&d?OPK4Lo\JC:KhPxP/.lO+}8LmOcrH?p\d (tJ_KPhJ*@#@&,@#@&7BT+OPDtn~M+:KO+,0k^n@#@&iW(LpHJu:KKRK2+ PE!AKJS~ksrVi"SS,0mV/@#@&~@#@&dv/x[~Dt+,.+$E+kO@#@&iW(LpHJu:KKRknx9`b@#@&P@#@&7EhCkD~!xObV,YtP9CYmP4lkP[GSxVKCNNPk;^m/k0;Vsz@#@&7NK~E Yrs,W4%ptSuK:Kc?OmY!/P{PyT!,)~PS/^.bwYcdV+wvqT!Z#,)~PsGKw@#@&,@#@&iBrW,Ytn~9lOl,4m/~9WSxVKl9nN,/;m/dW!VVH@#@&iq0,G8LoHdCPKK UYCY!dP{P+TZPK4n @#@&P@#@&,P~,diBmM+mO+,4rxmDz~kYDC:,W4Nn^Y@#@&idj+O~K4%bG6?DDnCsP'~/M+CY6(Ln1YvJbGrG$RUY.+m:Eb@#@&diG4Nbf}jODlsR6wnU@#@&~@#@&7P,P~~,PPvC9Kzw$bxCMX@#@&diW(%bGrjYM+ChcKXanP{PF@#@&7dK4Nb9rjOM+C:c DbYn~K4Lp\dCPKh "+daW /+~W9z@#@&P@#@&iP~~,PP,~BU+Y,O4+,/DDnlh~aWdkDrW POG,Ytn~kYCDD@#@&d7K4Nbf}?D.+m: nK/rObWx,xPZPP,~@#@&,@#@&d~P~~,P~PE^DlOn,0ksn,/z/DnsPG(LmY,YK~l^VGh,Y4n,/mMrwDPYK~^tm0PWW.~mx~+Xr/DkUL,0ksn@#@&7P,~,P~,PU+Y,W(%sUr~',Z.nmY+K8LmYvEjmMkaYrxL wks+Uz/D+h6(L+^Or#@#@&,@#@&d~,P,PP,PE^tmVPb0~O4+P6rVP+XrdYk~,kWPrO,+akkO/,Y4n PNnsYnPbO@#@&7iq6PW(LwjrcsrV+arkY/vdSKmlDrGx*P:tnx~G(Lo?} fVnOsksn,/JW1CDkG ~,YD!+@#@&P@#@&7P,P~~,PPE[+kYDKz~0bVPdXdO:~W(%+1Y@#@&id?nO,W8Lwj}Px,1KYtbxT@#@&,@#@&d,P~~,PP,v/m\+,O4+,l9W~/O.lhPDGPmPWr^+@#@&7iW8Lz9}?OM+m:RUl7nKKsrVPdJKmlDrW @#@&,@#@&d,P,P~P~~EmsWknPDtn~mNW~dDDnls@#@&d7K4Nbf}?D.+m: Z^Wdn@#@&P@#@&diBNdODKX,Y4+~C9W~/D.+m:~G(L+^O@#@&7dUnDPG(LzfrUYMnlsPxPgWO4bxo@#@&P@#@&divnx9PK4%+^O,NGh sWmNn[,/E^^/d0!s^X@#@&diNWSx^Gl9PxP:D;n@#@&dAs/@#@&i7[WSx^WCN~x,sCVkn@#@&d3U9PkW@#@&P@#@&iv9+dDDKXPX:^~tDY2PK4%n1Y@#@&7?YPK8%(tS_KPn~x,1GY4rxT@#@&~@#@&2U[,0;x1ObWU@#@&@#@&0!x1OkKx~0bVn3Xk/Dc0bV+ Ch+*@#@&dj+O~K4%sU6P{P/.lYnG(LnmDcr?^MkaYk ocok^+jXkYnh}4L^Yr#@#@&7Wk^+A6r/O~{PG4No?}Ror^+2arkYd`6r^+Um:#@#@&2 [P6EUmDkGU@#@&@#@&WE mYbGUP6W^NnD3ab/O`6GV9+.b@#@&djnDPG4NoUr~{P;D+mY64N+^YvJj^MkwDrxTRsbsn?H/D+hr8%mOJ*@#@&i0Gs9+D3ab/OP{~K4%w?}RsKV9nDA6r/D/cWKVN.#@#@&+ [~0!x1YrWU@#@&@#@&/!8P1DnCD+sGs9+.`6G^NnM#,@#@&i?OPK4%sUr~x,ZDCYr4Nn^YvJUm.k2ObxLRwrV?zdD+:68N+^Yrb@#@&7b0,0W^N.2XkdYv0Gs9+D*~',0l^dnPDtx~@#@&7K4%sU6R;DnCD+sGs9+.P6G^NnM@#@&d+ N,r0@#@&nx9Pd;(@#@&@#@&/!4Pk4nV^`1:[#@#@&,P~PE~I!x~C,mWhhmx[Pmd,kW,XKEPS+MnPMEUxbxL~6DWs~Y4+P1Gh:mx9PskUn@#@&~P,~Nb:~G(L?4n^V@#@&,~,PjY,W4N?4nV^PxPq?^.bwYc/DlY68LmD`~J j1DrwD ?4+ssrP#@#@&,P~PK8N?4V^RI!x,^:9~~!BPWC^/+@#@&P,PPUnOPK4N?4+ss,'~1KOtbxL@#@&+x[~kE8@#@&@#@&/;(P1WwH`6.Ws{2lDtS~DW{aCY4#@#@&7[ksP6ks+dzk@#@&dknY,0rs/Xdx;DnlDn}4%mD`JUmMrwDkUocsrs?XkO+sr4Nn^Yr#@#@&7qW~6ks+kz/csrs26rdD/c0MGs{2mY4#P:tU@#@&d~P,0rs/Xk ZKwXwrs+,0MWh{2CDtSPDG{alO4@#@&d3U9P(0@#@&x[,/!4@#@&@#@&dE(P4k9+oG^N+Mc0KVN.b@#@&dU+OPG8Nsjr,xP;DnCD+r8%mO`rj1DraYbxocsbs+UXdY:68N+mDE#@#@&dUnOPK4NsGV[nMPxPK8Lw?6 V+YoG^NnDvWKV[D*@#@&iq6~W(LoW^Nn.cbYD.k(EYd~',W(LoWs[D bDODb4;O/P)HGP+P:4x@#@&diW4NsKsND bDY.r(EYdP{PW(%oW^ND bOOMk8EDn/,(6], P@#@&i2UN,(6@#@&x9P/!4@#@&@#@&si1;K(6gPkkKDKm+kd]E xbxL`$ejbJPkOD;Wh2!Y+.S~5#bd~kY.hDKm+k/gC:#@#@&@#@&79&HPK8LqHqUn.\bm~~/O.qH(p!nDH@#@&@#@&d/O.qH(p!nMX~{Pr?+^+1OPCPWDK:~ bx&ymnMWmddPStDnP3am;Ym8VnCO4PVrVPvJ,',/OMnMWm/kHls+~[,JvE@#@&d@#@&dU2K,G8LqH&?nD-r1+~',!2:r$BAZKcESkU:ThD/lrP|@#@&idL~JPkhwDdG lYbGxd+\sxkswDdWUCD+N"'wJ,{~@#@&dd7',/OD;Gsw;D+MP[,J'.WKYwmb:-+r#P@#@&@#@&@#@&i(oPK4N\qjnM\rm 2X+^}!+DzckY.t(5EnMX*RZKE OP@*PTP:C3H@#@&dir/hDW1nd/"E xrxL~{PPI`3@#@&d3JU2@#@&7ikdnMG1+dkI!xxbxT~',s)SU2@#@&i21G~qw@#@&@#@&31GPwjHZP(}1@#@&@#@&?!4~FbVVK.Km^+kdvPhHnMWm/k~#@#@&vb!Y4GM/),9+ k/,jOOhkD.+~C N~IK8P7lU~9+D~ KE[+@#@&En;MwK/+=PnrV^/~l,w.G1+/k~l NPSCrYkP!xOks~bY~kk~YMEsz,N+C[@#@&@#@&,~,P9b:,4V I!UxbxL~,mGshDW1n/k+/B~G4NnMW^+dd@#@&~P,~4^x]; xkUL,'~smsk+@#@&@#@&PP,PUnY,mGVhDG^//dP{PMO64N+1YcPEAbxhosO/= rha+DdG lOkKUd+-V{k:a+MdW lO+)J~bc26^p!+DHc~JU+^+^Y~M,s.Ws~bxf+|nDG^/dJB~BP*RP*@#@&,P,~sKD~2mm4~K4Lh.W1+/k~rx,mKVKDG^/d+k@#@&,P~~,PP~(6PJZmd`~sXhDW1+kdP*PxPdZCd`PK8LhDW1nd/c2X+^EOC(VnnmOt*PP4x@#@&~,P~P,~,P~,PEPZKx6rDsPOtmY~O4+Pa.W1+/k~AlkPmmOECs^X~D!UxbxL@#@&PP~~,P~P,~,P8^x"Ex k LP{PPD!+@#@&,PP,~P,PP,~~B,MY~+aC1Y~mmd+,0G.,Ytn~mmOEms,w.Km//,xmh+@#@&~P,P~~,PP,~PsXnMG^+k/,PxPG8Nn.W1n/kR3amEOC(VnnmO4@#@&,P,PP,P,~P,PvPnkss,lV^~k /YmU^+kPK0~Y4n,w.W1n/k@#@&~,PP~~,P~P,~K4%hDKm+k/cP+M:rxmYnc*@#@&,~P,PP,~3x9P&0@#@&~~,PH+XO@#@&2U[,?E8@#@&@#@&?!8,Nrkl(V+wkMnhmVs`*@#@&7kt+^sPrD+T n6PmN[PE'1t.`2*#LJuFdH-jG6YAlMn'Hr1DK/W6Y' k NGhk-/;MD+ O.D/bGU-hW^k^knd'2aw^GDDE'1tDcfW#'J,&7PubN?ZzCCVDt~zDP]3V{fq6IGPz9~T68PJ0E@#@&7ktnV^~J +O~kYW2~S/^/7^r@#@&i/4+V^PrU+DPdYKw~ bxfW+ NJ@#@&7/4+^V~Jd^,mGx6ro,rUG+0nU9'~Nbdm4sNr@#@&i/4nV^PE/1P^G 0kT~hkm/7^~/DlMYxP[rkl8V[J@#@&7d4+Vs~rxnY,dDW2,Ha/?7mr@#@&i/4+^V~EkmP1Gx6ko,\2/U\1PdYC.D'~Nbdl(Vn[r@#@&7d4+sV,E +O,/DWw,?4CDN)m1+ddr@#@&idtVV,Edm,mKxWkL~UtCD[b1mndkP/OCMYxP9rkl8^+9J@#@&2 [PUE8@#@&@#@&d!4PUO+aF@#@&7[kkl(Vnsr.hCV^@#@&i4Cd{0Gs9+.P{~rZl'nMWoMls9lDlE@#@&d^.lYoW^N+Mc8lk+|0GV[nM#@#@&i4k9+oG^N+.c(ld+|WKV[D*@#@&i4md+|0GV9+.~{P4md+|0W^[nD,[,Jwb[G(+E@#@&7mM+COsWs[Dc4md{WKV9+D*@#@&7tbNnsKV[nM`4md+|0W^[nD*@#@&dO:2mDtr/,xP(ldn|0Ws[D~[,E'J~LPq?mMkaORUm.kaYHCs+@#@&7mKwX, jmMkaY ?^.bwOs!sVglhnBPYh2|Y4kk@#@&dd4+^VPrDLR6nPmN[~r[m4.`2c#LEu|A5|S6Z)J|H)Z_(1A-j6wK)]A-\k1.K/G6Y'k NKA/'Z;DM+UOj+DkrW -I!UE[1tM`fcb'rP&\,)NK4n~JYP]3V{j},&9PE,[,mtM`2*#,[~YswmO4k/,'P1tDvf*#,[,J~zWE@#@&nx9~?!40ZYIAA==^#~@

#22 Příspěvek od **vyosek** » 16 led 2013 10:16

Zdravim

Ktere ty drivery se Vam nezdaji

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222

Provedte aktualizaci
Provedte uplny sken - nic nemazte
MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

dex73r · #23 Příspěvek od **dex73r** » 16 led 2013 14:04

Zdravim, nezdaju sa mi:

S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 X6va003;X6va003; \??\C:\Users\Spravca\AppData\Local\Temp\0034C84.tmp []

Eagle - nieco take som raz tiez mal, musel som to smazat a aj X6, akurat ten predtym bol X5 , aspon nejak tak sa volal..

- mimochodom, https://www.virustotal.com/file/9b19b99 ... 358279317/ tu je ten subor
- mozem preinstalovat antivirus na ESET? avast ma sklamal, nezachytil toto VBS a eset aj ine antiviry ano.

MBAM:

Malwarebytes Anti-Malware (Skúšobná verzia) 1.70.0.1100
www.malwarebytes.org

Verzia databázy: v2013.01.16.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Spravca :: SPRAVCA-PC [administrátor]

Ochrana: Zapnuté

16. 1. 2013 13:41:20
MBAM-log-2013-01-16 (14-58-19).txt

Typ kontroly: Úplná kontrola (C:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 498401
Uplynutý čas: 1 hod, 16 min, 3 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 4
C:\GAMES\CelestialPatcher\celestial.bin (RiskWare.Tool.CK) -> Žiadna úloha nevykonaná.
C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\AMTLib.dll (PUP.RiskwareTool.CK) -> Žiadna úloha nevykonaná.
C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\amtlib.dll (PUP.RiskwareTool.CK) -> Žiadna úloha nevykonaná.
C:\Sandbox\Spravca\DefaultBox\user\current\AppData\Local\Temp\{75EAB688-353C-41AD-A346-7D1EAE09947E}\Addons\browser_coupon_setup.exe (PUP.FakePlug) -> Žiadna úloha nevykonaná.

(koniec)

#24 Příspěvek od **vyosek** » 16 led 2013 15:00

Nalezy MBAMu smazte

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe

Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe

Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe
Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
Na plose vznikne log Rkill.txt ten mi sem vlozte
Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

dex73r · #25 Příspěvek od **dex73r** » 16 led 2013 16:16

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/16/2013 04:14:34 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Spravca\Desktop\rkill\rkill-01-16-2013-04-14-38.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Brána Windows Firewall (MpsSvc) is not Running.
Startup Type set to: Disabled

* Security Center (wscsvc) is not Running.
Startup Type set to: Disabled

* Ovládač overenia brány Windows Firewall (mpsdrv) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* C:\Windows\System32\UxTheme.dll [NoSig]
+-> C:\Windows\SysWOW64\uxtheme.dll : 245 760 : 07/14/2009 00:11 AM : 43964fa89ccf97ba6be34d69455ac65f [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_01d98c7b2040a1b9\uxtheme.dll : 332 288 : 07/14/2009 00:41 AM : d29e998e8277666982b4f0303bf4e7af [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_0c2e36cd54a163b4\uxtheme.dll : 245 760 : 07/14/2009 00:11 AM : 43964fa89ccf97ba6be34d69455ac65f [Pos Repl]

Checking HOSTS File:

* No issues found.

Program finished at: 01/16/2013 04:15:24 PM
Execution time: 0 hours(s), 0 minute(s), and 49 seconds(s)

zachvilku dam aj combofix, inak , potrebujem zapnut branu firewall, security center.. ako? :S

//combofix nejde zapnut

#26 Příspěvek od **vyosek** » 16 led 2013 18:21

Jaky je problem s CF, proc nejde zapnout??

dex73r · #27 Příspěvek od **dex73r** » 16 led 2013 18:27

Co to sakra je, predchvilkou mi to neslo a teraz som to znovu stiahol a ide to

Magia toto.. hned je tu CF, 5minut mi prosim dajte

#28 Příspěvek od **vyosek** » 16 led 2013 18:29

dex73r · #29 Příspěvek od **dex73r** » 16 led 2013 19:01

ComboFix 13-01-16.01 - Spravca . 01. 2013 18:40:31.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.8189.6132 [GMT 1:00]
Running from: c:\users\Spravca\Downloads\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Resident AV is active
.
.
.
((((((((((((((((((((((((( Files Created from 2012-12-16 to 2013-01-16 )))))))))))))))))))))))))))))))
.
.
2013-01-16 17:34 . 2013-01-16 17:34 -------- d-----w- c:\users\Dex
2013-01-16 16:33 . 2013-01-16 16:33 -------- d-----w- c:\users\Spravca\AppData\Local\ESET
2013-01-16 16:30 . 2013-01-16 16:30 -------- d-----w- c:\program files\ESET
2013-01-16 12:40 . 2013-01-16 12:40 -------- d-----w- c:\users\Spravca\AppData\Roaming\Malwarebytes
2013-01-16 12:40 . 2013-01-16 12:40 -------- d-----w- c:\programdata\Malwarebytes
2013-01-16 12:40 . 2013-01-16 12:40 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-16 12:40 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-16 05:32 . 2012-11-19 00:01 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D4295E8E-208C-48BF-BC69-048CBD1D0300}\mpengine.dll
2013-01-15 19:24 . 2013-01-15 19:24 -------- d-----w- C:\rsit
2013-01-15 17:12 . 2013-01-15 17:12 -------- d-----w- c:\users\Spravca\AppData\Local\Skyrim
2013-01-15 17:05 . 2012-11-13 14:56 222720 ----a-w- c:\program files (x86)\Internet Explorer\ielowutil - kópia.exe
2013-01-15 16:32 . 2013-01-15 16:36 -------- d-----w- C:\skyrim
2013-01-11 15:39 . 2013-01-11 15:39 -------- d-----w- c:\users\Spravca\AppData\Local\My Games
2013-01-11 06:07 . 2013-01-11 06:07 -------- d-----w- c:\programdata\Orbit
2013-01-10 19:14 . 2013-01-10 19:14 -------- d-----w- C:\NVIDIA
2013-01-09 16:11 . 2012-11-09 05:45 750592 ----a-w- c:\windows\system32\win32spl.dll
2013-01-09 16:11 . 2012-11-09 04:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-01-09 16:11 . 2012-11-01 05:43 2002432 ----a-w- c:\windows\system32\msxml6.dll
2013-01-09 16:11 . 2012-11-01 05:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2013-01-09 16:11 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-01-09 16:11 . 2012-11-01 04:47 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-01-08 14:34 . 2013-01-08 15:06 -------- d-----w- C:\Valve hammer editor
2013-01-05 19:05 . 2013-01-05 19:05 -------- d-----w- c:\program files (x86)\Adobe Story
2013-01-05 19:04 . 2013-01-05 19:04 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2013-01-04 13:06 . 2013-01-04 13:06 -------- d-----w- c:\users\Spravca\AppData\Roaming\Sony Creative Software Inc
2013-01-02 21:26 . 2013-01-02 21:26 -------- d-----w- c:\program files\Games
2012-12-31 20:51 . 2012-12-31 20:51 -------- d-----w- c:\users\Spravca\AppData\Roaming\Garena
2012-12-31 20:51 . 2012-12-31 20:51 -------- d-----w- c:\programdata\Garena
2012-12-29 01:54 . 2012-12-29 01:54 550328 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-12-28 18:20 . 2012-12-28 18:21 -------- d-----w- c:\users\Spravca\AppData\Roaming\PSpad
2012-12-28 18:20 . 2012-12-28 18:20 -------- d-----w- c:\program files (x86)\PSPad editor
2012-12-28 16:36 . 2013-01-16 17:48 -------- d-----w- c:\users\Spravca\AppData\Local\LogMeIn Hamachi
2012-12-28 16:36 . 2012-12-28 16:36 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2012-12-27 08:17 . 2012-12-27 08:17 -------- d-----w- c:\programdata\RoboForm
2012-12-27 08:16 . 2012-10-30 22:50 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-12-27 08:16 . 2013-01-16 16:25 -------- d-----w- c:\programdata\AVAST Software
2012-12-27 08:16 . 2012-12-27 08:16 -------- d-----w- c:\program files\AVAST Software
2012-12-27 08:13 . 2012-12-27 08:13 -------- d-----w- c:\users\Spravca\AppData\Local\Avg2013
2012-12-24 16:18 . 2012-12-24 16:18 -------- d-----w- c:\programdata\Nexon
2012-12-24 16:17 . 2012-12-24 18:47 -------- d-----w- c:\users\Spravca\AppData\Local\CSO
2012-12-22 20:31 . 2012-12-22 20:31 -------- d-----w- c:\users\Spravca\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2012-12-22 15:58 . 2010-01-13 16:48 230752 ----a-w- c:\windows\patchw32.dll
2012-12-22 15:58 . 2010-01-13 16:48 118176 ----a-w- c:\windows\patchw.dll
2012-12-22 15:57 . 2012-12-22 15:57 -------- d-----w- c:\program files (x86)\Outspark
2012-12-22 09:45 . 2013-01-15 17:21 -------- d-----w- c:\users\Spravca\AppData\Roaming\.minecraft
2012-12-22 07:27 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-22 07:27 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-22 07:27 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-22 07:27 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-20 21:39 . 2012-12-20 21:39 -------- d-----w- c:\users\Spravca\jagexcache
2012-12-18 12:10 . 2012-12-18 12:10 -------- d-----w- c:\users\Spravca\AppData\Local\Secunia PSI
2012-12-18 12:10 . 2012-12-18 12:10 -------- d-----w- c:\program files (x86)\Secunia
2012-12-17 22:50 . 2013-01-15 19:24 -------- d-----w- c:\program files\trend micro
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-15 16:49 . 2012-11-20 12:28 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-01-15 16:49 . 2012-11-20 12:26 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-01-15 14:41 . 2012-11-20 12:26 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-01-09 21:49 . 2012-11-14 16:41 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-29 10:34 . 2012-11-13 14:13 1813432 ----a-w- c:\windows\system32\nvdispco64.dll
2012-12-29 10:34 . 2012-11-13 14:13 1504696 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-12-29 10:34 . 2012-10-10 20:23 2824656 ----a-w- c:\windows\system32\nvapi64.dll
2012-12-29 10:34 . 2012-10-10 20:23 1107592 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-12-29 10:34 . 2012-10-10 20:22 2504248 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-12-29 10:34 . 2012-10-10 20:22 15129064 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-12-29 08:40 . 2012-11-13 14:14 6382008 ----a-w- c:\windows\system32\nvcpl.dll
2012-12-29 08:40 . 2012-11-13 14:14 3455416 ----a-w- c:\windows\system32\nvsvc64.dll
2012-12-29 08:40 . 2012-11-13 14:14 2923201 ----a-w- c:\windows\system32\nvcoproc.bin
2012-12-29 08:40 . 2012-11-13 14:14 884152 ----a-w- c:\windows\system32\nvvsvc.exe
2012-12-29 08:40 . 2012-11-13 14:14 63928 ----a-w- c:\windows\system32\nvshext.dll
2012-12-29 08:40 . 2012-11-13 14:14 2558392 ----a-w- c:\windows\system32\nvsvcr.dll
2012-12-29 08:40 . 2012-11-13 14:14 118712 ----a-w- c:\windows\system32\nvmctray.dll
2012-11-30 04:45 . 2013-01-09 16:10 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-28 17:22 . 2009-07-13 23:55 332288 ----a-w- c:\windows\system32\uxtheme.dll
2012-11-28 17:22 . 2010-11-21 03:23 2851840 ----a-w- c:\windows\system32\themeui.dll
2012-11-28 17:22 . 2009-07-13 23:54 44544 ----a-w- c:\windows\system32\themeservice.dll
2012-11-28 08:07 . 2012-11-28 08:07 57904 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2012-11-22 12:55 . 2012-11-20 12:26 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-11-19 15:57 . 2012-11-13 15:25 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-19 15:57 . 2012-11-13 15:25 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-15 15:12 . 2012-11-15 15:12 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-11-15 15:12 . 2012-11-15 15:12 289768 ----a-w- c:\windows\system32\javaws.exe
2012-11-15 15:12 . 2012-11-15 15:12 189416 ----a-w- c:\windows\system32\javaw.exe
2012-11-15 15:12 . 2012-11-15 15:12 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-15 15:12 . 2012-11-15 15:12 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-11-15 15:12 . 2012-11-15 15:12 188904 ----a-w- c:\windows\system32\java.exe
2012-11-14 19:13 . 2012-11-14 19:13 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-14 19:13 . 2012-11-14 19:14 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-11-14 19:13 . 2012-11-14 19:14 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-11-14 07:06 . 2012-12-12 21:32 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-12 21:32 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-12 21:32 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-12 21:32 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-12 21:32 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-12 21:32 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-12 21:32 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-12 21:32 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-12 21:32 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-12 21:32 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-12 21:32 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-12 21:32 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-12 21:32 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-12 21:32 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-12 21:32 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-12 21:32 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-12 21:32 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-12 21:32 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 21:32 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-12 21:32 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 21:32 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-12 21:32 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-13 15:12 . 2012-11-13 15:12 505128 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-11-13 15:12 . 2012-11-13 15:12 353576 ----a-w- c:\windows\SysWow64\msvcr71.dll
2012-11-13 15:12 . 2012-11-13 15:12 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll
2012-11-13 14:56 . 2012-11-13 14:56 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-11-13 14:56 . 2012-11-13 14:56 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-11-13 14:56 . 2012-11-13 14:56 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-11-13 14:56 . 2012-11-13 14:56 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-11-13 14:56 . 2012-11-13 14:56 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-11-13 14:56 . 2012-11-13 14:56 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-11-13 14:56 . 2012-11-13 14:56 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-11-13 14:56 . 2012-11-13 14:56 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-11-13 14:55 . 2012-11-13 14:55 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-11-13 14:55 . 2012-11-13 14:55 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-11-13 14:55 . 2012-11-13 14:55 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-11-13 14:55 . 2012-11-13 14:55 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-11-13 14:55 . 2012-11-13 14:55 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-11-13 14:55 . 2012-11-13 14:55 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-11-13 14:55 . 2012-11-13 14:55 222208 ----a-w- c:\windows\system32\msls31.dll
2012-11-13 14:55 . 2012-11-13 14:55 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-11-13 14:55 . 2012-11-13 14:55 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-11-13 14:55 . 2012-11-13 14:55 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-11-13 14:55 . 2012-11-13 14:55 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-11-13 14:55 . 2012-11-13 14:55 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-11-13 14:55 . 2012-11-13 14:55 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-11-13 14:55 . 2012-11-13 14:55 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-11-13 14:55 . 2012-11-13 14:55 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-11-13 14:55 . 2012-11-13 14:55 197120 ----a-w- c:\windows\system32\msrating.dll
2012-11-13 14:55 . 2012-11-13 14:55 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-11-13 14:55 . 2012-11-13 14:55 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-11-13 14:55 . 2012-11-13 14:55 149504 ----a-w- c:\windows\system32\occache.dll
2012-11-13 14:55 . 2012-11-13 14:55 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-11-13 14:55 . 2012-11-13 14:55 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-11-13 14:55 . 2012-11-13 14:55 12288 ----a-w- c:\windows\system32\mshta.exe
2012-11-13 14:55 . 2012-11-13 14:55 114176 ----a-w- c:\windows\system32\admparse.dll
2012-11-13 14:55 . 2012-11-13 14:55 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-11-13 14:55 . 2012-11-13 14:55 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-11-13 14:55 . 2012-11-13 14:55 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-11-13 14:55 . 2012-11-13 14:55 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-11-13 14:55 . 2012-11-13 14:55 82432 ----a-w- c:\windows\system32\icardie.dll
2012-11-13 14:55 . 2012-11-13 14:55 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-11-13 14:55 . 2012-11-13 14:55 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-11-13 14:55 . 2012-11-13 14:55 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-11-13 14:55 . 2012-11-13 14:55 448512 ----a-w- c:\windows\system32\html.iec
2012-11-13 14:55 . 2012-11-13 14:55 403248 ----a-w- c:\windows\system32\iedkcs32.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-11-09 17877168]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2012-08-25 765200]
"GarenaPlus"="c:\program files (x86)\Garena Plus\GarenaMessenger.exe" [2012-12-17 9152968]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-11-15 968592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-12-14 2255360]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-11-14 1255736]
R3 X6va003;X6va003;c:\users\Spravca\AppData\Local\Temp\0034C84.tmp [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2012-11-28 57904]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2011-11-02 21616]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-10-08 211344]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-10-08 149592]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2012-10-08 59440]
S2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:\program files (x86)\CyberLink\PowerDVD8\000.fcl [2008-02-01 32240]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2012-11-26 1329304]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-14 2466304]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-12-29 383416]
S3 AR9271;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athuwx.sys [2011-07-28 2224160]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-07-29 56960]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-07-29 79104]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-13 14:03 1606760 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-14 16:56]
.
2013-01-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-14 16:56]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-10-17 13307496]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-11-26 6325936]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.sk/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-Adobe - c:\programdata\Adobe\F9A336.vbe
AddRemove-Counter-Strike: Source - c:\games\Counter-Strike Source\Uninst.exe
AddRemove-Uplay - c:\program files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe
AddRemove-{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88} - c:\program files (x86)\InstallShield Installation Information\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va003]
"ImagePath"="\??\c:\users\Spravca\AppData\Local\Temp\0034C84.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD8\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Internet Explorer\IELowutil.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Completion time: 2013-01-16 18:57:45 - machine was rebooted
ComboFix-quarantined-files.txt 2013-01-16 17:57
.
Pre-Run: 266 998 034 432 bytes free
Post-Run: 266 684 186 624 bytes free
.
- - End Of File - - 7DA3AEFCFBD2278C1213C1B726EF3BC3

nejak mi to vkuse blblo, ked sa dokoncil stage 50 tak sa resetol PC a vtedy black screen, musel som 3x restartovat PC aby to naskocilo..

#30 Příspěvek od **vyosek** » 16 led 2013 21:41

Nasledujici soubory otestujte na VirusTotalu https://www.virustotal.com/cs/

c:\program files (x86)\Internet Explorer\ielowutil - kópia.exe
Kliknete na Choose file
Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
Kliknete na Scan It
Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
Vysledek analyzy sem vlozte (jako odkaz)

VIRY.CZ

Kontrola pc - internet vkuse pada

Re: Kontrola pc - internet vkuse pada

Re: Kontrola pc - internet vkuse pada

Re: Kontrola pc - internet vkuse pada

Re: Kontrola pc - internet vkuse pada

Re: Kontrola pc - internet vkuse pada

Re: Kontrola pc - internet vkuse pada

Re: Kontrola pc - internet vkuse pada

Re: Kontrola pc - internet vkuse pada

Re: Kontrola pc - internet vkuse pada

Re: Kontrola pc - internet vkuse pada

Re: Kontrola pc - internet vkuse pada

Re: Kontrola pc - internet vkuse pada

Re: Kontrola pc - internet vkuse pada

Re: Kontrola pc - internet vkuse pada

Re: Kontrola pc - internet vkuse pada