VIRY.CZ

Syntax of the command is incorrect

Navod je spravne. Zkontrolujte, zda to mate dobre okopirovane a pojmenovane. Pokud ano a stejne to nepujde, zkuste to udelat v nouzovem rezimu.

Pokud by to neslo ani v nouzovem rezimu, stahnete novy combofix a zkuste to s nim. Melo by to fungovat.

uz to probehlo...

ComboFix 13-07-07.01 - ADMIN 07/07/2013 11:23:18.2.3 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3839.2326 [GMT 1:00]
Running from: c:\users\ADMIN\Desktop\ComboFix.exe
Command switches used :: c:\users\ADMIN\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AdobeFlashPlayerUpdateSvc
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_Updater By Sweetpacks
.
.
((((((((((((((((((((((((( Files Created from 2013-06-07 to 2013-07-07 )))))))))))))))))))))))))))))))
.
.
2013-07-07 10:30 . 2013-07-07 10:30 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-07-07 10:30 . 2013-07-07 10:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-06 20:29 . 2009-04-06 08:08 5174 ----a-w- c:\windows\SysWow64\nppt9x.vxd
2013-07-06 20:29 . 2009-04-06 08:08 4682 ----a-w- c:\windows\SysWow64\npptNT2.sys
2013-07-06 20:21 . 2013-07-07 07:25 -------- d-----w- c:\program files (x86)\Lajna
2013-07-06 00:24 . 2013-06-12 03:08 9552976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{388CD268-8526-4A59-ACE8-3F020A42889D}\mpengine.dll
2013-07-04 20:45 . 2013-07-04 21:10 -------- d-----w- C:\whatever
2013-07-03 10:12 . 2013-07-03 10:12 -------- d-----w- c:\users\ADMIN\AppData\Roaming\Malwarebytes
2013-07-03 10:12 . 2013-07-03 10:12 -------- d-----w- c:\programdata\Malwarebytes
2013-07-03 09:10 . 2013-07-03 09:11 -------- d-----w- C:\rsit
2013-07-03 09:10 . 2013-07-03 09:11 -------- d-----w- c:\program files\trend micro
2013-07-01 18:53 . 2013-07-01 20:11 -------- d-----w- c:\program files (x86)\Guild Wars 2
2013-06-30 11:08 . 2013-07-03 09:42 -------- d-----w- c:\program files\Updater By Sweetpacks
2013-06-30 11:07 . 2013-06-30 11:07 -------- d-----w- c:\windows\SysWow64\jmdp
2013-06-30 11:07 . 2013-06-30 11:07 -------- d-----w- c:\windows\SysWow64\ARFC
2013-06-30 11:07 . 2013-06-12 08:27 1495856 ----a-w- c:\windows\system32\dmwu.exe
2013-06-30 11:07 . 2013-06-12 08:26 33792 ----a-w- c:\windows\system32\ImHttpComm.dll
2013-06-28 20:10 . 2013-06-28 20:10 -------- d-----w- c:\users\ADMIN\AppData\Local\Pando_Temp
2013-06-28 20:08 . 2013-07-04 20:54 -------- d-----w- c:\users\ADMIN\AppData\Local\assembly
2013-06-28 20:08 . 2013-07-06 20:18 -------- d-----w- c:\program files (x86)\NCSoft
2013-06-28 20:07 . 2013-06-28 20:07 -------- d-----w- C:\hbngv
2013-06-24 02:00 . 2013-06-08 14:08 1365504 ----a-w- c:\windows\system32\urlmon.dll
2013-06-24 02:00 . 2013-06-08 14:06 2648064 ----a-w- c:\windows\system32\iertutil.dll
2013-06-24 02:00 . 2013-06-08 14:06 526336 ----a-w- c:\windows\system32\ieui.dll
2013-06-24 02:00 . 2013-06-08 14:06 15404544 ----a-w- c:\windows\system32\ieframe.dll
2013-06-24 02:00 . 2013-06-08 14:07 19233792 ----a-w- c:\windows\system32\mshtml.dll
2013-06-23 22:52 . 2013-06-23 22:52 -------- d-----w- C:\drop
2013-06-23 14:31 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-06-23 14:31 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-06-23 10:38 . 2013-07-05 21:30 -------- d-----w- c:\program files (x86)\Lineage II
2013-06-23 09:23 . 2013-06-23 09:23 -------- d-----w- C:\onga sys
2013-06-23 02:02 . 2013-06-23 02:02 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-22 22:48 . 2013-06-22 22:49 -------- d-----w- C:\l2 zaloha
2013-06-22 18:27 . 2013-06-22 18:27 -------- d-----w- c:\users\ADMIN\AppData\Roaming\Nico Mak Computing
2013-06-22 18:27 . 2013-02-13 10:07 19840 ----a-w- c:\windows\system32\roboot64.exe
2013-06-22 18:26 . 2013-07-07 07:23 -------- d-----w- c:\users\ADMIN\AppData\Roaming\uTorrent
2013-06-13 19:11 . 2013-07-04 18:53 -------- d-----w- C:\l2 sys
2013-06-12 18:11 . 2013-06-12 18:11 -------- d-sh--w- c:\programdata\SecuROM
2013-06-12 18:08 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-12 18:06 . 2013-04-26 05:51 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-06-12 18:06 . 2013-04-26 04:55 492544 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-06-12 18:06 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-06-12 18:06 . 2013-05-10 03:20 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-06-12 18:04 . 2013-05-13 05:51 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-06-12 18:04 . 2013-05-13 03:43 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-06-12 18:04 . 2013-05-13 03:08 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-06-12 18:04 . 2013-05-13 05:51 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-06-12 18:04 . 2013-05-13 05:51 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-06-12 18:04 . 2013-05-13 04:45 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-06-12 18:04 . 2013-05-13 04:45 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-06-12 18:04 . 2013-05-13 05:50 52224 ----a-w- c:\windows\system32\certenc.dll
2013-06-12 18:04 . 2013-05-13 04:45 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-06-12 18:04 . 2013-05-13 03:08 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-06-12 18:03 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-06-12 18:03 . 2013-03-31 22:52 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-06-11 19:08 . 2013-06-11 19:08 -------- d-----w- C:\gamigo
2013-06-11 18:41 . 2013-06-13 09:03 -------- d-----w- c:\program files (x86)\Rockstar Games
2013-06-11 17:11 . 2013-06-11 19:10 -------- d-----w- c:\users\ADMIN\AppData\Roaming\GetRightToGo
2013-06-11 15:45 . 2013-06-11 18:04 -------- d-----w- C:\gta4 crack
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-13 02:03 . 2013-06-05 23:54 75825640 ----a-w- c:\windows\system32\MRT.exe
2013-06-12 18:40 . 2013-04-24 16:54 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 18:40 . 2013-04-24 16:54 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-11 15:33 . 2009-08-18 11:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2013-06-11 15:33 . 2009-08-18 10:24 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-06-05 21:20 . 2013-06-05 21:20 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2013-05-20 19:39 . 2013-05-22 00:55 5086240 ----a-w- c:\windows\SysWow64\GameMon.des
2013-05-13 19:08 . 2013-04-12 20:38 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-05-12 21:42 . 2013-06-05 23:21 9233688 ----a-w- c:\windows\system32\nvcuda.dll
2013-05-12 21:42 . 2013-06-05 23:21 7682960 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-05-12 21:42 . 2013-06-05 23:21 7641832 ----a-w- c:\windows\system32\nvopencl.dll
2013-05-12 21:42 . 2013-06-05 23:21 6324360 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-05-12 21:42 . 2013-06-05 23:21 550176 ----a-w- c:\windows\system32\NvFBC64.dll
2013-05-12 21:42 . 2013-06-05 23:21 518944 ----a-w- c:\windows\system32\NvIFR64.dll
2013-05-12 21:42 . 2013-06-05 23:21 443168 ----a-w- c:\windows\SysWow64\NvFBC.dll
2013-05-12 21:42 . 2013-06-05 23:21 421152 ----a-w- c:\windows\SysWow64\NvIFR.dll
2013-05-12 21:42 . 2013-06-05 23:21 2942240 ----a-w- c:\windows\system32\nvcuvid.dll
2013-05-12 21:42 . 2013-06-05 23:21 27775776 ----a-w- c:\windows\system32\nvoglv64.dll
2013-05-12 21:42 . 2013-06-05 23:21 2754336 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-05-12 21:42 . 2013-06-05 23:21 2363680 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-05-12 21:42 . 2013-06-05 23:21 21096736 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-05-12 21:42 . 2013-06-05 23:21 2002720 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-05-12 21:42 . 2013-06-05 23:21 1832224 ----a-w- c:\windows\system32\nvdispco6432018.dll
2013-05-12 21:42 . 2013-06-05 23:21 15143904 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-05-12 21:42 . 2013-06-05 23:21 1511712 ----a-w- c:\windows\system32\nvdispgenco6432018.dll
2013-05-12 21:42 . 2013-06-05 23:21 13403168 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-05-12 21:42 . 2013-06-05 23:21 11216160 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-05-12 21:42 . 2013-06-05 23:21 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2013-05-12 21:42 . 2013-06-05 23:21 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-05-12 21:42 . 2013-04-21 21:20 15910736 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-05-12 21:42 . 2013-04-21 21:20 12426216 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-05-12 21:42 . 2013-04-21 21:20 2935696 ----a-w- c:\windows\system32\nvapi64.dll
2013-05-12 21:42 . 2013-04-21 21:20 2597344 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-05-12 21:42 . 2013-04-19 02:01 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-05-12 21:42 . 2013-04-19 02:01 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-05-12 20:34 . 2013-05-13 18:31 6491936 ----a-w- c:\windows\system32\nvcpl.dll
2013-05-12 20:34 . 2013-05-13 18:31 3514656 ----a-w- c:\windows\system32\nvsvc64.dll
2013-05-12 20:34 . 2013-05-13 18:31 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-05-12 20:34 . 2013-05-13 18:31 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-05-12 20:34 . 2013-05-13 18:31 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-05-12 14:43 . 2013-05-12 14:43 566048 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-05-02 01:06 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-21 14:13 . 2013-04-21 14:13 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-04-21 14:13 . 2013-04-21 14:13 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-04-21 14:13 . 2013-04-21 14:13 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-04-13 05:49 . 2013-05-16 02:50 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-16 02:50 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-16 02:50 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-16 02:50 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-16 02:50 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-16 02:50 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 17:11 . 2013-04-12 17:11 1156 ----a-w- c:\windows\SysWow64\ealregsnapshot1.reg
2013-04-12 14:45 . 2013-05-14 03:24 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-16 02:50 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-16 02:50 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-16 02:50 3153920 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{DEDAF650-12B8-48f5-A843-BBA100716106}]
c:\program files\Updater By Sweetpacks\Extension32.dll [BU]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"MobileAppSync"="c:\program files (x86)\Mobile App Sync\D2MClient.exe" [2013-05-14 312320]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 aswVmm;aswVmm; [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Mobile Broadband HL Service;Mobile Broadband HL Service;c:\programdata\MobileBrServ\mbbservice.exe;c:\programdata\MobileBrServ\mbbservice.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-22 18:43 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 22:32 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-WinZip Registry Optimizer_is1 - c:\program files (x86)\WinZip Registry Optimizer\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Completion time: 2013-07-07 11:43:03 - machine was rebooted
ComboFix-quarantined-files.txt 2013-07-07 10:42
.
Pre-Run: 763,157,286,912 bytes free
Post-Run: 762,571,309,056 bytes free
.
- - End Of File - - 430195EF4FE6B297B5CFA44873F1D26C
A36C5E4F47E84449FF07ED3517B43A31


co ted??

Dejte novy log z RSIT.

Jak to vypada s pc? Nastala nejaka zmena?

Pocitac uz nema hloupe procesy a start je rychlejsi,

Logfile of random's system information tool 1.09 (written by random/random)
Run by ADMIN at 2013-07-07 18:45:52
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 727 GB (76%) free of 954 GB
Total RAM: 3839 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:45:56 PM, on 7/7/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16611)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Mobile App Sync\D2MClient.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\uzit+\chrome-win32\chrome.exe
C:\uzit+\chrome-win32\chrome.exe
C:\uzit+\chrome-win32\chrome.exe
C:\uzit+\chrome-win32\chrome.exe
C:\Program Files\trend micro\ADMIN.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\New folder\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\New folder\bin\jp2ssv.dll
O2 - BHO: Updater By Sweetpacks Helper - {DEDAF650-12B8-48f5-A843-BBA100716106} - C:\Program Files\Updater By Sweetpacks\Extension32.dll (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MobileAppSync] "C:\Program Files (x86)\Mobile App Sync\D2MClient.exe"
O4 - HKUS\S-1-5-21-2424735532-840248378-3633617618-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2424735532-840248378-3633617618-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mobile Broadband HL Service - Unknown owner - C:\ProgramData\MobileBrServ\mbbservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6668 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\ProgramData\MobileBrServ\mbbservice.exe" -service
"taskhost.exe"
taskeng.exe {2E9706AF-059C-4748-88E6-DE956045360F}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Mobile App Sync\D2MClient.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-335f3516-f054-43e9-a0de-566663e6a3f2 -SystemEventPortName:HostProcess-f2853a64-b62e-4191-94fc-b2ab0702fd0e -IoCancelEventPortName:HostProcess-a1580255-25a6-4d16-b929-0af0fbaf4a8a -NonStateChangingEventPortName:HostProcess-368f5bd6-478d-4b64-a446-277df5f19bec -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:45492f54-2674-4b25-a9ad-c44de130ca00 -DeviceGroupId:WpdFsGroup
"C:\uzit+\chrome-win32\chrome.exe"
"C:\uzit+\chrome-win32\chrome.exe" --type=gpu-process --channel="3712.0.1549966276\793901437" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,8,19,21 --gpu-vendor-id=0x10de --gpu-device-id=0x084b --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.2018 --ignored=" --type=renderer " /prefetch:822062411
"C:\uzit+\chrome-win32\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OneClickSignIn/BlueOnWhite/OverlappedReadImpact/OverlappedReadEnabled/Prefetch/ContentPrefetchPrefetchOff/Prerender/PrerenderMulti/PrerenderLoggedInPredictor/Enabled/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/ --enable-threaded-compositing --disable-html-notifications --channel="3712.2.1952091201\1222364265" /prefetch:673131151
"C:\uzit+\chrome-win32\chrome.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll" --lang=en-US --channel="3712.3.1378877955\585159468" /prefetch:-390060480
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\ADMIN\Downloads\RSITx64 (1).exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-06 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\New folder\bin\ssv.dll [2013-04-21 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-06 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\New folder\bin\jp2ssv.dll [2013-04-21 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DEDAF650-12B8-48f5-A843-BBA100716106}]
Updater By Sweetpacks - C:\Program Files\Updater By Sweetpacks\Extension32.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-06 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-06 1224568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-05-16 1012000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"MobileAppSync"=C:\Program Files (x86)\Mobile App Sync\D2MClient.exe [2013-05-14 312320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4StoryPrePatch]
C:\Program Files (x86)\Zemi Interactive\4StoryUS\PrePatch.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2013-06-06 1641896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-06 4767304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-07-07 11:43:24 ----D---- C:\Windows\temp
2013-07-07 11:43:10 ----A---- C:\ComboFix.txt
2013-07-07 11:32:48 ----SHD---- C:\$RECYCLE.BIN
2013-07-06 21:29:18 ----A---- C:\Windows\SYSWOW64\npptNT2.sys
2013-07-06 21:21:21 ----D---- C:\Program Files (x86)\Lajna
2013-07-05 22:07:16 ----A---- C:\Windows\ntbtlog.txt
2013-07-04 21:45:45 ----A---- C:\Windows\zip.exe
2013-07-04 21:45:45 ----A---- C:\Windows\SWSC.exe
2013-07-04 21:45:45 ----A---- C:\Windows\SWREG.exe
2013-07-04 21:45:45 ----A---- C:\Windows\sed.exe
2013-07-04 21:45:45 ----A---- C:\Windows\PEV.exe
2013-07-04 21:45:45 ----A---- C:\Windows\NIRCMD.exe
2013-07-04 21:45:45 ----A---- C:\Windows\MBR.exe
2013-07-04 21:45:45 ----A---- C:\Windows\grep.exe
2013-07-04 21:45:42 ----D---- C:\whatever
2013-07-04 21:37:08 ----D---- C:\Qoobox
2013-07-04 21:36:53 ----D---- C:\Windows\erdnt
2013-07-03 11:12:33 ----D---- C:\Users\ADMIN\AppData\Roaming\Malwarebytes
2013-07-03 11:12:17 ----D---- C:\ProgramData\Malwarebytes
2013-07-03 10:40:25 ----A---- C:\AdwCleaner[S1].txt
2013-07-03 10:40:13 ----A---- C:\AdwCleaner[R2].txt
2013-07-03 10:22:43 ----A---- C:\AdwCleaner[R1].txt
2013-07-03 10:10:40 ----D---- C:\rsit
2013-07-03 10:10:40 ----D---- C:\Program Files\trend micro
2013-07-01 19:53:14 ----D---- C:\Program Files (x86)\Guild Wars 2
2013-06-30 12:08:27 ----D---- C:\Program Files\Updater By Sweetpacks
2013-06-30 12:07:46 ----D---- C:\Windows\SYSWOW64\jmdp
2013-06-30 12:07:46 ----D---- C:\Windows\SYSWOW64\ARFC
2013-06-30 12:07:46 ----A---- C:\Windows\system32\ImHttpComm.dll
2013-06-30 12:07:46 ----A---- C:\Windows\system32\dmwu.exe
2013-06-28 21:08:19 ----D---- C:\Program Files (x86)\NCSoft
2013-06-28 21:07:22 ----D---- C:\hbngv
2013-06-24 03:01:38 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-06-24 03:01:38 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-06-24 03:01:38 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-06-24 03:01:38 ----A---- C:\Windows\system32\iesetup.dll
2013-06-24 03:01:38 ----A---- C:\Windows\system32\iernonce.dll
2013-06-24 03:01:38 ----A---- C:\Windows\system32\ie4uinit.exe
2013-06-24 03:01:37 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-06-24 03:01:37 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-06-24 03:01:37 ----A---- C:\Windows\system32\iesysprep.dll
2013-06-24 03:01:36 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-06-24 03:01:35 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-06-24 03:01:35 ----A---- C:\Windows\system32\msfeeds.dll
2013-06-24 03:01:35 ----A---- C:\Windows\system32\jscript.dll
2013-06-24 03:01:34 ----A---- C:\Windows\system32\jscript9.dll
2013-06-24 03:01:33 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-06-24 03:01:31 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-06-24 03:01:31 ----A---- C:\Windows\system32\jsproxy.dll
2013-06-24 03:01:30 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-06-24 03:01:30 ----A---- C:\Windows\system32\wininet.dll
2013-06-24 03:01:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-06-24 03:00:59 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-06-24 03:00:59 ----A---- C:\Windows\system32\urlmon.dll
2013-06-24 03:00:58 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-06-24 03:00:58 ----A---- C:\Windows\system32\iertutil.dll
2013-06-24 03:00:57 ----A---- C:\Windows\system32\ieui.dll
2013-06-24 03:00:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-06-24 03:00:55 ----A---- C:\Windows\system32\ieframe.dll
2013-06-24 03:00:52 ----A---- C:\Windows\system32\mshtml.dll
2013-06-24 03:00:48 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-06-23 23:52:39 ----D---- C:\drop
2013-06-23 15:31:34 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-06-23 15:31:34 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-06-23 11:38:12 ----D---- C:\Program Files (x86)\Lineage II
2013-06-23 10:23:34 ----D---- C:\onga sys
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\url.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\wextract.exe
2013-06-23 03:04:00 ----A---- C:\Windows\system32\webcheck.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\vbscript.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\url.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-06-23 03:04:00 ----A---- C:\Windows\system32\pngfilt.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\occache.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-06-23 03:04:00 ----A---- C:\Windows\system32\msrating.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\msls31.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\mshtmler.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\mshtmled.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\mshta.exe
2013-06-23 03:04:00 ----A---- C:\Windows\system32\msfeedssync.exe
2013-06-23 03:04:00 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\licmgr10.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\inseng.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\imgutil.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\iexpress.exe
2013-06-23 03:04:00 ----A---- C:\Windows\system32\ieUnatt.exe
2013-06-23 03:04:00 ----A---- C:\Windows\system32\iepeers.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\iedkcs32.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\ieapfltr.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\ieapfltr.dat
2013-06-23 03:04:00 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\icardie.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\elshyph.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\dxtrans.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\dxtmsft.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-23 03:02:55 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-06-23 03:02:55 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-06-23 03:02:55 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-06-23 03:02:55 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-06-23 03:02:55 ----A---- C:\Windows\system32\XpsPrint.dll
2013-06-23 03:02:55 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-06-23 03:02:55 ----A---- C:\Windows\system32\WMPhoto.dll
2013-06-23 03:02:55 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-06-23 03:02:54 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-06-23 03:02:54 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-06-23 03:02:54 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-06-23 03:02:54 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-06-23 03:02:54 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-06-23 03:02:54 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-06-23 03:02:54 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-06-23 03:02:54 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-06-23 03:02:54 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-06-23 03:02:54 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-06-23 03:02:54 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-06-23 03:02:54 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-06-23 03:02:54 ----A---- C:\Windows\system32\UIAnimation.dll
2013-06-23 03:02:54 ----A---- C:\Windows\system32\FntCache.dll
2013-06-23 03:02:54 ----A---- C:\Windows\system32\dxgi.dll
2013-06-23 03:02:54 ----A---- C:\Windows\system32\DWrite.dll
2013-06-23 03:02:54 ----A---- C:\Windows\system32\d3d10warp.dll
2013-06-23 03:02:54 ----A---- C:\Windows\system32\d3d10level9.dll
2013-06-23 03:02:54 ----A---- C:\Windows\system32\d3d10core.dll
2013-06-23 03:02:54 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-06-23 03:02:54 ----A---- C:\Windows\system32\d3d10_1.dll
2013-06-23 03:02:54 ----A---- C:\Windows\system32\d3d10.dll
2013-06-23 03:02:54 ----A---- C:\Windows\system32\d2d1.dll
2013-06-22 23:48:50 ----D---- C:\l2 zaloha
2013-06-22 19:27:15 ----D---- C:\Users\ADMIN\AppData\Roaming\Nico Mak Computing
2013-06-22 19:27:09 ----A---- C:\Windows\system32\roboot64.exe
2013-06-22 19:26:18 ----D---- C:\Users\ADMIN\AppData\Roaming\uTorrent
2013-06-13 20:11:17 ----D---- C:\l2 sys
2013-06-12 19:11:41 ----SHD---- C:\ProgramData\SecuROM
2013-06-12 19:08:02 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-06-12 19:06:53 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-06-12 19:06:53 ----A---- C:\Windows\system32\win32spl.dll
2013-06-12 19:06:45 ----A---- C:\Windows\system32\cryptdlg.dll
2013-06-12 19:06:44 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2013-06-12 19:04:07 ----A---- C:\Windows\SYSWOW64\certutil.exe
2013-06-12 19:04:07 ----A---- C:\Windows\system32\crypt32.dll
2013-06-12 19:04:07 ----A---- C:\Windows\system32\certutil.exe
2013-06-12 19:04:06 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-06-12 19:04:06 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-06-12 19:04:06 ----A---- C:\Windows\system32\cryptsvc.dll
2013-06-12 19:04:06 ----A---- C:\Windows\system32\cryptnet.dll
2013-06-12 19:04:05 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-06-12 19:04:05 ----A---- C:\Windows\SYSWOW64\certenc.dll
2013-06-12 19:04:05 ----A---- C:\Windows\system32\certenc.dll
2013-06-12 19:03:05 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-06-12 19:03:05 ----A---- C:\Windows\system32\d3d11.dll
2013-06-11 20:08:43 ----D---- C:\gamigo
2013-06-11 19:41:31 ----D---- C:\Program Files (x86)\Rockstar Games
2013-06-11 18:11:34 ----D---- C:\Users\ADMIN\AppData\Roaming\GetRightToGo
2013-06-11 17:02:59 ----D---- C:\Users\ADMIN\AppData\Roaming\Mozilla
2013-06-11 16:45:08 ----D---- C:\gta4 crack

======List of files/folders modified in the last 1 month======

2013-07-07 13:53:30 ----D---- C:\Windows\system32\config
2013-07-07 11:43:29 ----D---- C:\Windows\system32\drivers
2013-07-07 11:43:24 ----D---- C:\Windows
2013-07-07 11:36:51 ----D---- C:\Windows\System32
2013-07-07 11:36:51 ----D---- C:\Windows\inf
2013-07-07 11:36:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-07 11:32:48 ----A---- C:\Windows\system.ini
2013-07-07 11:32:35 ----D---- C:\Windows\system32\drivers\etc
2013-07-07 11:32:13 ----D---- C:\ProgramData\NVIDIA
2013-07-07 11:28:03 ----D---- C:\Windows\Tasks
2013-07-07 11:25:20 ----D---- C:\Windows\SYSWOW64\drivers
2013-07-07 11:25:20 ----D---- C:\Windows\SysWOW64
2013-07-07 11:25:20 ----D---- C:\Windows\AppPatch
2013-07-07 11:25:18 ----D---- C:\Program Files (x86)\Common Files
2013-07-07 11:21:49 ----D---- C:\Windows\Prefetch
2013-07-07 08:22:10 ----D---- C:\Program Files\Google
2013-07-07 08:22:10 ----D---- C:\Program Files (x86)\Google
2013-07-06 21:21:21 ----RD---- C:\Program Files (x86)
2013-07-06 21:21:20 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-07-06 21:19:54 ----D---- C:\ProgramData
2013-07-06 21:19:52 ----SHD---- C:\Windows\Installer
2013-07-06 01:24:23 ----SHD---- C:\System Volume Information
2013-07-05 17:59:09 ----D---- C:\Program Files (x86)\Pando Networks
2013-07-04 22:08:29 ----D---- C:\Windows\system32\Tasks
2013-07-03 22:34:25 ----D---- C:\Program Files (x86)\Steam
2013-07-03 10:10:40 ----RD---- C:\Program Files
2013-06-30 22:57:16 ----D---- C:\Windows\system32\catroot2
2013-06-30 22:56:28 ----D---- C:\Windows\system32\appmgmt
2013-06-30 12:07:47 ----D---- C:\Windows\system32\catroot
2013-06-25 03:17:15 ----D---- C:\Windows\winsxs
2013-06-24 03:17:15 ----D---- C:\Program Files\Internet Explorer
2013-06-24 03:17:15 ----D---- C:\Program Files (x86)\Internet Explorer
2013-06-23 04:01:27 ----D---- C:\Windows\rescache
2013-06-23 03:21:38 ----D---- C:\Windows\SYSWOW64\migration
2013-06-23 03:21:38 ----D---- C:\Windows\SYSWOW64\en-US
2013-06-23 03:21:36 ----D---- C:\Windows\system32\migration
2013-06-23 03:21:36 ----D---- C:\Windows\system32\en-US
2013-06-23 03:21:36 ----D---- C:\Windows\PolicyDefinitions
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\it-IT
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\es-ES
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\el-GR
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\de-DE
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\da-DK
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-06-23 03:21:33 ----D---- C:\Windows\system32\pt-PT
2013-06-23 03:21:33 ----D---- C:\Windows\system32\pt-BR
2013-06-23 03:21:33 ----D---- C:\Windows\system32\pl-PL
2013-06-23 03:21:33 ----D---- C:\Windows\system32\ko-KR
2013-06-23 03:21:33 ----D---- C:\Windows\system32\it-IT
2013-06-23 03:21:32 ----D---- C:\Windows\system32\zh-TW
2013-06-23 03:21:32 ----D---- C:\Windows\system32\zh-HK
2013-06-23 03:21:32 ----D---- C:\Windows\system32\zh-CN
2013-06-23 03:21:32 ----D---- C:\Windows\system32\tr-TR
2013-06-23 03:21:32 ----D---- C:\Windows\system32\sv-SE
2013-06-23 03:21:32 ----D---- C:\Windows\system32\nl-NL
2013-06-23 03:21:32 ----D---- C:\Windows\system32\ja-JP
2013-06-23 03:21:32 ----D---- C:\Windows\system32\hu-HU
2013-06-23 03:21:32 ----D---- C:\Windows\system32\fr-FR
2013-06-23 03:21:32 ----D---- C:\Windows\system32\fi-FI
2013-06-23 03:21:32 ----D---- C:\Windows\system32\es-ES
2013-06-23 03:21:32 ----D---- C:\Windows\system32\el-GR
2013-06-23 03:21:32 ----D---- C:\Windows\system32\de-DE
2013-06-23 03:21:32 ----D---- C:\Windows\system32\cs-CZ
2013-06-23 03:21:31 ----D---- C:\Windows\system32\ru-RU
2013-06-23 03:21:31 ----D---- C:\Windows\system32\nb-NO
2013-06-23 03:21:31 ----D---- C:\Windows\system32\da-DK
2013-06-23 03:06:13 ----D---- C:\Windows\Logs
2013-06-22 19:29:09 ----D---- C:\Windows\system32\LogFiles
2013-06-17 03:13:38 ----RSD---- C:\Windows\assembly
2013-06-17 03:13:38 ----D---- C:\Windows\Microsoft.NET
2013-06-17 03:03:40 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-06-16 18:31:24 ----D---- C:\Program Files (x86)\Diablo III
2013-06-13 03:03:17 ----A---- C:\Windows\system32\MRT.exe
2013-06-12 19:40:24 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-06-12 19:06:40 ----SD---- C:\ProgramData\Microsoft
2013-06-11 16:28:28 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-06-11 16:10:31 ----SD---- C:\Users\ADMIN\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-03-06 65336]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-03-06 70992]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-06 1025808]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-06 377920]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-06 68920]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-05-13 283200]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-06 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-25 194848]
R3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-06 178624]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-06 45248]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Mobile Broadband HL Service;Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [2012-06-28 233344]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-05-12 884512]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-05-16 1826592]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-05-12 413472]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2013-05-20 5086240]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-06-06 543656]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-05-15 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe a ulozte nejlepe na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands) Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: ADMIN
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 40029084 bytes
->Java cache emptied: 393340 bytes
->Google Chrome cache emptied: 202761229 bytes
->Flash cache emptied: 21907 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 246488 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 991915 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 233.00 mb


[EMPTYFLASH]

User: ADMIN
->Flash cache emptied: 0 bytes

User: All Users

User: Default

User: Default User

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTM Restore Point
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Program Files\Updater By Sweetpacks folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DEDAF650-12B8-48f5-A843-BBA100716106}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DEDAF650-12B8-48f5-A843-BBA100716106}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Nvtmru not found.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4StoryPrePatch\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg\ deleted successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 07072013_194615

Files moved on Reboot...
C:\Users\ADMIN\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\ADMIN\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

Registry entries deleted on Reboot...

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

vyosek píše: T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak dejte novy log z RSIT a napiste, jak je na tom pc. A pokud bude vse v poradku, mame hotovo.




15.9. pro neaktivitu http://forum.viry.cz/viewtopic.php?f=12&t=123975