Prosím o překontrolování logu,chtěl se mi tam dostat worm:)

Zpráva

daveing · #1 Příspěvek od **daveing** » 03 říj 2012 08:42

Logfile of random's system information tool 1.09 (written by random/random)
Run by Daveing at 2012-10-03 09:37:42
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 47 GB (37%) free of 128 GB
Total RAM: 2814 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:38:25, on 3.10.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Lenovo\EnergyCut\EnergyCut.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows NT\Accessories\wordpad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_278.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_278.exe
C:\Users\Daveing\Desktop\RSIT.exe
C:\Program Files\trend micro\Daveing.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [EnergyCut] C:\Program Files\Lenovo\EnergyCut\EnergyCut.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe
O4 - HKLM\..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Daveing\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Daveing\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\System32\guard32.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PEVSystemStart - Unknown owner - C:\ComboFix\pev.3XE
O23 - Service: S3Funkey - Unknown owner - C:\Program.exe (file missing)
O23 - Service: S3LoadSv - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe

--
End of file - 5522 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3195545342-3748683088-36476787-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3195545342-3748683088-36476787-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3195545342-3748683088-36476787-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3195545342-3748683088-36476787-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Daveing\AppData\Roaming\Mozilla\Firefox\Profiles\ibj824qz.default

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.278 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
amazondotcom.xml
bing.xml
eBay.xml
google.xml
twitter.xml
wikipedia.xml
yahoo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-10 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-10 157672]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-03-12 6749512]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-03-31 2221352]
"EnergyCut"=C:\Program Files\Lenovo\EnergyCut\EnergyCut.exe [2007-03-09 1167360]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-06-16 7547424]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-06-16 1833504]
"EnergyUtility"=C:\Program Files\Lenovo\Energy Management\utility.exe [2009-05-27 4077384]
"Energy Management"=C:\Program Files\Lenovo\Energy Management\Energy Management.exe [2009-05-22 5064520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]
"Facebook Update"=C:\Users\Daveing\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-24 138096]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-07-13 17420464]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 354304]
"Google Update"=C:\Users\Daveing\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-19 116648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\launcher.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-10-03 09:37:42 ----D---- C:\rsit
2012-09-30 18:35:00 ----D---- C:\Users\Daveing\AppData\Roaming\Mozilla
2012-09-30 18:34:49 ----D---- C:\ProgramData\Mozilla
2012-09-30 18:34:46 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-09-30 18:34:43 ----D---- C:\Program Files\Mozilla Firefox
2012-09-30 16:33:46 ----HD---- C:\VritualRoot
2012-09-29 14:20:23 ----A---- C:\Windows\system32\FNTCACHE.DAT
2012-09-26 15:06:23 ----A---- C:\Windows\system32\OxpsConverter.exe
2012-09-22 20:58:16 ----D---- C:\Program Files\Common Files\Skype
2012-09-22 14:34:23 ----A---- C:\Windows\system32\mshtmled.dll
2012-09-22 14:34:22 ----A---- C:\Windows\system32\vbscript.dll
2012-09-22 14:34:20 ----A---- C:\Windows\system32\jsproxy.dll
2012-09-22 14:34:17 ----A---- C:\Windows\system32\ieUnatt.exe
2012-09-22 14:34:17 ----A---- C:\Windows\system32\ieui.dll
2012-09-22 14:34:16 ----A---- C:\Windows\system32\msfeeds.dll
2012-09-22 14:34:10 ----A---- C:\Windows\system32\wininet.dll
2012-09-22 14:34:09 ----A---- C:\Windows\system32\jscript.dll
2012-09-22 14:34:06 ----A---- C:\Windows\system32\url.dll
2012-09-22 14:34:06 ----A---- C:\Windows\system32\jscript9.dll
2012-09-22 14:34:01 ----A---- C:\Windows\system32\iertutil.dll
2012-09-22 14:33:51 ----A---- C:\Windows\system32\urlmon.dll
2012-09-22 14:33:36 ----A---- C:\Windows\system32\ieframe.dll
2012-09-22 14:33:30 ----A---- C:\Windows\system32\mshtml.dll
2012-09-14 13:46:26 ----A---- C:\Windows\system32\TURegOpt.exe
2012-09-14 13:46:13 ----A---- C:\Windows\system32\authuitu.dll
2012-09-14 13:44:22 ----D---- C:\Program Files\TuneUp Utilities 2012
2012-09-11 22:02:03 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-09-11 22:02:03 ----A---- C:\Windows\system32\drivers\netio.sys
2012-09-11 22:02:03 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2012-09-11 22:02:02 ----A---- C:\Windows\system32\d3d10level9.dll
2012-09-11 22:02:01 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2012-09-11 22:02:01 ----A---- C:\Windows\system32\drivers\ndis.sys
2012-09-10 16:16:52 ----A---- C:\Windows\system32\javaws.exe
2012-09-10 16:16:05 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2012-09-10 16:16:05 ----A---- C:\Windows\system32\javaw.exe
2012-09-10 16:16:05 ----A---- C:\Windows\system32\java.exe
2012-09-10 16:15:44 ----D---- C:\Program Files\Java
2012-09-09 21:53:40 ----D---- C:\Program Files\Polda 5
2012-09-09 16:20:20 ----D---- C:\Program Files\Porrasturvat
2012-09-08 09:26:17 ----SHD---- C:\$RECYCLE.BIN
2012-09-07 23:06:39 ----SD---- C:\ComboFix
2012-09-07 21:04:50 ----D---- C:\Windows\system32\appmgmt
2012-09-07 20:42:47 ----D---- C:\Users\Daveing\AppData\Roaming\Thinking Minds Budiling Bytes
2012-09-07 20:41:32 ----D---- C:\Program Files\CubeDesktop

======List of files/folders modified in the last 1 month======

2012-10-03 09:38:04 ----D---- C:\Windows\Temp
2012-10-03 09:37:54 ----D---- C:\Windows\Prefetch
2012-10-03 09:37:45 ----D---- C:\Program Files\trend micro
2012-10-03 09:32:35 ----D---- C:\Windows\System32
2012-10-03 09:32:35 ----D---- C:\Windows\inf
2012-10-03 09:32:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-10-03 09:09:46 ----D---- C:\Users\Daveing\AppData\Roaming\Skype
2012-10-03 07:57:11 ----D---- C:\Windows\system32\config
2012-10-01 17:58:51 ----D---- C:\Windows\system32\catroot2
2012-10-01 07:56:00 ----RD---- C:\Program Files
2012-09-30 21:21:31 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-09-30 21:20:43 ----D---- C:\ProgramData\Adobe
2012-09-30 18:34:49 ----HD---- C:\ProgramData
2012-09-30 18:11:34 ----D---- C:\Windows\system32\Tasks
2012-09-30 18:11:33 ----D---- C:\Windows\Tasks
2012-09-30 16:35:58 ----SHD---- C:\Windows\Installer
2012-09-30 11:38:42 ----D---- C:\Windows\rescache
2012-09-29 14:20:43 ----D---- C:\Windows
2012-09-27 20:44:08 ----D---- C:\Users\Daveing\AppData\Roaming\.purple
2012-09-26 15:06:41 ----D---- C:\Windows\winsxs
2012-09-26 15:05:46 ----D---- C:\Windows\system32\catroot
2012-09-25 17:46:34 ----D---- C:\Program Files\CCleaner
2012-09-25 17:44:49 ----D---- C:\Users\Daveing\AppData\Roaming\DAEMON Tools Lite
2012-09-22 20:58:30 ----D---- C:\ProgramData\Skype
2012-09-22 20:58:16 ----RD---- C:\Program Files\Skype
2012-09-22 20:58:16 ----D---- C:\Program Files\Common Files
2012-09-22 20:56:15 ----D---- C:\Windows\system32\drivers
2012-09-22 20:54:31 ----D---- C:\Program Files\Synaptics
2012-09-22 18:40:14 ----D---- C:\Windows\SoftwareDistribution
2012-09-22 17:25:32 ----D---- C:\Windows\system32\migration
2012-09-22 17:25:31 ----D---- C:\Program Files\Internet Explorer
2012-09-15 18:12:33 ----RD---- C:\Users
2012-09-15 15:00:46 ----SHD---- C:\System Volume Information
2012-09-12 21:08:10 ----D---- C:\Windows\debug
2012-09-12 01:57:37 ----D---- C:\Windows\system32\DriverStore
2012-09-11 22:03:37 ----A---- C:\Windows\system32\MRT.exe
2012-09-10 16:15:47 ----A---- C:\Windows\system32\npDeployJava1.dll
2012-09-10 16:15:47 ----A---- C:\Windows\system32\deployJava1.dll
2012-09-09 16:58:50 ----D---- C:\Program Files\SpeedFan
2012-09-04 17:26:09 ----SD---- C:\Users\Daveing\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2011-03-18 25240]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2012-03-12 19600]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2012-03-12 491816]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-04 242240]
R1 LenovoVCD;LenovoVCD; \??\C:\Program Files\Lenovo\Energy Management\LenovoVCD.sys [2009-02-14 16200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2009-05-19 21520]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2012-06-19 374648]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-08 2506232]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-06-16 2375776]
R3 S3GIGP;S3GIGP; C:\Windows\system32\DRIVERS\VTGKModeDX32.sys [2009-09-18 978944]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-03-31 1335472]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [2011-12-12 10064]
R3 vcrdrx32;VIA MSP Cardreader Host Controller; C:\Windows\system32\DRIVERS\vcrdrx32.sys [2009-05-20 92160]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\Users\Daveing\AppData\Local\Temp\catchme.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-03-12 1983232]
R2 S3Funkey;S3Funkey; C:\Program Files\s3graphics\chrome3\s3funkey.svc [2009-09-10 469504]
R2 S3LoadSv;S3LoadSv; C:\Program Files\s3graphics\chrome3\s3loadsv.svc [2009-09-10 417280]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2012-05-29 1528672]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-27 116648]
S2 PEVSystemStart;PEVSystemStart; C:\ComboFix\pev.3XE [2011-06-26 256000]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-30 250288]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-27 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-06 114144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-07-23 1343400]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 03 říj 2012 17:43

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\ComboFix\pev.3XE
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3195545342-3748683088-36476787-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3195545342-3748683088-36476787-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3195545342-3748683088-36476787-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3195545342-3748683088-36476787-1000UA.job
C:\Users\Daveing\AppData\Local\Facebook\Update

:services
PEVSystemStart

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

daveing · #3 Příspěvek od **daveing** » 22 říj 2012 21:32

Tu je:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Daveing at 2012-10-22 22:30:46
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 35 GB (27%) free of 128 GB
Total RAM: 2814 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:31:25, on 22.10.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Lenovo\EnergyCut\EnergyCut.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Users\Daveing\Downloads\RSIT.exe
C:\Program Files\trend micro\Daveing.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [EnergyCut] C:\Program Files\Lenovo\EnergyCut\EnergyCut.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe
O4 - HKLM\..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\System32\guard32.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: S3Funkey - Unknown owner - C:\Program.exe (file missing)
O23 - Service: S3LoadSv - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe

--
End of file - 5428 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Daveing\AppData\Roaming\Mozilla\Firefox\Profiles\ibj824qz.default

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
amazondotcom.xml
bing.xml
eBay.xml
google.xml
twitter.xml
wikipedia.xml
yahoo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-25 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{876d9f09-c6d6-4324-a2cc-04dd9a4de12f}]
Microsoft Web Test Recorder 10.0 Helper - C:\Program Files\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2012-07-26 74888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-25 155384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-03-12 6749512]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-03-31 2221352]
"EnergyCut"=C:\Program Files\Lenovo\EnergyCut\EnergyCut.exe [2007-03-09 1167360]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-06-16 7547424]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-06-16 1833504]
"EnergyUtility"=C:\Program Files\Lenovo\Energy Management\utility.exe [2009-05-27 4077384]
"Energy Management"=C:\Program Files\Lenovo\Energy Management\Energy Management.exe [2009-05-22 5064520]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-07-13 17420464]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 354304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\launcher.exe]
"Debugger=""C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-10-22 22:30:47 ----D---- C:\Program Files\trend micro
2012-10-22 21:03:58 ----A---- C:\Windows\system32\FNTCACHE.DAT
2012-10-22 15:57:48 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2012-10-22 15:57:48 ----A---- C:\Windows\system32\javaw.exe
2012-10-22 15:57:48 ----A---- C:\Windows\system32\java.exe
2012-10-22 15:31:24 ----D---- C:\Users\Daveing\AppData\Roaming\BSplayer Pro
2012-10-22 15:31:24 ----D---- C:\Users\Daveing\AppData\Roaming\BSplayer
2012-10-22 15:31:23 ----D---- C:\Program Files\BSPlayer
2012-10-21 15:43:20 ----D---- C:\Program Files\Need For Extreme
2012-10-21 15:39:39 ----D---- C:\Program Files\Goof Ball
2012-10-21 14:44:43 ----D---- C:\Program Files\Two Worlds Pinball
2012-10-16 10:03:42 ----D---- C:\ProgramData\Microsoft Visual Studio
2012-10-15 21:44:41 ----D---- C:\Users\Daveing\AppData\Roaming\NuGet
2012-10-15 18:26:14 ----D---- C:\Program Files\Microsoft Silverlight
2012-10-15 18:21:00 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2012-10-15 18:18:40 ----D---- C:\Program Files\Application Verifier
2012-10-15 18:17:52 ----D---- C:\ProgramData\Windows App Certification Kit
2012-10-15 18:15:11 ----D---- C:\Program Files\Common Files\Microsoft
2012-10-15 18:13:51 ----D---- C:\ProgramData\PreEmptive Solutions
2012-10-15 18:06:22 ----D---- C:\Program Files\Microsoft ASP.NET
2012-10-15 18:04:48 ----D---- C:\Program Files\Microsoft Web Tools
2012-10-15 18:03:16 ----D---- C:\Program Files\Microsoft
2012-10-15 18:02:24 ----D---- C:\Program Files\IIS Express
2012-10-15 18:00:53 ----D---- C:\Program Files\NuGet
2012-10-15 18:00:23 ----D---- C:\Program Files\Microsoft WCF Data Services
2012-10-15 17:59:49 ----D---- C:\Program Files\IIS
2012-10-15 17:54:40 ----A---- C:\Windows\system32\D3DX9_43.dll
2012-10-15 17:54:07 ----D---- C:\Program Files\Windows Kits
2012-10-15 17:31:04 ----D---- C:\Program Files\HTML Help Workshop
2012-10-15 17:29:54 ----D---- C:\Program Files\Microsoft Help Viewer
2012-10-15 17:26:16 ----D---- C:\Windows\system32\1033
2012-10-15 17:25:41 ----D---- C:\Program Files\Microsoft SQL Server
2012-10-15 17:17:08 ----D---- C:\Program Files\Microsoft SDKs
2012-10-15 17:17:04 ----D---- C:\Program Files\Common Files\Merge Modules
2012-10-15 17:17:01 ----D---- C:\Windows\symbols
2012-10-15 16:55:55 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2012-10-15 15:40:20 ----D---- C:\c6495086fd538e8aab04d80241cbb2
2012-10-15 15:10:21 ----D---- C:\Program Files\Microsoft Visual Studio 11.0
2012-10-15 14:57:27 ----D---- C:\ProgramData\Package Cache
2012-10-10 14:52:58 ----D---- C:\_OTM
2012-10-10 07:56:32 ----A---- C:\Windows\system32\kernel32.dll
2012-10-10 07:56:31 ----A---- C:\Windows\system32\winsrv.dll
2012-10-10 07:56:31 ----A---- C:\Windows\system32\KernelBase.dll
2012-10-10 07:56:31 ----A---- C:\Windows\system32\conhost.exe
2012-10-10 07:56:30 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-10 07:56:30 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-10-10 07:56:30 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-10-10 07:56:30 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-10 07:56:30 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-10-10 07:56:30 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-10 07:56:30 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-10 07:56:30 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-10 07:56:30 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-10-10 07:56:30 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-10-10 07:56:30 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-10 07:56:29 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-10-10 07:56:29 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-10 07:56:29 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-10-10 07:56:29 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-10 07:56:29 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-10-10 07:56:29 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-10 07:56:29 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-10-10 07:56:29 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-10 07:56:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-10-10 07:56:29 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-10-10 07:56:29 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-10-10 07:56:29 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-10 07:56:29 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-10 07:56:29 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-10 07:56:29 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-10-10 07:56:29 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-10 07:56:28 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-10-10 07:56:14 ----A---- C:\Windows\system32\tzres.dll
2012-10-10 07:56:03 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-10-10 07:56:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-10-10 07:56:00 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-10-10 07:55:13 ----A---- C:\Windows\system32\wintrust.dll
2012-10-10 07:55:07 ----A---- C:\Windows\system32\cryptsvc.dll
2012-10-10 07:55:07 ----A---- C:\Windows\system32\cryptnet.dll
2012-10-10 07:55:07 ----A---- C:\Windows\system32\crypt32.dll
2012-10-10 07:54:49 ----A---- C:\Windows\system32\kerberos.dll
2012-10-03 16:34:25 ----D---- C:\Users\Daveing\AppData\Roaming\LibreOffice
2012-10-03 16:32:02 ----D---- C:\Program Files\LibreOffice 3.6
2012-10-03 09:37:42 ----D---- C:\rsit
2012-09-30 18:35:00 ----D---- C:\Users\Daveing\AppData\Roaming\Mozilla
2012-09-30 18:34:49 ----D---- C:\ProgramData\Mozilla
2012-09-30 18:34:46 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-09-30 18:34:43 ----D---- C:\Program Files\Mozilla Firefox
2012-09-30 16:33:46 ----HD---- C:\VritualRoot
2012-09-26 15:06:23 ----A---- C:\Windows\system32\OxpsConverter.exe

======List of files/folders modified in the last 1 month======

2012-10-22 22:31:22 ----D---- C:\Windows\Temp
2012-10-22 22:30:47 ----RD---- C:\Program Files
2012-10-22 22:14:29 ----D---- C:\Users\Daveing\AppData\Roaming\Skype
2012-10-22 21:04:22 ----D---- C:\Windows
2012-10-22 21:03:58 ----D---- C:\Windows\System32
2012-10-22 17:55:31 ----D---- C:\Windows\system32\config
2012-10-22 15:58:40 ----SHD---- C:\Windows\Installer
2012-10-22 15:57:48 ----D---- C:\Program Files\Java
2012-10-22 15:31:39 ----D---- C:\Windows\Prefetch
2012-10-21 17:51:01 ----D---- C:\Windows\inf
2012-10-21 14:45:57 ----RSD---- C:\Windows\Fonts
2012-10-21 12:25:34 ----D---- C:\Users\Daveing\AppData\Roaming\.purple
2012-10-18 15:31:10 ----D---- C:\Windows\system32\NDF
2012-10-17 09:09:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-10-16 15:51:26 ----D---- C:\Windows\Logs
2012-10-16 10:03:42 ----HD---- C:\ProgramData
2012-10-15 19:36:58 ----D---- C:\Windows\Microsoft.NET
2012-10-15 19:36:27 ----RSD---- C:\Windows\assembly
2012-10-15 18:40:16 ----SD---- C:\Users\Daveing\AppData\Roaming\Microsoft
2012-10-15 18:40:16 ----SD---- C:\ProgramData\Microsoft
2012-10-15 18:23:13 ----D---- C:\Windows\winsxs
2012-10-15 18:15:11 ----D---- C:\Program Files\Common Files
2012-10-15 18:13:03 ----D---- C:\Program Files\MSBuild
2012-10-15 18:11:23 ----D---- C:\Program Files\Common Files\microsoft shared
2012-10-15 17:01:51 ----D---- C:\Windows\system32\en-US
2012-10-15 16:56:01 ----D---- C:\ProgramData\Comodo
2012-10-15 15:00:20 ----D---- C:\Windows\system32\catroot
2012-10-15 14:59:26 ----D---- C:\Windows\SoftwareDistribution
2012-10-14 14:25:01 ----D---- C:\Program Files\Rockstar Games
2012-10-13 11:43:01 ----D---- C:\Windows\debug
2012-10-12 18:26:53 ----D---- C:\Windows\rescache
2012-10-12 16:34:43 ----D---- C:\Windows\system32\catroot2
2012-10-10 14:53:06 ----SD---- C:\ComboFix
2012-10-10 14:53:06 ----D---- C:\Windows\Tasks
2012-10-10 08:09:03 ----D---- C:\Windows\system32\drivers
2012-10-10 07:58:41 ----A---- C:\Windows\system32\MRT.exe
2012-10-09 19:13:41 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-10-05 01:51:40 ----SHD---- C:\System Volume Information
2012-10-03 16:33:33 ----D---- C:\Windows\ShellNew
2012-09-30 21:21:48 ----D---- C:\ProgramData\Adobe
2012-09-30 18:11:34 ----D---- C:\Windows\system32\Tasks
2012-09-30 16:36:00 ----D---- C:\Windows\system32\appmgmt
2012-09-25 17:46:34 ----D---- C:\Program Files\CCleaner
2012-09-25 17:44:49 ----D---- C:\Users\Daveing\AppData\Roaming\DAEMON Tools Lite

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2011-03-18 25240]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2012-03-12 19600]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2012-03-12 491816]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 LenovoVCD;LenovoVCD; \??\C:\Program Files\Lenovo\Energy Management\LenovoVCD.sys [2009-02-14 16200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2009-05-19 21520]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2012-06-19 374648]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-08 2506232]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-04 242240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-06-16 2375776]
R3 S3GIGP;S3GIGP; C:\Windows\system32\DRIVERS\VTGKModeDX32.sys [2009-09-18 978944]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-03-31 1335472]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [2011-12-12 10064]
R3 vcrdrx32;VIA MSP Cardreader Host Controller; C:\Windows\system32\DRIVERS\vcrdrx32.sys [2009-05-20 92160]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\Users\Daveing\AppData\Local\Temp\catchme.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 VSPerfDrv110;Performance Tools Driver 11.0; \??\C:\Program Files\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\VSPerfDrv110.sys [2012-07-13 55416]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-03-12 1983232]
R2 S3Funkey;S3Funkey; C:\Program Files\s3graphics\chrome3\s3funkey.svc [2009-09-10 469504]
R2 S3LoadSv;S3LoadSv; C:\Program Files\s3graphics\chrome3\s3loadsv.svc [2009-09-10 417280]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-02-11 105048]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2012-05-29 1528672]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-27 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 fussvc;Windows App Certification Kit Fast User Switching Utility Service; C:\Program Files\Windows Kits\8.0\App Certification Kit\fussvc.exe [2012-07-25 133632]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-27 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-11 115168]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Te.Service;Te.Service; C:\Program Files\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-07-25 94208]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-07-23 1343400]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2012-07-09 46528]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139680]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139680]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139680]

-----------------EOF-----------------

a jsou nějaké problémy, nějaký třeba malware, či cokoliv podobného, co by tento test nezjistil?

#4 Příspěvek od **Rudy** » 22 říj 2012 21:57

Log je již OK. Spusťte znovu OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Pak restartujte PC. Pro jistotu proveďte ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

daveing · #5 Příspěvek od **daveing** » 26 říj 2012 08:27

Tak jiz jsem upgradoval na Win8, takze tento prispevek muzem ukoncit,dekuji;)
Jen jsem se chtel zeptat, jestli se tu zabyvate i ovladacema a kde je najit a tak, dekuji a preji prijemny den

#6 Příspěvek od **Rudy** » 26 říj 2012 16:37

S ovladači je rada jednoduchá: Podle typu hardwaru a oper. systému hledejte na webu výrobce. Nemáte zač!

VIRY.CZ

Prosím o překontrolování logu,chtěl se mi tam dostat worm:)

Prosím o překontrolování logu,chtěl se mi tam dostat worm:)

Re: Prosím o překontrolování logu,chtěl se mi tam dostat wor

Re: Prosím o překontrolování logu,chtěl se mi tam dostat wor

Re: Prosím o překontrolování logu,chtěl se mi tam dostat wor

Re: Prosím o překontrolování logu,chtěl se mi tam dostat wor

Re: Prosím o překontrolování logu,chtěl se mi tam dostat wor