VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Vyskakovanie okna

https://forum.viry.cz:443/viewtopic.php?t=126105

Stránka 1 z 2

Vyskakovanie okna

Napsal: 26 lis 2012 21:29
od ZelenyPirat
Zdravím, nevedel som kam to dať do ktorej sekcie tak to píšem sem, od doby ako som sa snažil nainštalovať Assassins Creed 3, mi vyskakuje takéto okno hned po zapnutí PC:
Obrázek
Pritom neviem o tom že by som inštaloval nejaký update do toho alebo nejaký nebezpečný program....
Píše tam niečo tom driveri A, ked dam Tento počitač, ukazuje mi tam disketovu mechaniku lenže ja takú v PC ani nemám, a ked na to kliknem spomaly mi celý PC a napíše že "Neodpovída"
Uz mi to robí asi 3-4 deň a začal mi celý PC pracovať pomalšie, je celý zamrznutý a využitie procesora mi píše 100%, RAM 50%

Nevedel by niekto poradiť čo s tým? :(

Re: Vyskakovanie okna

Napsal: 26 lis 2012 22:10
od Rudy
Také zdravím!
Hláška se týká disketové jednotky. Pokud ji v PC nemáte, vstupte do biosu a zakažte ji (diskettte dejte na >not installed<).

Re: Vyskakovanie okna

Napsal: 26 lis 2012 22:34
od ZelenyPirat
Dakujem za odpoved, spravil som, okno nevyskočilo už :) lenže stále mám využitie procesora 100% a počitač pracuje uplne pomaly skúsil som prečistiť cez CCleaner aj cez Eset som preskenoval celý PC tam našlo jeden virus ktory hned aj vymazalo no napriek tomu som nejaké zrychlenie nezaznamenal...predtým mi to však nerobilo...hodiť nejaký log alebo niečo podobné?

Re: Vyskakovanie okna

Napsal: 26 lis 2012 23:09
od Rudy
Dejte log RSIT: http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 .

Re: Vyskakovanie okna

Napsal: 27 lis 2012 17:29
od ZelenyPirat
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jano at 2012-11-27 17:27:40
Microsoft Windows 7 Home Premium
System drive C: has 16 GB (10%) free of 153 GB
Total RAM: 4094 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:27:44, on 27. 11. 2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kodak\KODAK Share Button App\Listener.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Users\Jano\AppData\Local\Google\Chrome\Application\old_chrome.exe
C:\Users\Jano\AppData\Local\Google\Chrome\Application\old_chrome.exe
C:\Users\Jano\AppData\Local\Google\Chrome\Application\old_chrome.exe
C:\Users\Jano\AppData\Local\Google\Chrome\Application\old_chrome.exe
C:\Users\Jano\AppData\Local\Google\Chrome\Application\old_chrome.exe
C:\Users\Jano\AppData\Local\Google\Chrome\Application\old_chrome.exe
C:\Users\Jano\AppData\Local\Google\Chrome\Application\old_chrome.exe
C:\Users\Jano\AppData\Local\Google\Chrome\Application\old_chrome.exe
C:\Users\Jano\AppData\Local\Google\Chrome\Application\old_chrome.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files\trend micro\Jano.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000. ... B1A399FB11}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000. ... B1A399FB11}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=vsl&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BrowserPlugin - {1C749E08-6B62-11E0-B6DA-075F4824019B} - C:\Users\Jano\AppData\Local\GamePlayLabs Plugin\BHO.dll (file missing)
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\bh\facemoods.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: GamePlayLabsBHO - {984A9162-8891-4D19-8CFE-17648BB4E1EC} - C:\Users\Jano\AppData\Local\GamePlayLabs Plugin\BHO.dll (file missing)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Run: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\facemoodssrv.exe" /md I
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EPSON SX510W Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.EXE /FU "C:\Windows\TEMP\E_S460A.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [RGSC] D:\Hry\Inštalované\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jano\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [Windows Explorer] C:\Users\Jano\msdata\iexplorer.exe
O4 - HKCU\..\Run: [IRC] C:\Users\Jano\.filestore\Documents\Windows\ircserver.exe
O4 - HKCU\..\Run: [Win Update] C:\Users\Jano\AppData\Roaming\Win Update.exe
O4 - HKCU\..\Run: [DLLService] C:\Users\Jano\.filestore\Documents\Windows\igfxservice.exe
O4 - HKCU\..\Run: [CommandUtilities] C:\Users\Jano\.filestore\Documents\Windows\svuhost.exe
O4 - HKCU\..\Run: [WindowsDefender] C:\Users\Jano\.filestore\Documents\Windows\firewall.exe
O4 - HKCU\..\Run: [WindowsWorker] C:\Users\Jano\.filestore\Documents\Windows\winworker.exe
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 17232 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {C439D219-63C0-48A2-A5EF-D853BB7AADC8}
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Kodak\KODAK Share Button App\Listener.exe"
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
"C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait
"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\x64\saHook.dll", saHooker_Initialize_and_Wait
"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2624
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe"
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe"
"C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
"C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe" -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a4edd1c5-9024-4710-8c06-c8bd6ab5770d -SystemEventPortName:HostProcess-8e0e2609-8226-4bce-a3d2-e530a7e763f5 -IoCancelEventPortName:HostProcess-b5270401-051d-44ab-a66a-78e85f3c4373 -NonStateChangingEventPortName:HostProcess-e790198a-5b87-4c56-bf3e-0fc59c92e80f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b1a9995b-3934-4d0a-8bc8-647970fd1919 -DeviceGroupId:WpdFsGroup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\Jano\msdata\explorer.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Jano\AppData\Local\Google\Chrome\Application\old_chrome.exe"
"C:\Users\Jano\AppData\Local\Google\Chrome\Application\old_chrome.exe" --type=gpu-process --channel="5192.1.620900378\1233204207" --gpu-vendor-id=0x1002 --gpu-device-id=0x68b8 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=9.10.8.0 --ignored=" --type=renderer " /prefetch:12
"C:\Users\Jano\AppData\Local\Google\Chrome\Application\old_chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/0/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd16/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --extension-process --renderer-print-preview --channel="5192.2.185138913\825962062" /prefetch:3
"C:\Users\Jano\AppData\Local\Google\Chrome\Application\old_chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/0/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd16/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --extension-process --renderer-print-preview --channel="5192.3.367869939\1272940342" /prefetch:3
"C:\Users\Jano\AppData\Local\Google\Chrome\Application\old_chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/0/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd16/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --extension-process --renderer-print-preview --channel="5192.4.906239774\116025775" /prefetch:3
"C:\Users\Jano\AppData\Local\Google\Chrome\Application\old_chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/0/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd16/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --extension-process --renderer-print-preview --channel="5192.5.1909646834\1854025530" /prefetch:3
"C:\Users\Jano\AppData\Local\Google\Chrome\Application\old_chrome.exe" --type=plugin --plugin-path="C:\Users\Jano\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.123.1_0\McChPlg.dll" --lang=sk --channel="5192.6.1239130922\989394207" /prefetch:4
"C:\Users\Jano\AppData\Local\Google\Chrome\Application\old_chrome.exe" --type=plugin --plugin-path="C:\Users\Jano\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll" --lang=sk --channel="5192.7.1155976916\214965161" /prefetch:4
taskeng.exe {C275F966-167F-44AF-A06B-BC6ED9289EDD}
"C:\Users\Jano\AppData\Local\Google\Chrome\Application\old_chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/0/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd16/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="5192.8.1632097805\8708953" /prefetch:3
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
HydraDM64.exe -h:328296 "Maximize to full desktop" "Maximize to window corners" "Restore desktop"
"C:\Users\Jano\Downloads\RSITx64 (1).exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Epson Printer Software Downloader.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2858087475-1341382447-2249875837-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2858087475-1341382447-2249875837-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2012-10-17 322856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-23 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C749E08-6B62-11E0-B6DA-075F4824019B}]
BrowserPlugin - C:\Users\Jano\AppData\Local\GamePlayLabs Plugin\BHO.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-10-26 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
CescrtHlpr Object - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\bh\facemoods.dll [2010-10-26 262144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 453504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{984A9162-8891-4D19-8CFE-17648BB4E1EC}]
GamePlayLabsBHO Class - C:\Users\Jano\AppData\Local\GamePlayLabs Plugin\BHO.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2012-10-17 262080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 157576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-23 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25 1548096]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2012-10-17 322856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2012-10-17 262080]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-08-18 8067616]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2012-03-07 4081008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"EPSON SX510W Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.EXE [2008-11-20 223232]
"RGSC"=D:\Hry\Inštalované\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe /silent []
"Google Update"=C:\Users\Jano\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-05 136176]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2011-06-20 2736128]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2012-09-12 445624]
"Windows Explorer"=C:\Users\Jano\msdata\iexplorer.exe [2012-11-22 56832]
"IRC"=C:\Users\Jano\.filestore\Documents\Windows\ircserver.exe [2012-11-22 56832]
"Win Update"=C:\Users\Jano\AppData\Roaming\Win Update.exe [2012-11-24 837632]
"DLLService"=C:\Users\Jano\.filestore\Documents\Windows\igfxservice.exe [2012-11-24 43520]
"CommandUtilities"=C:\Users\Jano\.filestore\Documents\Windows\svuhost.exe [2012-11-25 43520]
"WindowsDefender"=C:\Users\Jano\.filestore\Documents\Windows\firewall.exe [2012-11-26 43520]
"WindowsWorker"=C:\Users\Jano\.filestore\Documents\Windows\winworker.exe [2012-11-26 43520]
"HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2009-11-04 380928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
D:\Hry\Inštalované\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCU"=C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [2009-08-04 346320]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"EEventManager"=C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe [2009-01-12 669520]
"facemoods"=C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\facemoodssrv.exe [2010-10-26 323584]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]
"SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2012-10-04 115032]
"Sweetpacks Communicator"=C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-08-15 231768]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-11-12 642216]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-11-19 2254768]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-11-27 17:08:58 ----D---- C:\rsit
2012-11-27 17:08:58 ----D---- C:\Program Files\trend micro
2012-11-24 21:26:54 ----RASH---- C:\Users\Jano\AppData\Roaming\Win Update.exe
2012-11-24 18:11:57 ----D---- C:\Users\Jano\AppData\Roaming\HEWGBhyj HJERe
2012-11-21 21:23:53 ----D---- C:\Users\Jano\AppData\Roaming\Theta
2012-11-20 15:12:15 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2012-11-19 19:31:20 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2012-11-16 18:08:57 ----D---- C:\Program Files (x86)\Activision
2012-11-16 14:56:06 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2012-11-16 14:56:05 ----A---- C:\Windows\system32\Wdfres.dll
2012-11-16 14:56:05 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2012-11-16 14:52:07 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-11-16 14:52:07 ----A---- C:\Windows\system32\mshtmled.dll
2012-11-16 14:52:06 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-11-16 14:52:06 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-11-16 14:52:06 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-11-16 14:52:06 ----A---- C:\Windows\system32\ieUnatt.exe
2012-11-16 14:52:06 ----A---- C:\Windows\system32\ieui.dll
2012-11-16 14:52:05 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-11-16 14:52:05 ----A---- C:\Windows\SYSWOW64\url.dll
2012-11-16 14:52:05 ----A---- C:\Windows\system32\urlmon.dll
2012-11-16 14:52:05 ----A---- C:\Windows\system32\url.dll
2012-11-16 14:52:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-11-16 14:52:04 ----A---- C:\Windows\system32\msfeeds.dll
2012-11-16 14:52:04 ----A---- C:\Windows\system32\jscript9.dll
2012-11-16 14:52:03 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-11-16 14:52:02 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-11-16 14:52:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-11-16 14:52:02 ----A---- C:\Windows\system32\wininet.dll
2012-11-16 14:52:02 ----A---- C:\Windows\system32\vbscript.dll
2012-11-16 14:52:02 ----A---- C:\Windows\system32\jsproxy.dll
2012-11-16 14:52:02 ----A---- C:\Windows\system32\jscript.dll
2012-11-16 14:52:01 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-11-16 14:52:01 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-11-16 14:52:01 ----A---- C:\Windows\system32\iertutil.dll
2012-11-16 14:51:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-11-16 14:51:56 ----A---- C:\Windows\system32\mshtml.dll
2012-11-16 14:51:55 ----A---- C:\Windows\system32\ieframe.dll
2012-11-16 14:51:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-11-16 14:51:24 ----A---- C:\Windows\system32\WUDFSvc.dll
2012-11-16 14:51:24 ----A---- C:\Windows\system32\WUDFPlatform.dll
2012-11-16 14:51:24 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2012-11-16 14:51:24 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2012-11-16 14:51:23 ----A---- C:\Windows\system32\WUDFx.dll
2012-11-16 14:51:23 ----A---- C:\Windows\system32\WUDFHost.exe
2012-11-16 14:51:23 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2012-11-16 14:01:10 ----A---- C:\Windows\system32\win32k.sys
2012-11-16 14:00:52 ----A---- C:\Windows\SYSWOW64\synceng.dll
2012-11-16 14:00:52 ----A---- C:\Windows\system32\synceng.dll
2012-11-15 23:31:41 ----D---- C:\ProgramData\ATI
2012-11-15 23:31:40 ----D---- C:\Program Files (x86)\AMD AVT
2012-11-15 23:31:31 ----D---- C:\Program Files (x86)\AMD APP
2012-11-12 21:52:18 ----A---- C:\Windows\SYSWOW64\atiumdag.dll
2012-11-12 21:50:08 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2012-11-12 21:36:32 ----A---- C:\Windows\system32\atio6axx.dll
2012-11-12 21:29:22 ----A---- C:\Windows\system32\coinst_9.01.8.dll
2012-11-12 21:27:14 ----A---- C:\Windows\system32\atiapfxx.exe
2012-11-12 21:25:50 ----A---- C:\Windows\system32\aticalrt64.dll
2012-11-12 21:25:48 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2012-11-12 21:25:40 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2012-11-12 21:25:40 ----A---- C:\Windows\system32\aticalcl64.dll
2012-11-12 21:25:28 ----A---- C:\Windows\system32\aticaldd64.dll
2012-11-12 21:21:10 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2012-11-12 21:19:00 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2012-11-12 21:18:54 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2012-11-12 21:14:48 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2012-11-12 21:04:50 ----A---- C:\Windows\system32\atidemgy.dll
2012-11-12 21:04:42 ----A---- C:\Windows\system32\atieclxx.exe
2012-11-12 21:03:54 ----A---- C:\Windows\system32\atiesrxx.exe
2012-11-12 21:02:32 ----A---- C:\Windows\system32\atitmm64.dll
2012-11-12 21:02:18 ----A---- C:\Windows\system32\atimuixx.dll
2012-11-12 21:02:14 ----A---- C:\Windows\system32\atiedu64.dll
2012-11-12 21:02:08 ----A---- C:\Windows\SYSWOW64\ati2edxx.dll
2012-11-12 21:00:22 ----A---- C:\Windows\system32\atiumd6a.dll
2012-11-12 20:52:02 ----A---- C:\Windows\system32\atiumd64.dll
2012-11-12 20:49:48 ----A---- C:\Windows\SYSWOW64\atiumdva.dll
2012-11-12 20:41:22 ----A---- C:\Windows\system32\atiadlxx.dll
2012-11-12 20:41:12 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2012-11-12 20:41:00 ----A---- C:\Windows\system32\atig6pxx.dll
2012-11-12 20:40:56 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2012-11-12 20:40:56 ----A---- C:\Windows\system32\atiglpxx.dll
2012-11-12 20:40:52 ----A---- C:\Windows\system32\atig6txx.dll
2012-11-12 20:40:44 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2012-11-12 20:40:36 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2012-11-12 20:40:14 ----A---- C:\Windows\system32\atimpc64.dll
2012-11-12 20:40:14 ----A---- C:\Windows\system32\amdpcom64.dll
2012-11-12 20:40:06 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2012-11-12 20:40:06 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2012-11-12 20:38:58 ----A---- C:\Windows\system32\atiuxp64.dll
2012-11-12 20:38:50 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2012-11-12 20:38:42 ----A---- C:\Windows\system32\atiu9p64.dll
2012-11-12 20:38:34 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll
2012-11-12 20:37:10 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2012-11-12 15:46:54 ----A---- C:\Windows\system32\clinfo.exe
2012-11-12 15:46:36 ----A---- C:\Windows\system32\OpenVideo64.dll
2012-11-12 15:46:32 ----A---- C:\Windows\SYSWOW64\OpenVideo.dll
2012-11-12 15:46:26 ----A---- C:\Windows\system32\OVDecode64.dll
2012-11-12 15:46:24 ----A---- C:\Windows\SYSWOW64\OVDecode.dll
2012-11-12 15:46:14 ----A---- C:\Windows\system32\amdocl64.dll
2012-11-12 15:41:32 ----A---- C:\Windows\SYSWOW64\amdocl.dll
2012-11-12 15:37:28 ----A---- C:\Windows\system32\OpenCL.dll
2012-11-12 15:37:26 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2012-10-31 16:48:48 ----D---- C:\Program Files (x86)\Gophoto.it
2012-10-31 16:48:21 ----D---- C:\ProgramData\SweetIM
2012-10-31 16:48:21 ----D---- C:\Program Files (x86)\SweetIM
2012-10-31 16:47:51 ----D---- C:\Users\Jano\AppData\Roaming\Mozilla
2012-10-31 16:47:49 ----D---- C:\Program Files (x86)\OnlineHD.TV
2012-10-30 12:39:47 ----D---- C:\ProgramData\Origin
2012-10-29 16:32:37 ----D---- C:\Program Files (x86)\Medal of Honor Warfighter

======List of files/folders modified in the last 1 month======

2012-11-27 17:25:13 ----D---- C:\Windows\Temp
2012-11-27 17:25:13 ----D---- C:\Windows\system32\config
2012-11-27 17:08:58 ----RD---- C:\Program Files
2012-11-27 17:04:49 ----D---- C:\Windows
2012-11-26 22:30:27 ----D---- C:\Windows\system32\catroot2
2012-11-26 19:07:49 ----SHD---- C:\Windows\Installer
2012-11-25 15:19:46 ----D---- C:\Windows\System32
2012-11-25 15:19:46 ----D---- C:\Windows\inf
2012-11-25 15:19:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-25 11:29:03 ----D---- C:\Windows\debug
2012-11-23 18:46:19 ----D---- C:\Windows\system32\catroot
2012-11-23 18:46:18 ----D---- C:\Windows\system32\DriverStore
2012-11-23 18:46:10 ----SHD---- C:\System Volume Information
2012-11-23 18:45:36 ----D---- C:\ProgramData\Sony Ericsson
2012-11-23 18:45:28 ----D---- C:\Program Files (x86)\Sony Ericsson
2012-11-22 21:25:50 ----D---- C:\Windows\Prefetch
2012-11-21 23:15:53 ----RD---- C:\Program Files (x86)
2012-11-21 23:15:53 ----HD---- C:\Config.Msi
2012-11-21 18:23:40 ----D---- C:\Windows\Logs
2012-11-21 15:31:22 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-11-21 15:31:05 ----D---- C:\Windows\SoftwareDistribution
2012-11-21 15:31:02 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-11-21 15:31:01 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2012-11-21 15:29:55 ----RSD---- C:\Windows\assembly
2012-11-20 19:22:11 ----D---- C:\Windows\rescache
2012-11-20 15:26:05 ----D---- C:\Windows\Microsoft.NET
2012-11-17 10:26:56 ----D---- C:\Program Files (x86)\Common Files
2012-11-16 23:16:12 ----D---- C:\Users\Jano\AppData\Roaming\Skype
2012-11-16 15:34:59 ----D---- C:\Windows\winsxs
2012-11-16 15:32:53 ----D---- C:\Windows\system32\en-US
2012-11-16 15:32:53 ----D---- C:\Windows\system32\drivers\en-US
2012-11-16 15:32:52 ----D---- C:\Windows\SYSWOW64\migration
2012-11-16 15:32:52 ----D---- C:\Windows\SysWOW64
2012-11-16 15:32:52 ----D---- C:\Windows\system32\wbem
2012-11-16 15:32:52 ----D---- C:\Windows\system32\migration
2012-11-16 15:32:52 ----D---- C:\Windows\system32\drivers
2012-11-16 15:32:52 ----D---- C:\Program Files (x86)\Internet Explorer
2012-11-16 15:32:51 ----D---- C:\Windows\system32\sk-SK
2012-11-16 15:32:51 ----D---- C:\Program Files\Internet Explorer
2012-11-16 15:32:50 ----RSD---- C:\Windows\Fonts
2012-11-16 14:58:47 ----D---- C:\ProgramData\Microsoft Help
2012-11-16 13:55:34 ----A---- C:\Windows\system32\MRT.exe
2012-11-15 23:32:24 ----D---- C:\AMD
2012-11-15 23:31:41 ----HD---- C:\ProgramData
2012-11-15 23:31:40 ----D---- C:\ProgramData\AMD
2012-11-15 23:31:08 ----D---- C:\Program Files\ATI Technologies
2012-11-15 23:25:41 ----D---- C:\Program Files (x86)\ATI Technologies
2012-11-14 23:02:47 ----D---- C:\Program Files (x86)\Sony
2012-11-14 23:00:23 ----AD---- C:\Program Files (x86)\Jetbull Poker
2012-11-14 23:00:08 ----D---- C:\Program Files (x86)\Full Tilt Poker.Net
2012-11-12 21:16:58 ----A---- C:\Windows\system32\aticfx64.dll
2012-11-12 20:56:44 ----A---- C:\Windows\system32\atidxx64.dll
2012-11-06 15:06:36 ----D---- C:\Program Files (x86)\McAfee
2012-11-02 14:30:18 ----D---- C:\Users\Jano\AppData\Roaming\dvdcss

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-05 834544]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
R2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2012-03-14 137144]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-12 11270656]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-11-12 546304]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2012-11-27 25640]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-08-18 1983264]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-07-17 201472]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-07-30 236544]
S2 Angelnt;Angelnt; C:\Windows\System32\Drivers\ANGELNT.SYS []
S2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
S3 a5fmgcd2;a5fmgcd2; C:\Windows\system32\drivers\a5fmgcd2.sys []
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-12 11270656]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-11-12 240640]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-11-12 361984]
R2 BCUService;Browser Configuration Utility Service; C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-08-04 219360]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-03-07 913144]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [2007-12-17 163840]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-11-19 2462128]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-06-20 73728]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2012-10-23 103472]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-11-21 75136]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-12-16 654848]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-05 1255736]

-----------------EOF-----------------

Re: Vyskakovanie okna

Napsal: 27 lis 2012 19:41
od Rudy
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte na Search
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Vyskakovanie okna

Napsal: 27 lis 2012 20:49
od ZelenyPirat
# AdwCleaner v2.009 - Logfile created 11/27/2012 at 20:48:48
# Updated 24/11/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Jano - JANO-PC
# Boot Mode : Normal
# Running from : C:\Users\Jano\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Found : C:\Program Files (x86)\facemoods.com
Folder Found : C:\Program Files (x86)\SweetIM
Folder Found : C:\ProgramData\SweetIM
Folder Found : C:\ProgramData\Trymedia
Folder Found : C:\Users\Jano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Folder Found : C:\Users\Jano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocphobfcfafpclibolpjdafgaffkaoci
Folder Found : C:\Users\Jano\AppData\LocalLow\boost_interprocess
Folder Found : C:\Users\Jano\AppData\LocalLow\facemoods.com
Folder Found : C:\Users\Jano\AppData\LocalLow\SweetIM

***** [Registry] *****

Key Found : HKCU\Software\facemoods.com
Key Found : HKCU\Software\GamePlayLabs
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Zugo
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\BHO.BrowserPlugin
Key Found : HKLM\SOFTWARE\Classes\BHO.BrowserPlugin.1
Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Found : HKLM\SOFTWARE\Classes\esrv.escrtSrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.escrtSrvc.1
Key Found : HKLM\SOFTWARE\Classes\facemoods.dskBnd
Key Found : HKLM\SOFTWARE\Classes\facemoods.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Found : HKLM\SOFTWARE\Classes\facemoods.xtrnl
Key Found : HKLM\SOFTWARE\Classes\facemoods.xtrnl.1
Key Found : HKLM\SOFTWARE\Classes\facemoodsApp.appCore
Key Found : HKLM\SOFTWARE\Classes\facemoodsApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Found : HKLM\SOFTWARE\Classes\sim-packages
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E}
Key Found : HKLM\Software\facemoods.com
Key Found : HKLM\Software\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ocphobfcfafpclibolpjdafgaffkaoci
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\facemoods
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Key Found : HKU\S-1-5-21-2858087475-1341382447-2249875837-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [facemoods]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={A45D7943-E17B-4CEB-A7BC-CCB1A399FB11}
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page Restore] = hxxp://start.facemoods.com/?a=vsl
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=vsl&s={searchTerms}&f=4
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={A45D7943-E17B-4CEB-A7BC-CCB1A399FB11}

-\\ Google Chrome v23.0.1271.64

File : C:\Users\Jano\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v11.52.1100.0

File : C:\Users\Jano\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [5812 octets] - [27/11/2012 20:48:48]

########## EOF - C:\AdwCleaner[R1].txt - [5872 octets] ##########

Re: Vyskakovanie okna

Napsal: 27 lis 2012 21:05
od Rudy
Spusťte znovu ADWCleaner a klikněte na >Delete<. Vložte nový log.

Re: Vyskakovanie okna

Napsal: 27 lis 2012 21:13
od ZelenyPirat
# AdwCleaner v2.009 - Logfile created 11/27/2012 at 21:10:30
# Updated 24/11/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Jano - JANO-PC
# Boot Mode : Normal
# Running from : C:\Users\Jano\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files (x86)\facemoods.com
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Users\Jano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Folder Deleted : C:\Users\Jano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocphobfcfafpclibolpjdafgaffkaoci
Folder Deleted : C:\Users\Jano\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Jano\AppData\LocalLow\facemoods.com
Folder Deleted : C:\Users\Jano\AppData\LocalLow\SweetIM

***** [Registry] *****

Key Deleted : HKCU\Software\facemoods.com
Key Deleted : HKCU\Software\GamePlayLabs
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\BHO.BrowserPlugin
Key Deleted : HKLM\SOFTWARE\Classes\BHO.BrowserPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.escrtSrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.escrtSrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.xtrnl
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.xtrnl.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoodsApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\facemoodsApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E}
Key Deleted : HKLM\Software\facemoods.com
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ocphobfcfafpclibolpjdafgaffkaoci
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\facemoods
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [facemoods]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={A45D7943-E17B-4CEB-A7BC-CCB1A399FB11} --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page Restore] = hxxp://start.facemoods.com/?a=vsl --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=vsl&s={searchTerms}&f=4 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={A45D7943-E17B-4CEB-A7BC-CCB1A399FB11} --> hxxp://www.google.com

-\\ Google Chrome v23.0.1271.64

File : C:\Users\Jano\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v11.52.1100.0

File : C:\Users\Jano\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [5935 octets] - [27/11/2012 20:48:48]
AdwCleaner[S1].txt - [5998 octets] - [27/11/2012 21:10:30]

########## EOF - C:\AdwCleaner[S1].txt - [6058 octets] ##########

Re: Vyskakovanie okna

Napsal: 27 lis 2012 21:56
od Rudy
Dejte nový log RSIT.

Re: Vyskakovanie okna

Napsal: 27 lis 2012 22:00
od ZelenyPirat
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jano at 2012-11-27 21:59:53
Microsoft Windows 7 Home Premium
System drive C: has 16 GB (11%) free of 153 GB
Total RAM: 4094 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:59:57, on 27. 11. 2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kodak\KODAK Share Button App\Listener.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Users\Jano\.filestore\Documents\Windows\msnotepad.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\trend micro\Jano.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BrowserPlugin - {1C749E08-6B62-11E0-B6DA-075F4824019B} - C:\Users\Jano\AppData\Local\GamePlayLabs Plugin\BHO.dll (file missing)
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\bh\facemoods.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: GamePlayLabsBHO - {984A9162-8891-4D19-8CFE-17648BB4E1EC} - C:\Users\Jano\AppData\Local\GamePlayLabs Plugin\BHO.dll (file missing)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (file missing)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll (file missing)
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (file missing)
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EPSON SX510W Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.EXE /FU "C:\Windows\TEMP\E_S460A.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [RGSC] D:\Hry\Inštalované\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jano\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [Windows Explorer] C:\Users\Jano\msdata\iexplorer.exe
O4 - HKCU\..\Run: [IRC] C:\Users\Jano\.filestore\Documents\Windows\ircserver.exe
O4 - HKCU\..\Run: [Win Update] C:\Users\Jano\AppData\Roaming\Win Update.exe
O4 - HKCU\..\Run: [DLLService] C:\Users\Jano\.filestore\Documents\Windows\igfxservice.exe
O4 - HKCU\..\Run: [CommandUtilities] C:\Users\Jano\.filestore\Documents\Windows\svuhost.exe
O4 - HKCU\..\Run: [WindowsDefender] C:\Users\Jano\.filestore\Documents\Windows\firewall.exe
O4 - HKCU\..\Run: [WindowsWorker] C:\Users\Jano\.filestore\Documents\Windows\winworker.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15722 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {624ACECC-AFE1-4F34-ABB1-CAE17ECA024D}
"C:\Program Files (x86)\Kodak\KODAK Share Button App\Listener.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
"C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait
"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\x64\saHook.dll", saHooker_Initialize_and_Wait
"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2396
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6f916127-b010-4c73-bcff-4b0c95a0b559 -SystemEventPortName:HostProcess-26f15cad-cbae-4c09-909f-485d539c828d -IoCancelEventPortName:HostProcess-0db96351-a796-4d33-89be-ed3208fbf878 -NonStateChangingEventPortName:HostProcess-845aaf37-fe49-4d38-8b34-781e43c58dfd -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a2e5b95f-776b-4f46-bfad-8f55953cf768 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe"
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
"C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe"
"C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Users\Jano\msdata\explorer.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Users\Jano\.filestore\Documents\Windows\msnotepad.exe" -t 2 -o http://shubhank_worker2:plawasthi@us2.e ... c.com:8337
\??\C:\Windows\system32\conhost.exe "-433740592209901936809673830914548252139910839614549590701574608797836049401
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe" -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Jano\Downloads\RSITx64 (1).exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Epson Printer Software Downloader.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2858087475-1341382447-2249875837-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2858087475-1341382447-2249875837-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2012-10-17 322856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-23 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C749E08-6B62-11E0-B6DA-075F4824019B}]
BrowserPlugin - C:\Users\Jano\AppData\Local\GamePlayLabs Plugin\BHO.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-10-26 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
CescrtHlpr Object - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\bh\facemoods.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 453504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{984A9162-8891-4D19-8CFE-17648BB4E1EC}]
GamePlayLabsBHO Class - C:\Users\Jano\AppData\Local\GamePlayLabs Plugin\BHO.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2012-10-17 262080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 157576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-23 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll []
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2012-10-17 322856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll []
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2012-10-17 262080]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-08-18 8067616]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2012-03-07 4081008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"EPSON SX510W Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.EXE [2008-11-20 223232]
"RGSC"=D:\Hry\Inštalované\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe /silent []
"Google Update"=C:\Users\Jano\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-05 136176]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2011-06-20 2736128]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2012-09-12 445624]
"Windows Explorer"=C:\Users\Jano\msdata\iexplorer.exe [2012-11-22 56832]
"IRC"=C:\Users\Jano\.filestore\Documents\Windows\ircserver.exe [2012-11-22 56832]
"Win Update"=C:\Users\Jano\AppData\Roaming\Win Update.exe [2012-11-24 837632]
"DLLService"=C:\Users\Jano\.filestore\Documents\Windows\igfxservice.exe [2012-11-24 43520]
"CommandUtilities"=C:\Users\Jano\.filestore\Documents\Windows\svuhost.exe [2012-11-25 43520]
"WindowsDefender"=C:\Users\Jano\.filestore\Documents\Windows\firewall.exe [2012-11-26 43520]
"WindowsWorker"=C:\Users\Jano\.filestore\Documents\Windows\winworker.exe [2012-11-26 43520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
D:\Hry\Inštalované\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCU"=C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [2009-08-04 346320]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"EEventManager"=C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe [2009-01-12 669520]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-11-12 642216]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-11-19 2254768]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-11-27 21:10:30 ----A---- C:\AdwCleaner[S1].txt
2012-11-27 20:48:48 ----A---- C:\AdwCleaner[R1].txt
2012-11-27 17:08:58 ----D---- C:\rsit
2012-11-27 17:08:58 ----D---- C:\Program Files\trend micro
2012-11-24 21:26:54 ----RASH---- C:\Users\Jano\AppData\Roaming\Win Update.exe
2012-11-24 18:11:57 ----D---- C:\Users\Jano\AppData\Roaming\HEWGBhyj HJERe
2012-11-21 21:23:53 ----D---- C:\Users\Jano\AppData\Roaming\Theta
2012-11-20 15:12:15 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2012-11-19 19:31:20 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2012-11-16 18:08:57 ----D---- C:\Program Files (x86)\Activision
2012-11-16 14:56:06 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2012-11-16 14:56:05 ----A---- C:\Windows\system32\Wdfres.dll
2012-11-16 14:56:05 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2012-11-16 14:52:07 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-11-16 14:52:07 ----A---- C:\Windows\system32\mshtmled.dll
2012-11-16 14:52:06 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-11-16 14:52:06 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-11-16 14:52:06 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-11-16 14:52:06 ----A---- C:\Windows\system32\ieUnatt.exe
2012-11-16 14:52:06 ----A---- C:\Windows\system32\ieui.dll
2012-11-16 14:52:05 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-11-16 14:52:05 ----A---- C:\Windows\SYSWOW64\url.dll
2012-11-16 14:52:05 ----A---- C:\Windows\system32\urlmon.dll
2012-11-16 14:52:05 ----A---- C:\Windows\system32\url.dll
2012-11-16 14:52:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-11-16 14:52:04 ----A---- C:\Windows\system32\msfeeds.dll
2012-11-16 14:52:04 ----A---- C:\Windows\system32\jscript9.dll
2012-11-16 14:52:03 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-11-16 14:52:02 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-11-16 14:52:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-11-16 14:52:02 ----A---- C:\Windows\system32\wininet.dll
2012-11-16 14:52:02 ----A---- C:\Windows\system32\vbscript.dll
2012-11-16 14:52:02 ----A---- C:\Windows\system32\jsproxy.dll
2012-11-16 14:52:02 ----A---- C:\Windows\system32\jscript.dll
2012-11-16 14:52:01 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-11-16 14:52:01 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-11-16 14:52:01 ----A---- C:\Windows\system32\iertutil.dll
2012-11-16 14:51:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-11-16 14:51:56 ----A---- C:\Windows\system32\mshtml.dll
2012-11-16 14:51:55 ----A---- C:\Windows\system32\ieframe.dll
2012-11-16 14:51:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-11-16 14:51:24 ----A---- C:\Windows\system32\WUDFSvc.dll
2012-11-16 14:51:24 ----A---- C:\Windows\system32\WUDFPlatform.dll
2012-11-16 14:51:24 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2012-11-16 14:51:24 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2012-11-16 14:51:23 ----A---- C:\Windows\system32\WUDFx.dll
2012-11-16 14:51:23 ----A---- C:\Windows\system32\WUDFHost.exe
2012-11-16 14:51:23 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2012-11-16 14:01:10 ----A---- C:\Windows\system32\win32k.sys
2012-11-16 14:00:52 ----A---- C:\Windows\SYSWOW64\synceng.dll
2012-11-16 14:00:52 ----A---- C:\Windows\system32\synceng.dll
2012-11-15 23:31:41 ----D---- C:\ProgramData\ATI
2012-11-15 23:31:40 ----D---- C:\Program Files (x86)\AMD AVT
2012-11-15 23:31:31 ----D---- C:\Program Files (x86)\AMD APP
2012-11-12 21:52:18 ----A---- C:\Windows\SYSWOW64\atiumdag.dll
2012-11-12 21:50:08 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2012-11-12 21:36:32 ----A---- C:\Windows\system32\atio6axx.dll
2012-11-12 21:29:22 ----A---- C:\Windows\system32\coinst_9.01.8.dll
2012-11-12 21:27:14 ----A---- C:\Windows\system32\atiapfxx.exe
2012-11-12 21:25:50 ----A---- C:\Windows\system32\aticalrt64.dll
2012-11-12 21:25:48 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2012-11-12 21:25:40 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2012-11-12 21:25:40 ----A---- C:\Windows\system32\aticalcl64.dll
2012-11-12 21:25:28 ----A---- C:\Windows\system32\aticaldd64.dll
2012-11-12 21:21:10 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2012-11-12 21:19:00 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2012-11-12 21:18:54 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2012-11-12 21:14:48 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2012-11-12 21:04:50 ----A---- C:\Windows\system32\atidemgy.dll
2012-11-12 21:04:42 ----A---- C:\Windows\system32\atieclxx.exe
2012-11-12 21:03:54 ----A---- C:\Windows\system32\atiesrxx.exe
2012-11-12 21:02:32 ----A---- C:\Windows\system32\atitmm64.dll
2012-11-12 21:02:18 ----A---- C:\Windows\system32\atimuixx.dll
2012-11-12 21:02:14 ----A---- C:\Windows\system32\atiedu64.dll
2012-11-12 21:02:08 ----A---- C:\Windows\SYSWOW64\ati2edxx.dll
2012-11-12 21:00:22 ----A---- C:\Windows\system32\atiumd6a.dll
2012-11-12 20:52:02 ----A---- C:\Windows\system32\atiumd64.dll
2012-11-12 20:49:48 ----A---- C:\Windows\SYSWOW64\atiumdva.dll
2012-11-12 20:41:22 ----A---- C:\Windows\system32\atiadlxx.dll
2012-11-12 20:41:12 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2012-11-12 20:41:00 ----A---- C:\Windows\system32\atig6pxx.dll
2012-11-12 20:40:56 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2012-11-12 20:40:56 ----A---- C:\Windows\system32\atiglpxx.dll
2012-11-12 20:40:52 ----A---- C:\Windows\system32\atig6txx.dll
2012-11-12 20:40:44 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2012-11-12 20:40:36 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2012-11-12 20:40:14 ----A---- C:\Windows\system32\atimpc64.dll
2012-11-12 20:40:14 ----A---- C:\Windows\system32\amdpcom64.dll
2012-11-12 20:40:06 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2012-11-12 20:40:06 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2012-11-12 20:38:58 ----A---- C:\Windows\system32\atiuxp64.dll
2012-11-12 20:38:50 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2012-11-12 20:38:42 ----A---- C:\Windows\system32\atiu9p64.dll
2012-11-12 20:38:34 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll
2012-11-12 20:37:10 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2012-11-12 15:46:54 ----A---- C:\Windows\system32\clinfo.exe
2012-11-12 15:46:36 ----A---- C:\Windows\system32\OpenVideo64.dll
2012-11-12 15:46:32 ----A---- C:\Windows\SYSWOW64\OpenVideo.dll
2012-11-12 15:46:26 ----A---- C:\Windows\system32\OVDecode64.dll
2012-11-12 15:46:24 ----A---- C:\Windows\SYSWOW64\OVDecode.dll
2012-11-12 15:46:14 ----A---- C:\Windows\system32\amdocl64.dll
2012-11-12 15:41:32 ----A---- C:\Windows\SYSWOW64\amdocl.dll
2012-11-12 15:37:28 ----A---- C:\Windows\system32\OpenCL.dll
2012-11-12 15:37:26 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2012-10-31 16:48:48 ----D---- C:\Program Files (x86)\Gophoto.it
2012-10-31 16:47:51 ----D---- C:\Users\Jano\AppData\Roaming\Mozilla
2012-10-31 16:47:49 ----D---- C:\Program Files (x86)\OnlineHD.TV
2012-10-30 12:39:47 ----D---- C:\ProgramData\Origin
2012-10-29 16:32:37 ----D---- C:\Program Files (x86)\Medal of Honor Warfighter

======List of files/folders modified in the last 1 month======

2012-11-27 21:59:51 ----D---- C:\Windows\Temp
2012-11-27 21:40:47 ----D---- C:\Windows\system32\config
2012-11-27 21:11:50 ----RD---- C:\Program Files (x86)
2012-11-27 21:11:50 ----D---- C:\Windows
2012-11-27 21:10:30 ----HD---- C:\ProgramData
2012-11-27 17:29:59 ----SHD---- C:\System Volume Information
2012-11-27 17:08:58 ----RD---- C:\Program Files
2012-11-26 22:30:27 ----D---- C:\Windows\system32\catroot2
2012-11-26 19:07:49 ----SHD---- C:\Windows\Installer
2012-11-25 15:19:46 ----D---- C:\Windows\System32
2012-11-25 15:19:46 ----D---- C:\Windows\inf
2012-11-25 15:19:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-25 11:29:03 ----D---- C:\Windows\debug
2012-11-23 18:46:19 ----D---- C:\Windows\system32\catroot
2012-11-23 18:46:18 ----D---- C:\Windows\system32\DriverStore
2012-11-23 18:45:36 ----D---- C:\ProgramData\Sony Ericsson
2012-11-23 18:45:28 ----D---- C:\Program Files (x86)\Sony Ericsson
2012-11-22 21:25:50 ----D---- C:\Windows\Prefetch
2012-11-21 23:15:53 ----HD---- C:\Config.Msi
2012-11-21 18:23:40 ----D---- C:\Windows\Logs
2012-11-21 15:31:22 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-11-21 15:31:05 ----D---- C:\Windows\SoftwareDistribution
2012-11-21 15:31:02 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-11-21 15:31:01 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2012-11-21 15:29:55 ----RSD---- C:\Windows\assembly
2012-11-20 19:22:11 ----D---- C:\Windows\rescache
2012-11-20 15:26:05 ----D---- C:\Windows\Microsoft.NET
2012-11-17 10:26:56 ----D---- C:\Program Files (x86)\Common Files
2012-11-16 23:16:12 ----D---- C:\Users\Jano\AppData\Roaming\Skype
2012-11-16 15:34:59 ----D---- C:\Windows\winsxs
2012-11-16 15:32:53 ----D---- C:\Windows\system32\en-US
2012-11-16 15:32:53 ----D---- C:\Windows\system32\drivers\en-US
2012-11-16 15:32:52 ----D---- C:\Windows\SYSWOW64\migration
2012-11-16 15:32:52 ----D---- C:\Windows\SysWOW64
2012-11-16 15:32:52 ----D---- C:\Windows\system32\wbem
2012-11-16 15:32:52 ----D---- C:\Windows\system32\migration
2012-11-16 15:32:52 ----D---- C:\Windows\system32\drivers
2012-11-16 15:32:52 ----D---- C:\Program Files (x86)\Internet Explorer
2012-11-16 15:32:51 ----D---- C:\Windows\system32\sk-SK
2012-11-16 15:32:51 ----D---- C:\Program Files\Internet Explorer
2012-11-16 15:32:50 ----RSD---- C:\Windows\Fonts
2012-11-16 14:58:47 ----D---- C:\ProgramData\Microsoft Help
2012-11-16 13:55:34 ----A---- C:\Windows\system32\MRT.exe
2012-11-15 23:32:24 ----D---- C:\AMD
2012-11-15 23:31:40 ----D---- C:\ProgramData\AMD
2012-11-15 23:31:08 ----D---- C:\Program Files\ATI Technologies
2012-11-15 23:25:41 ----D---- C:\Program Files (x86)\ATI Technologies
2012-11-14 23:02:47 ----D---- C:\Program Files (x86)\Sony
2012-11-14 23:00:23 ----AD---- C:\Program Files (x86)\Jetbull Poker
2012-11-14 23:00:08 ----D---- C:\Program Files (x86)\Full Tilt Poker.Net
2012-11-12 21:16:58 ----A---- C:\Windows\system32\aticfx64.dll
2012-11-12 20:56:44 ----A---- C:\Windows\system32\atidxx64.dll
2012-11-06 15:06:36 ----D---- C:\Program Files (x86)\McAfee
2012-11-02 14:30:18 ----D---- C:\Users\Jano\AppData\Roaming\dvdcss

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-05 834544]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
R2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2012-03-14 137144]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-12 11270656]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-11-12 546304]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2012-11-27 25640]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-08-18 1983264]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-07-17 201472]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-07-30 236544]
S2 Angelnt;Angelnt; C:\Windows\System32\Drivers\ANGELNT.SYS []
S2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
S3 ajafcanh;ajafcanh; C:\Windows\system32\drivers\ajafcanh.sys []
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-12 11270656]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-11-12 240640]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-11-12 361984]
R2 BCUService;Browser Configuration Utility Service; C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-08-04 219360]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-03-07 913144]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [2007-12-17 163840]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-11-19 2462128]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-06-20 73728]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2012-10-23 103472]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-11-21 75136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-12-16 654848]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-05 1255736]

-----------------EOF-----------------

Re: Vyskakovanie okna

Napsal: 27 lis 2012 22:41
od Rudy
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
C:\Program Files (x86)\Skype\Toolbars
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2858087475-1341382447-2249875837-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2858087475-1341382447-2249875837-1001UA.job
C:\Users\Jano\AppData\Local\GamePlayLabs Plugin

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{984A9162-8891-4D19-8CFE-17648BB4E1EC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Re: Vyskakovanie okna

Napsal: 28 lis 2012 09:20
od ZelenyPirat
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jano at 2012-11-28 09:19:38
Microsoft Windows 7 Home Premium
System drive C: has 16 GB (11%) free of 153 GB
Total RAM: 4094 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:19:41, on 28. 11. 2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kodak\KODAK Share Button App\Listener.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Users\Jano\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Users\Jano\.filestore\Documents\Windows\msnotepad.exe
C:\Program Files\trend micro\Jano.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BrowserPlugin - {1C749E08-6B62-11E0-B6DA-075F4824019B} - C:\Users\Jano\AppData\Local\GamePlayLabs Plugin\BHO.dll (file missing)
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EPSON SX510W Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.EXE /FU "C:\Windows\TEMP\E_S460A.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [RGSC] D:\Hry\Inštalované\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jano\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [Windows Explorer] C:\Users\Jano\msdata\iexplorer.exe
O4 - HKCU\..\Run: [IRC] C:\Users\Jano\.filestore\Documents\Windows\ircserver.exe
O4 - HKCU\..\Run: [Win Update] C:\Users\Jano\AppData\Roaming\Win Update.exe
O4 - HKCU\..\Run: [DLLService] C:\Users\Jano\.filestore\Documents\Windows\igfxservice.exe
O4 - HKCU\..\Run: [CommandUtilities] C:\Users\Jano\.filestore\Documents\Windows\svuhost.exe
O4 - HKCU\..\Run: [WindowsDefender] C:\Users\Jano\.filestore\Documents\Windows\firewall.exe
O4 - HKCU\..\Run: [WindowsWorker] C:\Users\Jano\.filestore\Documents\Windows\winworker.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14544 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {736C42A1-17F3-435D-928B-4007B8C8E03E}
"C:\Program Files (x86)\Kodak\KODAK Share Button App\Listener.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
"C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait
"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\x64\saHook.dll", saHooker_Initialize_and_Wait
"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2380
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f1d5004c-fbc6-4cb3-a3a7-f68aa1791440 -SystemEventPortName:HostProcess-72cefd92-b2d8-477d-999d-54693131a0fb -IoCancelEventPortName:HostProcess-cfc3b621-1026-451b-b6f6-0a2d4a4c7e95 -NonStateChangingEventPortName:HostProcess-7f4b1a32-40e9-4196-9b77-a18f654c2521 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:63cfa0f7-d28f-4a5a-8bb7-ae4bef661ffd -DeviceGroupId:WpdFsGroup
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Users\Jano\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe"
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe" -Embedding
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe"
"C:\Users\Jano\msdata\explorer.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
"C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe"
"C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Users\Jano\.filestore\Documents\Windows\msnotepad.exe" -t 2 -o http://shubhank_worker2:plawasthi@us2.e ... c.com:8337
\??\C:\Windows\system32\conhost.exe "-1727303879-1269381413752201663587436906-734129397-2135992806843974569-1867554115
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Jano\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Epson Printer Software Downloader.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2012-10-17 322856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-23 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C749E08-6B62-11E0-B6DA-075F4824019B}]
BrowserPlugin - C:\Users\Jano\AppData\Local\GamePlayLabs Plugin\BHO.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-10-26 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 453504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2012-10-17 262080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 157576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-23 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll []
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2012-10-17 322856]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-08-18 8067616]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2012-03-07 4081008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"EPSON SX510W Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.EXE [2008-11-20 223232]
"RGSC"=D:\Hry\Inštalované\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe /silent []
"Google Update"=C:\Users\Jano\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-05 136176]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2011-06-20 2736128]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2012-09-12 445624]
"Windows Explorer"=C:\Users\Jano\msdata\iexplorer.exe [2012-11-22 56832]
"IRC"=C:\Users\Jano\.filestore\Documents\Windows\ircserver.exe [2012-11-22 56832]
"Win Update"=C:\Users\Jano\AppData\Roaming\Win Update.exe [2012-11-24 837632]
"DLLService"=C:\Users\Jano\.filestore\Documents\Windows\igfxservice.exe [2012-11-24 43520]
"CommandUtilities"=C:\Users\Jano\.filestore\Documents\Windows\svuhost.exe [2012-11-25 43520]
"WindowsDefender"=C:\Users\Jano\.filestore\Documents\Windows\firewall.exe [2012-11-26 43520]
"WindowsWorker"=C:\Users\Jano\.filestore\Documents\Windows\winworker.exe [2012-11-26 43520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
D:\Hry\Inštalované\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCU"=C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [2009-08-04 346320]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"EEventManager"=C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe [2009-01-12 669520]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-11-12 642216]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-11-19 2254768]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-11-28 09:17:00 ----D---- C:\_OTM
2012-11-27 21:10:30 ----A---- C:\AdwCleaner[S1].txt
2012-11-27 20:48:48 ----A---- C:\AdwCleaner[R1].txt
2012-11-27 17:08:58 ----D---- C:\rsit
2012-11-27 17:08:58 ----D---- C:\Program Files\trend micro
2012-11-24 21:26:54 ----RASH---- C:\Users\Jano\AppData\Roaming\Win Update.exe
2012-11-24 18:11:57 ----D---- C:\Users\Jano\AppData\Roaming\HEWGBhyj HJERe
2012-11-21 21:23:53 ----D---- C:\Users\Jano\AppData\Roaming\Theta
2012-11-20 15:12:15 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2012-11-19 19:31:20 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2012-11-16 18:08:57 ----D---- C:\Program Files (x86)\Activision
2012-11-16 14:56:06 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2012-11-16 14:56:05 ----A---- C:\Windows\system32\Wdfres.dll
2012-11-16 14:56:05 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2012-11-16 14:52:07 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-11-16 14:52:07 ----A---- C:\Windows\system32\mshtmled.dll
2012-11-16 14:52:06 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-11-16 14:52:06 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-11-16 14:52:06 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-11-16 14:52:06 ----A---- C:\Windows\system32\ieUnatt.exe
2012-11-16 14:52:06 ----A---- C:\Windows\system32\ieui.dll
2012-11-16 14:52:05 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-11-16 14:52:05 ----A---- C:\Windows\SYSWOW64\url.dll
2012-11-16 14:52:05 ----A---- C:\Windows\system32\urlmon.dll
2012-11-16 14:52:05 ----A---- C:\Windows\system32\url.dll
2012-11-16 14:52:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-11-16 14:52:04 ----A---- C:\Windows\system32\msfeeds.dll
2012-11-16 14:52:04 ----A---- C:\Windows\system32\jscript9.dll
2012-11-16 14:52:03 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-11-16 14:52:02 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-11-16 14:52:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-11-16 14:52:02 ----A---- C:\Windows\system32\wininet.dll
2012-11-16 14:52:02 ----A---- C:\Windows\system32\vbscript.dll
2012-11-16 14:52:02 ----A---- C:\Windows\system32\jsproxy.dll
2012-11-16 14:52:02 ----A---- C:\Windows\system32\jscript.dll
2012-11-16 14:52:01 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-11-16 14:52:01 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-11-16 14:52:01 ----A---- C:\Windows\system32\iertutil.dll
2012-11-16 14:51:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-11-16 14:51:56 ----A---- C:\Windows\system32\mshtml.dll
2012-11-16 14:51:55 ----A---- C:\Windows\system32\ieframe.dll
2012-11-16 14:51:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-11-16 14:51:24 ----A---- C:\Windows\system32\WUDFSvc.dll
2012-11-16 14:51:24 ----A---- C:\Windows\system32\WUDFPlatform.dll
2012-11-16 14:51:24 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2012-11-16 14:51:24 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2012-11-16 14:51:23 ----A---- C:\Windows\system32\WUDFx.dll
2012-11-16 14:51:23 ----A---- C:\Windows\system32\WUDFHost.exe
2012-11-16 14:51:23 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2012-11-16 14:01:10 ----A---- C:\Windows\system32\win32k.sys
2012-11-16 14:00:52 ----A---- C:\Windows\SYSWOW64\synceng.dll
2012-11-16 14:00:52 ----A---- C:\Windows\system32\synceng.dll
2012-11-15 23:31:41 ----D---- C:\ProgramData\ATI
2012-11-15 23:31:40 ----D---- C:\Program Files (x86)\AMD AVT
2012-11-15 23:31:31 ----D---- C:\Program Files (x86)\AMD APP
2012-11-12 21:52:18 ----A---- C:\Windows\SYSWOW64\atiumdag.dll
2012-11-12 21:50:08 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2012-11-12 21:36:32 ----A---- C:\Windows\system32\atio6axx.dll
2012-11-12 21:29:22 ----A---- C:\Windows\system32\coinst_9.01.8.dll
2012-11-12 21:27:14 ----A---- C:\Windows\system32\atiapfxx.exe
2012-11-12 21:25:50 ----A---- C:\Windows\system32\aticalrt64.dll
2012-11-12 21:25:48 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2012-11-12 21:25:40 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2012-11-12 21:25:40 ----A---- C:\Windows\system32\aticalcl64.dll
2012-11-12 21:25:28 ----A---- C:\Windows\system32\aticaldd64.dll
2012-11-12 21:21:10 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2012-11-12 21:19:00 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2012-11-12 21:18:54 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2012-11-12 21:14:48 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2012-11-12 21:04:50 ----A---- C:\Windows\system32\atidemgy.dll
2012-11-12 21:04:42 ----A---- C:\Windows\system32\atieclxx.exe
2012-11-12 21:03:54 ----A---- C:\Windows\system32\atiesrxx.exe
2012-11-12 21:02:32 ----A---- C:\Windows\system32\atitmm64.dll
2012-11-12 21:02:18 ----A---- C:\Windows\system32\atimuixx.dll
2012-11-12 21:02:14 ----A---- C:\Windows\system32\atiedu64.dll
2012-11-12 21:02:08 ----A---- C:\Windows\SYSWOW64\ati2edxx.dll
2012-11-12 21:00:22 ----A---- C:\Windows\system32\atiumd6a.dll
2012-11-12 20:52:02 ----A---- C:\Windows\system32\atiumd64.dll
2012-11-12 20:49:48 ----A---- C:\Windows\SYSWOW64\atiumdva.dll
2012-11-12 20:41:22 ----A---- C:\Windows\system32\atiadlxx.dll
2012-11-12 20:41:12 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2012-11-12 20:41:00 ----A---- C:\Windows\system32\atig6pxx.dll
2012-11-12 20:40:56 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2012-11-12 20:40:56 ----A---- C:\Windows\system32\atiglpxx.dll
2012-11-12 20:40:52 ----A---- C:\Windows\system32\atig6txx.dll
2012-11-12 20:40:44 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2012-11-12 20:40:36 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2012-11-12 20:40:14 ----A---- C:\Windows\system32\atimpc64.dll
2012-11-12 20:40:14 ----A---- C:\Windows\system32\amdpcom64.dll
2012-11-12 20:40:06 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2012-11-12 20:40:06 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2012-11-12 20:38:58 ----A---- C:\Windows\system32\atiuxp64.dll
2012-11-12 20:38:50 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2012-11-12 20:38:42 ----A---- C:\Windows\system32\atiu9p64.dll
2012-11-12 20:38:34 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll
2012-11-12 20:37:10 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2012-11-12 15:46:54 ----A---- C:\Windows\system32\clinfo.exe
2012-11-12 15:46:36 ----A---- C:\Windows\system32\OpenVideo64.dll
2012-11-12 15:46:32 ----A---- C:\Windows\SYSWOW64\OpenVideo.dll
2012-11-12 15:46:26 ----A---- C:\Windows\system32\OVDecode64.dll
2012-11-12 15:46:24 ----A---- C:\Windows\SYSWOW64\OVDecode.dll
2012-11-12 15:46:14 ----A---- C:\Windows\system32\amdocl64.dll
2012-11-12 15:41:32 ----A---- C:\Windows\SYSWOW64\amdocl.dll
2012-11-12 15:37:28 ----A---- C:\Windows\system32\OpenCL.dll
2012-11-12 15:37:26 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2012-10-31 16:48:48 ----D---- C:\Program Files (x86)\Gophoto.it
2012-10-31 16:47:51 ----D---- C:\Users\Jano\AppData\Roaming\Mozilla
2012-10-31 16:47:49 ----D---- C:\Program Files (x86)\OnlineHD.TV
2012-10-30 12:39:47 ----D---- C:\ProgramData\Origin
2012-10-29 16:32:37 ----D---- C:\Program Files (x86)\Medal of Honor Warfighter

======List of files/folders modified in the last 1 month======

2012-11-28 09:17:24 ----D---- C:\Windows\system32\config
2012-11-28 09:17:23 ----D---- C:\Windows\Temp
2012-11-28 09:17:18 ----D---- C:\Windows\SysWOW64
2012-11-28 09:17:18 ----D---- C:\Windows\System32
2012-11-28 09:17:18 ----D---- C:\Windows
2012-11-28 09:17:01 ----RD---- C:\Program Files (x86)\Skype
2012-11-28 09:17:01 ----D---- C:\Windows\Tasks
2012-11-27 21:11:50 ----RD---- C:\Program Files (x86)
2012-11-27 21:10:30 ----HD---- C:\ProgramData
2012-11-27 17:29:59 ----SHD---- C:\System Volume Information
2012-11-27 17:08:58 ----RD---- C:\Program Files
2012-11-26 22:30:27 ----D---- C:\Windows\system32\catroot2
2012-11-26 19:07:49 ----SHD---- C:\Windows\Installer
2012-11-25 15:19:46 ----D---- C:\Windows\inf
2012-11-25 15:19:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-25 11:29:03 ----D---- C:\Windows\debug
2012-11-23 18:46:19 ----D---- C:\Windows\system32\catroot
2012-11-23 18:46:18 ----D---- C:\Windows\system32\DriverStore
2012-11-23 18:45:36 ----D---- C:\ProgramData\Sony Ericsson
2012-11-23 18:45:28 ----D---- C:\Program Files (x86)\Sony Ericsson
2012-11-22 21:25:50 ----D---- C:\Windows\Prefetch
2012-11-21 23:15:53 ----HD---- C:\Config.Msi
2012-11-21 18:23:40 ----D---- C:\Windows\Logs
2012-11-21 15:31:22 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-11-21 15:31:05 ----D---- C:\Windows\SoftwareDistribution
2012-11-21 15:31:02 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-11-21 15:31:01 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2012-11-21 15:29:55 ----RSD---- C:\Windows\assembly
2012-11-20 19:22:11 ----D---- C:\Windows\rescache
2012-11-20 15:26:05 ----D---- C:\Windows\Microsoft.NET
2012-11-17 10:26:56 ----D---- C:\Program Files (x86)\Common Files
2012-11-16 23:16:12 ----D---- C:\Users\Jano\AppData\Roaming\Skype
2012-11-16 15:34:59 ----D---- C:\Windows\winsxs
2012-11-16 15:32:53 ----D---- C:\Windows\system32\en-US
2012-11-16 15:32:53 ----D---- C:\Windows\system32\drivers\en-US
2012-11-16 15:32:52 ----D---- C:\Windows\SYSWOW64\migration
2012-11-16 15:32:52 ----D---- C:\Windows\system32\wbem
2012-11-16 15:32:52 ----D---- C:\Windows\system32\migration
2012-11-16 15:32:52 ----D---- C:\Windows\system32\drivers
2012-11-16 15:32:52 ----D---- C:\Program Files (x86)\Internet Explorer
2012-11-16 15:32:51 ----D---- C:\Windows\system32\sk-SK
2012-11-16 15:32:51 ----D---- C:\Program Files\Internet Explorer
2012-11-16 15:32:50 ----RSD---- C:\Windows\Fonts
2012-11-16 14:58:47 ----D---- C:\ProgramData\Microsoft Help
2012-11-16 13:55:34 ----A---- C:\Windows\system32\MRT.exe
2012-11-15 23:32:24 ----D---- C:\AMD
2012-11-15 23:31:40 ----D---- C:\ProgramData\AMD
2012-11-15 23:31:08 ----D---- C:\Program Files\ATI Technologies
2012-11-15 23:25:41 ----D---- C:\Program Files (x86)\ATI Technologies
2012-11-14 23:02:47 ----D---- C:\Program Files (x86)\Sony
2012-11-14 23:00:23 ----AD---- C:\Program Files (x86)\Jetbull Poker
2012-11-14 23:00:08 ----D---- C:\Program Files (x86)\Full Tilt Poker.Net
2012-11-12 21:16:58 ----A---- C:\Windows\system32\aticfx64.dll
2012-11-12 20:56:44 ----A---- C:\Windows\system32\atidxx64.dll
2012-11-06 15:06:36 ----D---- C:\Program Files (x86)\McAfee
2012-11-02 14:30:18 ----D---- C:\Users\Jano\AppData\Roaming\dvdcss

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-05 834544]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
R2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2012-03-14 137144]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-12 11270656]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-11-12 546304]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2012-11-28 25640]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-08-18 1983264]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-07-17 201472]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-07-30 236544]
S2 Angelnt;Angelnt; C:\Windows\System32\Drivers\ANGELNT.SYS []
S2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-12 11270656]
S3 awtyakqr;awtyakqr; C:\Windows\system32\drivers\awtyakqr.sys []
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-11-12 240640]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-11-12 361984]
R2 BCUService;Browser Configuration Utility Service; C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-08-04 219360]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-03-07 913144]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [2007-12-17 163840]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-11-19 2462128]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-06-20 73728]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2012-10-23 103472]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-11-21 75136]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-12-16 654848]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-05 1255736]

-----------------EOF-----------------

Re: Vyskakovanie okna

Napsal: 28 lis 2012 13:44
od Rudy
Dvouklikem na soubor C:\Program Files\trend micro\Jano.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
O2 - BHO: BrowserPlugin - {1C749E08-6B62-11E0-B6DA-075F4824019B} - C:\Users\Jano\AppData\Local\GamePlayLabs Plugin\BHO.dll (file missing)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

Re: Vyskakovanie okna

Napsal: 28 lis 2012 21:11
od ZelenyPirat
Spravil som, no stále je počítač zamrznuty a využitie procesora 100%, najnovšie mi hned po spustení PC vyskakuje takéto niečo
Obrázek
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz