VIRY.CZ

Dobry vecer,
Po tyzdni som si vsimol ze Win7 pracuje o dost horsie ako pred tyzdnom. Neviem co sa stalo ale mam pocit ze nieco nieje v poriadku s procesmi a servismi. Hravam pravidelne zopar hier(online) ako Diablo 3/Warcraft 3 dota atd. ale pocitac ide zposledneho. Hry sekaju a je to utrpenie hrat. (kludne prilozim aj printscreen z task managera plus performance) podla mna Hroza ak je pocitac v klude..
Nechal som zbehnut Malwarebytes Anti-Malware ale nic vyrazne nenasiel. Tak isto som nechal zbehnut aj combofix ale zmena/zlepsenie neprichadza. Dosli mi uz vsetky napady a neviem kam dalej. Prosim vas o radu a pomoc. Dakujem Vam za ochotu. (prikladam log z combofix)

{ComboFix 13-03-01.01 - Tomo . 03. 2013 0:32.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1033.18.2047.684 [GMT 1:00]
Running from: j:\users\Tomo\Downloads\ComboFix.exe
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
j:\users\Otec\iperf.exe
j:\users\Otec\wireshark-win32-1.4.3.exe
j:\users\Tomo\AppData\Roaming\x-video-converter-ultimate.exe
j:\windows\security\Database\tmp.edb
.
.
((((((((((((((((((((((((( Files Created from 2013-02-01 to 2013-03-01 )))))))))))))))))))))))))))))))
.
.
2013-03-01 23:44 . 2013-03-01 23:44 -------- d-----w- j:\users\Otec\AppData\Local\temp
2013-03-01 23:44 . 2013-03-01 23:45 -------- d-----w- j:\users\Tomo\AppData\Local\temp
2013-03-01 23:44 . 2013-03-01 23:44 -------- d-----w- j:\users\Default\AppData\Local\temp
2013-03-01 23:21 . 2013-03-01 23:21 29904 ----a-w- j:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1251BC78-2F9F-4F95-83F6-2BFB644D6E31}\MpKsl8259866c.sys
2013-03-01 23:05 . 2012-12-14 15:49 21104 ----a-w- j:\windows\system32\drivers\mbam.sys
2013-03-01 22:36 . 2013-03-01 22:36 -------- d-----w- j:\program files\Common Files\Adobe
2013-03-01 22:32 . 2013-03-01 22:32 861088 ----a-w- j:\windows\system32\npDeployJava1.dll
2013-03-01 22:32 . 2013-03-01 22:32 94112 ----a-w- j:\windows\system32\WindowsAccessBridge.dll
2013-03-01 22:14 . 2013-02-08 00:45 6954968 ----a-w- j:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1251BC78-2F9F-4F95-83F6-2BFB644D6E31}\mpengine.dll
2013-03-01 21:58 . 2013-02-08 00:45 6954968 ----a-w- j:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-03-01 20:48 . 2013-03-01 20:48 -------- d-----w- j:\users\Tomo\AppData\Roaming\Malwarebytes
2013-03-01 20:48 . 2013-03-01 20:48 -------- d-----w- j:\programdata\Malwarebytes
2013-03-01 20:48 . 2013-03-01 23:05 -------- d-----w- j:\program files\Malwarebytes' Anti-Malware
2013-02-22 15:00 . 2013-02-22 15:00 -------- d-----w- j:\programdata\Origin
2013-02-14 08:43 . 2013-01-04 03:00 2347008 ----a-w- j:\windows\system32\win32k.sys
2013-02-14 08:43 . 2013-01-05 05:00 3967848 ----a-w- j:\windows\system32\ntkrnlpa.exe
2013-02-14 08:43 . 2013-01-05 05:00 3913064 ----a-w- j:\windows\system32\ntoskrnl.exe
2013-02-14 08:43 . 2013-01-03 05:05 1293672 ----a-w- j:\windows\system32\drivers\tcpip.sys
2013-02-14 08:43 . 2013-01-03 05:04 187752 ----a-w- j:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-14 08:43 . 2013-01-04 04:50 169984 ----a-w- j:\windows\system32\winsrv.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-01 23:15 . 2012-04-09 14:41 691568 ----a-w- j:\windows\system32\FlashPlayerApp.exe
2013-03-01 23:15 . 2011-05-17 19:16 71024 ----a-w- j:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-01 22:32 . 2011-01-26 12:55 782240 ----a-w- j:\windows\system32\deployJava1.dll
2013-01-30 10:53 . 2010-07-08 10:55 232336 ------w- j:\windows\system32\MpSigStub.exe
2013-01-02 10:51 . 2013-01-02 10:51 74752 ----a-w- j:\windows\system32\RegisterIEPKEYs.exe
2013-01-02 10:51 . 2013-01-02 10:51 161792 ----a-w- j:\windows\system32\msls31.dll
2013-01-02 10:51 . 2013-01-02 10:51 110592 ----a-w- j:\windows\system32\IEAdvpack.dll
2013-01-02 10:51 . 2013-01-02 10:51 86528 ----a-w- j:\windows\system32\iesysprep.dll
2013-01-02 10:51 . 2013-01-02 10:51 76800 ----a-w- j:\windows\system32\SetIEInstalledDate.exe
2013-01-02 10:51 . 2013-01-02 10:51 74752 ----a-w- j:\windows\system32\iesetup.dll
2013-01-02 10:51 . 2013-01-02 10:51 63488 ----a-w- j:\windows\system32\tdc.ocx
2013-01-02 10:51 . 2013-01-02 10:51 48640 ----a-w- j:\windows\system32\mshtmler.dll
2013-01-02 10:51 . 2013-01-02 10:51 367104 ----a-w- j:\windows\system32\html.iec
2013-01-02 10:51 . 2013-01-02 10:51 35840 ----a-w- j:\windows\system32\imgutil.dll
2013-01-02 10:51 . 2013-01-02 10:51 23552 ----a-w- j:\windows\system32\licmgr10.dll
2013-01-02 10:51 . 2013-01-02 10:51 152064 ----a-w- j:\windows\system32\wextract.exe
2013-01-02 10:51 . 2013-01-02 10:51 150528 ----a-w- j:\windows\system32\iexpress.exe
2013-01-02 10:51 . 2013-01-02 10:51 11776 ----a-w- j:\windows\system32\mshta.exe
2013-01-02 10:51 . 2013-01-02 10:51 101888 ----a-w- j:\windows\system32\admparse.dll
2012-12-19 20:50 . 2012-09-28 02:22 5630200 ----a-w- j:\windows\system32\atiumdag.dll
2012-12-19 20:47 . 2012-12-19 20:47 9647104 ----a-w- j:\windows\system32\drivers\atikmdag.sys
2012-12-19 20:22 . 2012-12-19 20:22 58880 ----a-w- j:\windows\system32\coinst_9.012.dll
2012-12-19 20:19 . 2012-12-19 20:19 163840 ----a-w- j:\windows\system32\atiapfxx.exe
2012-12-19 20:18 . 2012-12-19 20:18 46080 ----a-w- j:\windows\system32\aticalrt.dll
2012-12-19 20:17 . 2012-12-19 20:17 44032 ----a-w- j:\windows\system32\aticalcl.dll
2012-12-19 20:13 . 2012-12-19 20:13 13703168 ----a-w- j:\windows\system32\aticaldd.dll
2012-12-19 20:12 . 2012-12-19 20:12 18982400 ----a-w- j:\windows\system32\atioglxx.dll
2012-12-19 20:09 . 2011-05-25 03:07 960512 ----a-w- j:\windows\system32\aticfx32.dll
2012-12-19 20:06 . 2011-05-25 02:58 6681088 ----a-w- j:\windows\system32\atidxx32.dll
2012-12-19 19:57 . 2012-09-28 01:39 442368 ----a-w- j:\windows\system32\atidemgy.dll
2012-12-19 19:56 . 2012-12-19 19:56 482304 ----a-w- j:\windows\system32\atieclxx.exe
2012-12-19 19:55 . 2012-12-19 19:55 219136 ----a-w- j:\windows\system32\atiesrxx.exe
2012-12-19 19:54 . 2012-12-19 19:54 163840 ----a-w- j:\windows\system32\atitmmxx.dll
2012-12-19 19:54 . 2012-12-19 19:54 20992 ----a-w- j:\windows\system32\atimuixx.dll
2012-12-19 19:54 . 2012-12-19 19:54 43520 ----a-w- j:\windows\system32\ati2edxx.dll
2012-12-19 19:44 . 2012-09-28 01:22 4162048 ----a-w- j:\windows\system32\atiumdva.dll
2012-12-19 19:33 . 2012-12-19 19:33 56832 ----a-w- j:\windows\system32\atimpc32.dll
2012-12-19 19:33 . 2012-12-19 19:33 56832 ----a-w- j:\windows\system32\amdpcom32.dll
2012-12-19 19:33 . 2012-09-28 01:13 421888 ----a-w- j:\windows\system32\atiadlxx.dll
2012-12-19 19:33 . 2012-12-19 19:33 14848 ----a-w- j:\windows\system32\atiglpxx.dll
2012-12-19 19:33 . 2012-12-19 19:33 33280 ----a-w- j:\windows\system32\atigktxx.dll
2012-12-19 19:32 . 2012-12-19 19:32 442368 ----a-w- j:\windows\system32\drivers\atikmpag.sys
2012-12-19 19:31 . 2011-05-25 02:24 109568 ----a-w- j:\windows\system32\atiuxpag.dll
2012-12-19 19:30 . 2012-06-11 16:24 83968 ----a-w- j:\windows\system32\atiu9pag.dll
2012-12-19 19:30 . 2012-12-19 19:30 53248 ----a-w- j:\windows\system32\drivers\ati2erec.dll
2012-12-19 14:45 . 2012-12-19 14:45 180224 ----a-w- j:\windows\system32\clinfo.exe
2012-12-19 14:44 . 2012-12-19 14:44 65536 ----a-w- j:\windows\system32\OpenVideo.dll
2012-12-19 14:44 . 2012-12-19 14:44 56320 ----a-w- j:\windows\system32\OVDecode.dll
2012-12-19 14:38 . 2012-12-19 14:38 28732928 ----a-w- j:\windows\system32\amdocl.dll
2012-12-19 14:34 . 2012-12-19 14:34 50176 ----a-w- j:\windows\system32\OpenCL.dll
2012-12-16 14:54 . 2010-10-13 18:38 138032 ----a-w- j:\windows\system32\drivers\PnkBstrK.sys
2012-12-16 14:54 . 2010-10-13 18:40 281688 ----a-w- j:\windows\system32\PnkBstrB.xtr
2012-12-16 14:54 . 2010-10-13 18:37 281688 ----a-w- j:\windows\system32\PnkBstrB.exe
2012-12-16 14:13 . 2012-12-20 19:22 295424 ----a-w- j:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-20 19:22 34304 ----a-w- j:\windows\system32\atmlib.dll
2012-12-12 22:41 . 2010-10-13 18:37 281688 ----a-w- j:\windows\system32\PnkBstrB.ex0
2012-12-07 12:26 . 2013-01-09 18:39 308736 ----a-w- j:\windows\system32\Wpc.dll
2012-12-07 12:20 . 2013-01-09 18:39 2576384 ----a-w- j:\windows\system32\gameux.dll
2012-12-07 10:46 . 2013-01-09 18:39 43520 ----a-w- j:\windows\system32\csrr.rs
2012-12-07 10:46 . 2013-01-09 18:39 30720 ----a-w- j:\windows\system32\usk.rs
2012-12-07 10:46 . 2013-01-09 18:39 45568 ----a-w- j:\windows\system32\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 18:39 44544 ----a-w- j:\windows\system32\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 18:39 20480 ----a-w- j:\windows\system32\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 18:38 23552 ----a-w- j:\windows\system32\oflc.rs
2012-12-07 10:46 . 2013-01-09 18:38 20480 ----a-w- j:\windows\system32\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 18:39 46592 ----a-w- j:\windows\system32\fpb.rs
2012-12-07 10:46 . 2013-01-09 18:39 20480 ----a-w- j:\windows\system32\pegi.rs
2012-12-07 10:46 . 2013-01-09 18:39 21504 ----a-w- j:\windows\system32\grb.rs
2012-12-07 10:46 . 2013-01-09 18:39 40960 ----a-w- j:\windows\system32\cob-au.rs
2012-12-07 10:46 . 2013-01-09 18:39 15360 ----a-w- j:\windows\system32\djctq.rs
2012-12-07 10:46 . 2013-01-09 18:38 55296 ----a-w- j:\windows\system32\cero.rs
2012-12-07 10:46 . 2013-01-09 18:38 51712 ----a-w- j:\windows\system32\esrb.rs
2012-12-04 12:18 . 2010-10-13 18:37 76888 ----a-w- j:\windows\system32\PnkBstrA.exe
2013-02-08 11:13 . 2013-02-08 11:12 262552 ----a-w- j:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
2012-06-11 14:22 1307728 ----a-w- j:\program files\Microsoft\BingBar\7.1.391.0\BingExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="j:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Steam"="j:\program files\Steam2\Steam.exe" [2013-02-25 1602984]
"HydraVisionDesktopManager"="j:\program files\ATI Technologies\HydraVision\HydraDM.exe" [2011-10-03 393216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="j:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Easy-PrintToolBox"="j:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600]
"CanonMyPrinter"="j:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-07-19 2567272]
"RIMBBLaunchAgent.exe"="j:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]
"MSC"="j:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
"LogMeIn Hamachi Ui"="j:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-12-10 2254768]
"StartCCC"="j:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"SunJavaUpdateSched"="j:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"="j:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-12-14 512360]
.
j:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - j:\program files\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
VPN Client.lnk - j:\windows\Installer\{14FCFE7C-AB86-428A-9D2E-BFB6F5A7AA6E}\Icon3E5562ED7.ico [2010-11-15 6144]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 BBSvc;BingBar Service;j:\program files\Microsoft\BingBar\7.1.391.0\BBSvc.exe [x]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;j:\program files\Lavasoft\Ad-Aware\AAWService.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;j:\windows\system32\Drivers\ssadadb.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);j:\windows\system32\DRIVERS\ssudbus.sys [x]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;j:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;j:\program files\McAfee Security Scan\3.0.318\McCHSvc.exe [x]
S0 Lbd;Lbd;j:\windows\system32\DRIVERS\Lbd.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;j:\windows\system32\atiesrxx.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;j:\program files\LogMeIn Hamachi\hamachi-2.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;j:\windows\system32\drivers\AtihdW73.sys [x]
S3 BBUpdate;BBUpdate;j:\program files\Microsoft\BingBar\7.1.391.0\SeaPort.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSL8259866C
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
GPSvcGroup REG_MULTI_SZ GPSvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-01 j:\windows\Tasks\Adobe Flash Player Updater.job
- j:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 23:15]
.
2013-03-01 j:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- j:\program files\Google\Update\GoogleUpdate.exe [2010-11-21 12:51]
.
2013-03-01 j:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- j:\program files\Google\Update\GoogleUpdate.exe [2010-11-21 12:51]
.
2013-02-23 j:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-143793042-2127241793-3012379221-1000Core.job
- j:\users\Tomo\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-12 12:51]
.
2013-03-01 j:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-143793042-2127241793-3012379221-1000UA.job
- j:\users\Tomo\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-12 12:51]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.daemon-search.com/startpage
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovať do programu Microsoft Excel - j:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - j:\users\Tomo\AppData\Roaming\Mozilla\Firefox\Profiles\xkka63rz.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://google.sk/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=827316&p=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-01-02 11:33; bkmrksync@nokia.com; j:\program files\Nokia\Nokia PC Suite 7\bkmrksync
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{9CB65206-89C4-402c-BA80-02D8C59F9B1D} - j:\program files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-03-02 00:49:03
ComboFix-quarantined-files.txt 2013-03-01 23:49
ComboFix2.txt 2008-09-09 20:59
.
Pre-Run: 41 943 089 152 bytes free
Post-Run: 49 343 336 448 bytes free
.
- - End Of File - - 06B706917ED17946087D33147C5BAAFF}

Dakujem

Zdravim.

Proc jste spoustel ComboFix?

Kdybyste si precetl pravidla fora http://forum.viry.cz/viewtopic.php?f=12&t=5601 , docetl byste se mimo jine toto

2. Před položením dotazu použijte tlačítko Hledat. Možná již někdo problém podobným Vašemu řešil. Pokud ale ve vyřešeném tématu budou aplikovány různé utility\aplikace, nespouštějte je. Utility se používají až na pokyn rádce, jelikož mohou mazat stopy po havěti a v rukou ne-oborníka může mít jejich použití nedozírné následky.

3. Zvláště utilitu ComboFix nespouštějte i když Vám ji poradil kamarád\nějaký rádoby odborný web. Naše fórum je jediné z CZ-SK antivirových fór, která mají právo luštit logy z ComboFixu a mámě též plnou podporu autora této utility a přístup k nejaktuálnějším informacím a návodům.

CF smaze veskere stopy pripadne nakazy. A ja ted muzu tak akorat varit z vody, jak se rika

Jste tady poprve, takze se na to zkusime podivat, ale pokud se to bude opakovat, bude pomoc odmitnuta.
A taky upozornuji, ze se to mozna protahne a vysledek vubec neni jisty.

Odinstalujte Ad-Aware. 2 Antiviry nemuzou bezet soucasne, perou se mezi sebou.

Dejte sem log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=105895

Ahoj,
Prepac ja viem ze som nevedel ako spravne postupovat. Som v tomto akosi novy. (noob)
Ad-Aware som odinstaloval.
Nechal som zbehnut ten programcek RSTI a tu je log zneho.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Tomo at 2013-03-02 12:45:09
Microsoft Windows 7 Professional Service Pack 1
System drive J: has 51 GB (21%) free of 238 GB
Total RAM: 2047 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:45:28, on 2. 3. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal

Running processes:
J:\Windows\system32\Dwm.exe
J:\Windows\system32\taskhost.exe
J:\Windows\Explorer.EXE
J:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
J:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
J:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
J:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
J:\Program Files\Common Files\Java\Java Update\jusched.exe
J:\Program Files\DAEMON Tools Lite\DTLite.exe
J:\Program Files\Steam2\steam.exe
J:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
J:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
J:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
J:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
J:\Windows\system32\taskmgr.exe
J:\Program Files\Microsoft Security Client\msseces.exe
J:\Windows\system32\taskhost.exe
J:\Program Files\Mozilla Firefox\firefox.exe
J:\Program Files\Mozilla Firefox\plugin-container.exe
J:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe
J:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe
J:\Windows\system32\SearchFilterHost.exe
J:\Users\Tomo\Downloads\RSIT.exe
J:\Program Files\trend micro\Tomo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - J:\Users\Tomo\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - J:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - J:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - J:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - J:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - J:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - J:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - J:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - J:\Users\Tomo\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - J:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - J:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - J:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - J:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - J:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - J:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - "J:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [GrooveMonitor] "J:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] J:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [CanonMyPrinter] J:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] J:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [MSC] "j:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "J:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [StartCCC] "J:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "J:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "J:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "J:\Program Files\Steam2\Steam.exe" -silent
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "J:\Program Files\ATI Technologies\HydraVision\HydraDM.exe"
O4 - Global Startup: McAfee Security Scan Plus.lnk = J:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://J:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - J:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - J:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - J:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - J:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - J:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: j:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: j:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} (RIM AxLoader) - http://mobileapps.blackberry.com/device ... Loader.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - J:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - J:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - J:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - J:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - J:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - J:\Windows\system32\atiesrxx.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - J:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - J:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - J:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - J:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB701\webserver\bin\win32\matlabserver.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - J:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - J:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - J:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - J:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - J:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - J:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - J:\Windows\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - J:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - J:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - J:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - J:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - J:\Program Files\RealVNC\VNC4\WinVNC4.exe

--
End of file - 9988 bytes

======Scheduled tasks folder======

J:\Windows\tasks\Ad-Aware Update (Weekly).job
J:\Windows\tasks\Adobe Flash Player Updater.job
J:\Windows\tasks\GoogleUpdateTaskMachineCore.job
J:\Windows\tasks\GoogleUpdateTaskMachineUA.job
J:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-143793042-2127241793-3012379221-1000Core.job
J:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-143793042-2127241793-3012379221-1000UA.job

=========Mozilla firefox=========

ProfilePath - J:\Users\Tomo\AppData\Roaming\Mozilla\Firefox\Profiles\xkka63rz.default

prefs.js - "browser.startup.homepage" - "http://google.sk/"
prefs.js - "extensions.enabledItems" - "firegestures@xuldev.org:1.6.1, QipCounter@qip.ru:1.0, {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1, DTToolbar@toolbarnet.com:1.1.2.0185, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =827316&p="

"bkmrksync@nokia.com"=J:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.171 Plugin
"Path"=J:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=J:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=J:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.15.2]
"Description"=Java™ Deployment Toolkit
"Path"=J:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=J:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=J:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=j:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=J:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=J:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@rim.com/npappworld]
"Description"=
"Path"=J:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0]
"Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers
"Path"=J:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=J:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=J:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=J:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

J:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}

J:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

J:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

J:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
yahoo.xml
zoznam-sk.xml

J:\Users\Tomo\AppData\Roaming\Mozilla\Firefox\Profiles\xkka63rz.default\extensions\
DTToolbar@toolbarnet.com
{32a1fd71-835e-4b11-8e54-886fda0b4c89}

J:\Users\Tomo\AppData\Roaming\Mozilla\Firefox\Profiles\xkka63rz.default\searchplugins\
daemon-search.xml
qip-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - J:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - J:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - J:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - J:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - J:\Program Files\Java\jre7\bin\ssv.dll [2013-03-01 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - J:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CB65201-89C4-402c-BA80-02D8C59F9B1D}]
Ask Search Assistant BHO - J:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - J:\Users\Tomo\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-06-10 149968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - J:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-02-11 1246600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - J:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - J:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-01 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - J:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{FE063DB9-4EC0-403e-8DD8-394C54984B2C} - Ask Toolbar - J:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL []
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - J:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-04-16 405504]
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - J:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=J:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Easy-PrintToolBox"=J:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]
"CanonMyPrinter"=J:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2011-07-19 2567272]
"RIMBBLaunchAgent.exe"=J:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2011-02-18 79192]
"MSC"=j:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]
"LogMeIn Hamachi Ui"=J:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2012-12-10 2254768]
"StartCCC"=J:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808]
"SunJavaUpdateSched"=J:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=J:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Steam"=J:\Program Files\Steam2\Steam.exe [2013-02-25 1602984]
"HydraVisionDesktopManager"=J:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [2011-10-03 393216]

J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - J:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
VPN Client.lnk - J:\Windows\Installer\{14FCFE7C-AB86-428A-9D2E-BFB6F5A7AA6E}\Icon3E5562ED7.ico

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=J:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=J:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - J:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-03-02 12:45:10 ----D---- J:\Program Files\trend micro
2013-03-02 12:45:09 ----D---- J:\rsit
2013-03-02 12:25:33 ----D---- J:\969194cb44416f3768ea7646b16605
2013-03-02 00:49:10 ----SHD---- J:\$RECYCLE.BIN
2013-03-02 00:49:04 ----D---- J:\Windows\temp
2013-03-02 00:49:03 ----A---- J:\ComboFix.txt
2013-03-02 00:29:43 ----A---- J:\Windows\zip.exe
2013-03-02 00:29:43 ----A---- J:\Windows\SWSC.exe
2013-03-02 00:29:43 ----A---- J:\Windows\SWREG.exe
2013-03-02 00:29:43 ----A---- J:\Windows\sed.exe
2013-03-02 00:29:43 ----A---- J:\Windows\PEV.exe
2013-03-02 00:29:43 ----A---- J:\Windows\NIRCMD.exe
2013-03-02 00:29:43 ----A---- J:\Windows\MBR.exe
2013-03-02 00:29:43 ----A---- J:\Windows\grep.exe
2013-03-02 00:20:37 ----D---- J:\Windows\erdnt
2013-03-02 00:05:14 ----A---- J:\Windows\system32\drivers\mbam.sys
2013-03-01 23:36:31 ----D---- J:\Program Files\Common Files\Adobe
2013-03-01 23:32:56 ----A---- J:\Windows\system32\npDeployJava1.dll
2013-03-01 23:32:56 ----A---- J:\Windows\system32\javaws.exe
2013-03-01 23:32:42 ----A---- J:\Windows\system32\WindowsAccessBridge.dll
2013-03-01 23:32:41 ----A---- J:\Windows\system32\javaw.exe
2013-03-01 23:32:41 ----A---- J:\Windows\system32\java.exe
2013-03-01 21:48:39 ----D---- J:\Users\Tomo\AppData\Roaming\Malwarebytes
2013-03-01 21:48:12 ----D---- J:\ProgramData\Malwarebytes
2013-03-01 21:48:09 ----D---- J:\Program Files\Malwarebytes' Anti-Malware
2013-02-22 16:00:54 ----D---- J:\ProgramData\Origin
2013-02-14 12:16:41 ----A---- J:\Windows\system32\mshtmled.dll
2013-02-14 12:16:40 ----A---- J:\Windows\system32\vbscript.dll
2013-02-14 12:16:40 ----A---- J:\Windows\system32\jsproxy.dll
2013-02-14 12:16:39 ----A---- J:\Windows\system32\msfeeds.dll
2013-02-14 12:16:39 ----A---- J:\Windows\system32\ieUnatt.exe
2013-02-14 12:16:39 ----A---- J:\Windows\system32\ieui.dll
2013-02-14 12:16:38 ----A---- J:\Windows\system32\wininet.dll
2013-02-14 12:16:38 ----A---- J:\Windows\system32\jscript9.dll
2013-02-14 12:16:38 ----A---- J:\Windows\system32\jscript.dll
2013-02-14 12:16:37 ----A---- J:\Windows\system32\url.dll
2013-02-14 12:16:37 ----A---- J:\Windows\system32\iertutil.dll
2013-02-14 12:16:36 ----A---- J:\Windows\system32\urlmon.dll
2013-02-14 12:16:35 ----A---- J:\Windows\system32\mshtml.dll
2013-02-14 12:16:34 ----A---- J:\Windows\system32\ieframe.dll
2013-02-14 09:43:37 ----A---- J:\Windows\system32\win32k.sys
2013-02-14 09:43:23 ----A---- J:\Windows\system32\ntkrnlpa.exe
2013-02-14 09:43:22 ----A---- J:\Windows\system32\ntoskrnl.exe
2013-02-14 09:43:21 ----A---- J:\Windows\system32\drivers\tcpip.sys
2013-02-14 09:43:20 ----A---- J:\Windows\system32\drivers\FWPKCLNT.SYS
2013-02-14 09:43:18 ----A---- J:\Windows\system32\winsrv.dll
2013-02-08 12:12:21 ----D---- J:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2013-03-02 12:45:10 ----RD---- J:\Program Files
2013-03-02 12:38:51 ----D---- J:\Windows\system32\config
2013-03-02 12:31:15 ----D---- J:\Windows\Prefetch
2013-03-02 12:30:59 ----SHD---- J:\Windows\Installer
2013-03-02 12:30:57 ----D---- J:\Config.Msi
2013-03-02 12:30:11 ----D---- J:\Windows
2013-03-02 12:30:08 ----D---- J:\Windows\system32\catroot
2013-03-02 12:30:07 ----D---- J:\Windows\system32\drivers
2013-03-02 12:30:00 ----D---- J:\Program Files\Microsoft Security Client
2013-03-02 12:29:11 ----SHD---- J:\System Volume Information
2013-03-02 12:23:54 ----D---- J:\Windows\System32
2013-03-02 12:23:53 ----DC---- J:\Windows\system32\DRVSTORE
2013-03-02 12:09:06 ----D---- J:\Program Files\Steam2
2013-03-02 12:05:27 ----D---- J:\Windows\Tasks
2013-03-02 00:49:05 ----D---- J:\QooBox
2013-03-02 00:45:24 ----A---- J:\Windows\system.ini
2013-03-02 00:45:18 ----D---- J:\Windows\system32\drivers\etc
2013-03-02 00:40:01 ----D---- J:\Windows\AppPatch
2013-03-02 00:40:00 ----D---- J:\Program Files\Common Files
2013-03-02 00:15:32 ----A---- J:\Windows\system32\FlashPlayerApp.exe
2013-03-01 23:56:22 ----D---- J:\Program Files\Warcraft III
2013-03-01 23:37:13 ----D---- J:\ProgramData\Adobe
2013-03-01 23:36:31 ----D---- J:\Program Files\Adobe
2013-03-01 23:33:29 ----D---- J:\Program Files\Common Files\Java
2013-03-01 23:32:15 ----A---- J:\Windows\system32\deployJava1.dll
2013-03-01 23:32:11 ----D---- J:\Program Files\Java
2013-03-01 23:13:08 ----D---- J:\Users\Tomo\AppData\Roaming\Mozilla
2013-03-01 23:04:14 ----D---- J:\Windows\system32\Tasks
2013-03-01 22:58:24 ----D---- J:\Windows\winsxs
2013-03-01 22:58:24 ----D---- J:\Windows\system32\wfp
2013-03-01 22:58:21 ----D---- J:\Windows\system32\wbem
2013-03-01 22:57:07 ----D---- J:\Windows\system32\en-US
2013-03-01 22:57:07 ----D---- J:\Windows\system32\DriverStore
2013-03-01 22:57:07 ----D---- J:\Windows\system32\catroot2
2013-03-01 22:57:07 ----D---- J:\Windows\rescache
2013-03-01 22:57:03 ----D---- J:\Windows\inf
2013-03-01 22:57:03 ----D---- J:\Windows\AppCompat
2013-03-01 22:57:00 ----D---- J:\ProgramData\McAfee Security Scan
2013-03-01 22:56:57 ----D---- J:\Program Files\Mozilla Maintenance Service
2013-03-01 22:55:44 ----D---- J:\Windows\registration
2013-03-01 22:54:43 ----D---- J:\ProgramData
2013-03-01 22:54:13 ----D---- J:\BJPrinter
2013-02-22 16:39:22 ----D---- J:\ProgramData\Electronic Arts
2013-02-16 13:45:31 ----RSD---- J:\Windows\assembly
2013-02-16 13:45:31 ----D---- J:\Windows\Microsoft.NET
2013-02-15 23:29:59 ----D---- J:\Program Files\Diablo III
2013-02-14 12:24:09 ----D---- J:\Windows\system32\migration
2013-02-14 12:24:09 ----D---- J:\Program Files\Internet Explorer
2013-02-14 12:19:47 ----A---- J:\Windows\system32\MRT.exe
2013-02-14 12:19:26 ----D---- J:\ProgramData\Microsoft Help
2013-02-14 12:14:08 ----A---- J:\Windows\system32\PerfStringBackup.INI
2013-02-11 20:16:38 ----D---- J:\Program Files\McAfee Security Scan

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; J:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 195296]
R0 pciide;pciide; J:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; J:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; J:\Windows\System32\Drivers\sptd.sys [2010-07-08 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; J:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; J:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\J:\Windows\system32\Drivers\CVPNDRVA.sys [2007-07-16 306299]
R2 NisDrv;Microsoft Network Inspection System; J:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 100328]
R2 NPF;NetGroup Packet Filter Driver; J:\Windows\system32\drivers\npf.sys [2010-06-25 35088]
R2 Parvdm;Parvdm; J:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; J:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 9647104]
R3 amdkmdap;amdkmdap; J:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 442368]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; J:\Windows\system32\drivers\AtihdW73.sys [2012-11-06 84992]
R3 DNE;Deterministic Network Enhancer Miniport; J:\Windows\system32\DRIVERS\dne2000.sys [2007-01-31 127376]
R3 hamachi;Hamachi Network Interface; J:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 MBAMProtector;MBAMProtector; \??\J:\Windows\system32\drivers\mbam.sys [2012-12-14 21104]
R3 MTsensor;ATK0110 ACPI UTILITY; J:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 RimVSerPort;RIM Virtual Serial Port v2; J:\Windows\system32\DRIVERS\RimSerial.sys [2009-01-09 27136]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; J:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 8192]
R3 RTL8167;Realtek 8167 NT Driver; J:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
S3 a5k04qz2;a5k04qz2; J:\Windows\system32\drivers\a5k04qz2.sys []
S3 aic78xx;aic78xx; J:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; J:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; J:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 30312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; J:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; J:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\J:\Users\Tomo\AppData\Local\Temp\catchme.sys []
S3 CVirtA;Cisco Systems VPN Adapter; J:\Windows\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); J:\Windows\system32\DRIVERS\ssudbus.sys [2012-02-15 80824]
S3 fssfltr;FssFltr; J:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 39272]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\J:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; J:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; J:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; J:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RDPDR;Terminal Server Device Redirector Driver; J:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; J:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RimUsb;BlackBerry Smartphone; J:\Windows\System32\Drivers\RimUsb.sys [2011-02-16 64000]
S3 s3cap;s3cap; J:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; J:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); J:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); J:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; J:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); J:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 114280]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); J:\Windows\system32\DRIVERS\ssudmdm.sys [2012-02-15 181432]
S3 storvsc;storvsc; J:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; J:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 upperdev;upperdev; J:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbser;USB Modem Driver; J:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; J:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 viaagp;VIA AGP Bus Filter; J:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; J:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; J:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; J:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; J:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AMD External Events Utility;AMD External Events Utility; J:\Windows\system32\atiesrxx.exe [2012-12-19 219136]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; J:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 CVPND;Cisco Systems, Inc. VPN Service; J:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2007-07-16 1524512]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; J:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 1435568]
R2 MBAMService;MBAMService; J:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R2 MBAMScheduler;MBAMScheduler; J:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
R2 MsMpSvc;Microsoft Antimalware Service; j:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; J:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]
R2 nvsvc;NVIDIA Display Driver Service; J:\Windows\system32\nvvsvc.exe [2010-07-09 129640]
R2 PnkBstrA;PnkBstrA; J:\Windows\system32\PnkBstrA.exe [2012-12-04 76888]
R2 WinVNC4;VNC Server Version 4; J:\Program Files\RealVNC\VNC4\WinVNC4.exe [2008-10-15 439632]
R2 wlidsvc;Windows Live ID Sign-in Assistant; J:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 AppMgmt;@appmgmts.dll,-3250; J:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 BBUpdate;BBUpdate; J:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
R3 NisSrv;@j:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; j:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 295232]
S2 BBSvc;BingBar Service; J:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; J:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); J:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-21 136176]
S2 matlabserver;MATLAB Server; C:\MATLAB701\webserver\bin\win32\matlabserver.exe [2004-08-16 536576]
S2 SkypeUpdate;Skype Updater; J:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; J:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-02 251248]
S3 gupdatem;Služba Google Update (gupdatem); J:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-21 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service; J:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; J:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; J:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-02-08 115608]
S3 odserv;Microsoft Office Diagnostics Service; J:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; J:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; J:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; J:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); J:\Program Files\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 ServiceLayer;ServiceLayer; J:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S3 Steam Client Service;Steam Client Service; J:\Program Files\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; J:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; J:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; J:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-09 1343400]

-----------------EOF-----------------

DAKUJEM ti za pomoc

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Search a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde J:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

31.3.2013 pro neaktivitu

http://forum.viry.cz/viewtopic.php?f=12&t=123975

VIRY.CZ

Spomaleny pocitac, vysoke CPU a Memory

Spomaleny pocitac, vysoke CPU a Memory

Re: Spomaleny pocitac, vysoke CPU a Memory

Re: Spomaleny pocitac, vysoke CPU a Memory

Re: Spomaleny pocitac, vysoke CPU a Memory