Procesor někdy na 100%, využití RAM nestabilní

Zpráva

blackpuffle · #1 Příspěvek od **blackpuffle** » 12 pro 2012 14:53

Zdravím. Od včerejška mi blbne Procesor a RAM. Někdy mám využití všech 4 procesorů na 100% (zjištěno pomocí osobního programu) a RAM je nestabilní (+- 5% - z 8 GB to dělá cca 409,6 MB), což je dost. Přikládám zde logy z HijackThis a ComboFix (oboje jelo v normálním režimu, když byl procesor a RAM nestabilní).
HijakThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:09:04, on 12.12.2012
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
D:\Programy\uTorrent\uTorrent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\Programy\HijackThis\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O4 - HKCU\..\Run: [uTorrent] "D:\Programy\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-21-757641336-1295543811-1564917729-1000\..\Run: [uTorrent] "D:\Programy\uTorrent\uTorrent.exe" /MINIMIZED (User '?')
O4 - HKUS\S-1-5-21-757641336-1295543811-1564917729-1000\..\Run: [AdobeBridge] (User '?')
O4 - HKUS\S-1-5-21-757641336-1295543811-1564917729-1000\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (User '?')
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O10 - Unknown file in Winsock LSP: d:\programy\wmware player\vsocklib.dll
O10 - Unknown file in Winsock LSP: d:\programy\wmware player\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - D:\Programy\WMware player\vmware-ufad.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: US_ApacheS1 - Apache Software Foundation - D:\Programy\UniServer\usr\local\apache2\bin\httpd1.exe
O23 - Service: US_MySQLS1 - Unknown owner - D:\Programy\UniServer\usr\local\mysql\bin\mysqld1.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - D:\Programy\WMware player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD SmartWare Drive Manager Service (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 10024 bytes

blackpuffle · #2 Příspěvek od **blackpuffle** » 12 pro 2012 14:53

ComboFix:
ComboFix 12-12-10.01 - Slavca 12.12.2012 14:14:47.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8094.5675 [GMT 1:00]
Spuštěný z: d:\profil\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\premieropinion
c:\program files (x86)\premieropinion\asmcf.dat
c:\program files (x86)\premieropinion\nscf.dat
c:\users\Slavca\AppData\Roaming\java_u.jar
c:\users\Slavca\AppData\Roaming\sqlite.jar
c:\windows\system\actualspy.lnk
c:\windows\SysWow64\msvfd32.exe
c:\windows\SysWow64\update
c:\windows\SysWow64\update\diablo121016.cl
c:\windows\SysWow64\update\diakgcn121016.cl
c:\windows\SysWow64\update\igfxupdate.exe
c:\windows\SysWow64\update\libcurl-4.dll
c:\windows\SysWow64\update\libeay32.dll
c:\windows\SysWow64\update\libidn-11.dll
c:\windows\SysWow64\update\libusb-1.0.dll
c:\windows\SysWow64\update\phatk121016.cl
c:\windows\SysWow64\update\poclbm121016.cl
c:\windows\SysWow64\update\poclbm121016Intel(R) HD Graphics 4000gv1w256l4.bin
c:\windows\SysWow64\update\pthreadGC2.dll
c:\windows\SysWow64\update\scrypt121016.cl
c:\windows\SysWow64\update\ssleay32.dll
c:\windows\SysWow64\update\zlib1.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-11-12 do 2012-12-12 )))))))))))))))))))))))))))))))
.
.
2012-12-12 13:26 . 2012-12-12 13:26 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-12-12 13:26 . 2012-12-12 13:26 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-12-12 13:26 . 2012-12-12 13:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-11 23:49 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E980822C-849E-48FC-9628-2A664BD376D4}\mpengine.dll
2012-12-11 11:24 . 2012-12-08 16:21 269824 ----a-w- c:\windows\SysWow64\igfxupdate.exe
2012-12-10 12:06 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-10 11:08 . 2012-12-11 17:20 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-12-10 11:08 . 2012-12-10 11:08 -------- d-----w- c:\users\Slavca\AppData\Local\PunkBuster
2012-12-10 11:08 . 2012-12-10 11:08 -------- d-----w- c:\programdata\Orbit
2012-12-10 11:06 . 2012-12-11 17:18 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-12-10 11:06 . 2012-12-12 13:00 -------- d-----w- c:\program files (x86)\Ubisoft
2012-12-09 15:46 . 2012-12-09 15:46 -------- d-----w- c:\users\Slavca\AppData\Local\GameMaker8.1
2012-12-09 12:18 . 2012-12-09 12:18 -------- d-----w- c:\users\Slavca\AppData\Local\Activision
2012-12-08 14:07 . 2012-12-08 16:21 410112 ----a-w- c:\windows\system32\taskhost.rs
2012-12-08 14:07 . 2012-12-08 16:21 307712 ----a-w- c:\windows\system32\SearchIndexer.dll
2012-12-08 14:07 . 2012-12-08 16:21 269824 ----a-w- c:\windows\system32\SearchEngine.rs
2012-12-07 11:45 . 2012-12-07 11:45 -------- d-----w- c:\users\Slavca\AppData\Local\Programs
2012-12-04 10:54 . 2012-12-04 10:54 -------- d-----w- c:\users\Slavca\AppData\Roaming\dist8
2012-12-02 09:31 . 2012-12-02 09:31 -------- d-----w- c:\users\Slavca\AppData\Local\YoYo_Games_Ltd
2012-12-02 09:31 . 2012-12-02 09:31 -------- d-----w- c:\users\Slavca\AppData\Local\GameMaker-Studio
2012-12-02 09:28 . 2012-12-11 21:06 -------- d-----w- c:\users\Slavca\AppData\Roaming\GameMaker-Studio
2012-11-28 12:01 . 2012-11-28 12:01 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7B71B647-CF88-4505-9451-D305F6E14829}\gapaengine.dll
2012-11-28 05:10 . 2012-11-29 18:53 -------- d-----w- c:\users\Slavca\AppData\Local\Skyrim
2012-11-27 18:44 . 2012-11-27 18:44 -------- d-----w- c:\programdata\Conexant
2012-11-27 18:44 . 2012-11-27 18:44 -------- d-----w- c:\users\Slavca\AppData\Local\Conexant
2012-11-27 17:18 . 2012-11-27 17:18 -------- d-----w- C:\Záloha
2012-11-26 18:38 . 2012-11-26 18:39 -------- d-----w- c:\users\Slavca\AppData\Local\Oblivion
2012-11-25 21:02 . 2012-11-25 21:02 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-11-24 20:48 . 2009-03-18 15:35 33856 ---ha-w- c:\windows\system32\hamachi.sys
2012-11-24 20:26 . 2012-11-24 20:26 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-11-24 13:31 . 2012-11-28 22:12 -------- d-----w- c:\programdata\Tarma Installer
2012-11-24 13:31 . 2012-11-24 13:31 -------- d-----w- c:\program files (x86)\Anon
2012-11-23 20:39 . 2012-11-23 20:39 -------- d-----w- c:\program files (x86)\NCT
2012-11-23 20:13 . 2012-11-23 20:13 -------- d-----w- c:\users\Slavca\AppData\Roaming\Reallusion
2012-11-23 20:11 . 2012-11-23 20:11 75 --sh--r- c:\windows\CT6PRET.BIN
2012-11-23 20:10 . 2012-11-23 20:10 -------- d-----w- c:\programdata\Reallusion
2012-11-23 20:10 . 2012-11-23 20:10 -------- d-----w- c:\program files (x86)\Reallusion
2012-11-23 20:10 . 2012-11-23 20:10 -------- d-----w- c:\program files (x86)\Common Files\Reallusion
2012-11-22 21:42 . 2012-11-22 21:42 -------- d-----w- c:\programdata\Advanced Chemistry Development
2012-11-19 23:24 . 2012-11-19 23:24 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-11-19 23:24 . 2012-11-19 23:24 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-11-19 18:46 . 2012-11-19 18:46 -------- d-----w- c:\programdata\Energy Management
2012-11-19 17:16 . 2012-12-08 14:00 -------- d-----w- c:\users\Slavca\AppData\Local\SKIDROW
2012-11-17 13:49 . 2012-11-17 13:50 -------- d-----w- c:\users\Slavca\AppData\Roaming\Mumble
2012-11-17 13:49 . 2012-11-17 13:49 -------- d-----w- c:\users\Slavca\AppData\Local\Mumble
2012-11-17 09:54 . 2002-12-03 02:10 158208 ----a-w- c:\windows\SysWow64\NCTTextToAudio.dll
2012-11-17 09:54 . 2002-12-03 02:02 491520 ----a-w- c:\windows\SysWow64\NCTAudioFile.dll
2012-11-17 09:54 . 2002-03-19 06:18 120832 ----a-w- c:\windows\SysWow64\lame_enc.dll
2012-11-17 09:27 . 2012-11-17 09:27 -------- d-----w- c:\users\Slavca\AppData\Roaming\Screaming Bee
2012-11-17 09:26 . 2012-11-17 09:27 -------- d-----w- c:\programdata\Screaming Bee
2012-11-17 09:02 . 2012-12-07 22:46 -------- d-----w- c:\users\Slavca\AppData\Roaming\Audacity
2012-11-15 11:31 . 2012-11-15 11:30 289768 ----a-w- c:\windows\system32\javaws.exe
2012-11-15 11:30 . 2012-11-15 11:30 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-11-15 11:30 . 2012-11-15 11:30 189416 ----a-w- c:\windows\system32\javaw.exe
2012-11-15 11:30 . 2012-11-15 11:30 188904 ----a-w- c:\windows\system32\java.exe
2012-11-15 11:28 . 2012-11-15 11:30 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-15 11:28 . 2012-11-15 11:30 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-11-15 09:05 . 2007-01-01 19:03 40960 ----a-r- c:\windows\SysWow64\psfind.dll
2012-11-15 09:02 . 2006-02-07 14:44 65024 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe
2012-11-15 09:02 . 2012-11-15 09:02 331908 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
2012-11-15 09:02 . 2012-11-15 09:02 200836 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
2012-11-15 09:02 . 2006-02-07 14:45 757760 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
2012-11-15 09:02 . 2006-02-07 14:40 204800 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
2012-11-15 09:02 . 2006-02-07 14:40 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
2012-11-15 09:02 . 2006-02-07 14:40 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
2012-11-15 09:02 . 2005-11-13 22:19 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2012-11-14 20:21 . 2012-11-14 20:21 -------- d-----w- c:\users\Slavca\AppData\Roaming\Xfire
2012-11-14 16:01 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2012-11-14 16:01 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-14 16:01 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-14 16:01 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-14 15:51 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-14 15:51 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-14 15:51 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-14 15:51 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-14 15:51 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-14 15:51 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-14 15:51 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-14 12:20 . 2012-11-29 18:43 -------- d-----w- c:\users\Slavca\AppData\Local\LogMeIn Hamachi
2012-11-14 10:28 . 2012-10-03 17:56 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-11-14 10:28 . 2012-10-03 17:44 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-11-14 10:28 . 2012-10-03 17:44 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-11-14 10:28 . 2012-10-03 17:44 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-11-14 10:28 . 2012-10-03 17:44 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-11-14 10:28 . 2012-10-03 17:42 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-11-14 10:28 . 2012-10-03 16:42 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-11-14 10:28 . 2012-10-03 16:42 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-11-14 10:28 . 2012-10-03 16:07 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-11-14 10:28 . 2012-01-13 07:12 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2012-11-14 10:28 . 2012-10-03 17:44 18944 ----a-w- c:\windows\system32\netevent.dll
2012-11-14 10:28 . 2012-10-03 16:42 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-11-14 10:26 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-11-14 10:26 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-11-14 10:26 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-11-14 10:26 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-11-14 10:26 . 2012-10-18 18:25 3149824 ----a-w- c:\windows\system32\win32k.sys
2012-11-14 09:55 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-11-14 09:55 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2012-11-14 09:47 . 2012-11-14 10:17 -------- d-----w- c:\programdata\PopCap Games
2012-11-13 18:38 . 2012-11-13 18:38 -------- d-----w- c:\users\Slavca\AppData\Roaming\Tunngle
2012-11-13 18:38 . 2012-11-13 18:38 -------- d-----w- c:\programdata\Tunngle
2012-11-13 18:38 . 2009-09-16 06:02 31232 ----a-w- c:\windows\system32\drivers\tap0901t.sys
2012-11-13 18:34 . 2012-11-13 18:34 -------- d-----w- c:\users\Slavca\AppData\Roaming\Hamachi
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-14 15:52 . 2012-10-07 14:03 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-10-30 17:13 . 2012-10-30 17:13 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-30 17:13 . 2012-10-09 12:34 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-30 17:13 . 2012-10-09 12:34 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-10-21 16:26 . 2012-10-21 16:26 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-10-17 05:16 . 2012-10-17 05:16 24920 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2012-10-16 08:38 . 2012-11-27 23:21 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-27 23:21 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-27 23:21 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-13 21:43 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-10-13 21:43 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-10-10 01:22 . 2012-10-10 01:22 80384 ----a-w- c:\windows\system32\igdde64.dll
2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc
2012-10-10 01:22 . 2012-10-10 01:22 21818368 ----a-w- c:\windows\SysWow64\igdfcl32.dll
2012-10-10 01:22 . 2012-10-10 01:22 216064 ----a-w- c:\windows\system32\iglhcp64.dll
2012-10-10 01:22 . 2012-10-10 01:22 180224 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2012-10-10 01:22 . 2012-10-10 01:22 5903392 ----a-w- c:\windows\system32\GfxUI.exe
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc
2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrhun.lrc
2012-10-10 01:22 . 2012-10-10 01:22 3776512 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll
2012-10-10 01:22 . 2012-10-10 01:22 27438080 ----a-w- c:\windows\system32\igdfcl64.dll
2012-10-10 01:22 . 2012-10-10 01:22 64512 ----a-w- c:\windows\SysWow64\igdde32.dll
2012-10-10 01:22 . 2012-10-10 01:22 501760 ----a-w- c:\windows\system32\igfxcmrt64.dll
2012-10-10 01:22 . 2012-10-10 01:22 439296 ----a-w- c:\windows\system32\igfxrrus.lrc
2012-10-10 01:22 . 2012-10-10 01:22 431104 ----a-w- c:\windows\system32\igfxrkor.lrc
2012-10-10 01:22 . 2012-10-10 01:22 410624 ----a-w- c:\windows\system32\igfxTMM.dll
2012-10-10 01:22 . 2012-10-10 01:22 27664896 ----a-w- c:\windows\system32\igdrcl64.dll
2012-10-10 01:22 . 2012-10-10 01:22 110592 ----a-w- c:\windows\system32\hccutils.dll
2012-10-10 01:22 . 2012-03-19 21:22 12836864 ----a-w- c:\windows\system32\igd10umd64.dll
2012-10-10 01:22 . 2012-10-10 01:22 598780 ----a-w- c:\windows\system32\igvpkrng700.bin
2012-10-10 01:22 . 2012-10-10 01:22 330240 ----a-w- c:\windows\SysWow64\igfxdv32.dll
2012-10-10 01:22 . 2012-10-10 01:22 12604416 ----a-w- c:\windows\system32\igdumd64.dll
2012-10-10 01:22 . 2012-10-10 01:22 56832 ----a-w- c:\windows\system32\Intel_OpenCL_ICD64.dll
2012-10-10 01:22 . 2012-10-10 01:22 441888 ----a-w- c:\windows\system32\igfxpers.exe
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc
2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc
2012-10-10 01:22 . 2012-10-10 01:22 3582976 ----a-w- c:\windows\system32\igdbcl64.dll
2012-10-10 01:22 . 2012-10-10 01:22 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2012-10-10 01:22 . 2012-05-16 05:26 56832 ----a-w- c:\windows\system32\OpenCL.dll
2012-10-10 01:22 . 2012-10-10 01:22 9007616 ----a-w- c:\windows\system32\igfxress.dll
2012-10-10 01:22 . 2012-10-10 01:22 63488 ----a-w- c:\windows\system32\igfxsrvc.dll
2012-10-10 01:22 . 2012-10-10 01:22 5343584 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2012-10-10 01:22 . 2012-10-10 01:22 448512 ----a-w- c:\windows\SysWow64\igfx11cmrt32.dll
2012-10-10 01:22 . 2012-10-10 01:22 441856 ----a-w- c:\windows\system32\igfxdev.dll
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrnld.lrc
2012-10-10 01:22 . 2012-10-10 01:22 399392 ----a-w- c:\windows\system32\hkcmd.exe
2012-10-10 01:22 . 2012-10-10 01:22 241664 ----a-w- c:\windows\system32\IntelOpenCL64.dll
2012-10-10 01:22 . 2012-10-10 01:22 195584 ----a-w- c:\windows\SysWow64\IntelOpenCL32.dll
2012-10-10 01:22 . 2012-10-10 01:22 126976 ----a-w- c:\windows\system32\igfxcpl.cpl
2012-10-10 01:22 . 2012-10-10 01:22 116224 ----a-w- c:\windows\system32\igfxCoIn_v2867.dll
2012-10-10 01:22 . 2012-10-10 01:22 604160 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2012-10-10 01:22 . 2012-10-10 01:22 4571136 ----a-w- c:\windows\system32\igfxcmjit64.dll
2012-10-10 01:22 . 2012-10-10 01:22 439808 ----a-w- c:\windows\system32\igfxresn.lrc
2012-10-10 01:22 . 2012-10-10 01:22 439296 ----a-w- c:\windows\system32\igfxrrom.lrc
2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrsve.lrc
2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrslv.lrc
2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrnor.lrc
2012-10-10 01:22 . 2012-10-10 01:22 437248 ----a-w- c:\windows\system32\igfxrdan.lrc
2012-10-10 01:22 . 2012-10-10 01:22 2899968 ----a-w- c:\windows\SysWow64\igdbcl32.dll
2012-10-10 01:22 . 2012-10-10 01:22 277024 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
2012-10-10 01:22 . 2012-10-10 01:22 185376 ----a-w- c:\windows\system32\difx64.exe
2012-10-10 01:22 . 2012-10-10 01:22 173568 ----a-w- c:\windows\system32\gfxSrvc.dll
2012-10-10 01:22 . 2012-10-10 01:22 435712 ----a-w- c:\windows\system32\igfxrheb.lrc
2012-10-10 01:22 . 2012-10-10 01:22 429056 ----a-w- c:\windows\system32\igfxrcht.lrc
2012-10-10 01:22 . 2012-10-10 01:22 171040 ----a-w- c:\windows\system32\igfxtray.exe
2012-10-10 01:22 . 2012-10-10 01:22 11158528 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2012-10-10 01:22 . 2012-10-10 01:22 56320 ----a-w- c:\windows\SysWow64\Intel_OpenCL_ICD32.dll
2012-10-10 01:22 . 2012-10-10 01:22 509984 ----a-w- c:\windows\system32\igfxsrvc.exe
2012-10-10 01:22 . 2012-10-10 01:22 440320 ----a-w- c:\windows\system32\igfxrell.lrc
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrptg.lrc
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrplk.lrc
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrita.lrc
2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrfin.lrc
2012-10-10 01:22 . 2012-10-10 01:22 437248 ----a-w- c:\windows\system32\igfxrtha.lrc
2012-10-10 01:22 . 2012-10-10 01:22 428544 ----a-w- c:\windows\system32\igfxrchs.lrc
2012-10-10 01:22 . 2012-10-10 01:22 286208 ----a-w- c:\windows\system32\igfxrenu.lrc
2012-10-10 01:22 . 2012-10-10 01:22 27643904 ----a-w- c:\windows\SysWow64\igdrcl32.dll
2012-10-10 01:22 . 2012-10-10 01:22 142336 ----a-w- c:\windows\system32\igfxdo.dll
2012-10-10 01:22 . 2012-05-16 05:26 56320 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-10-10 01:22 . 2012-10-10 01:22 8579584 ----a-w- c:\windows\SysWow64\ig7icd32.dll
2012-10-10 01:22 . 2012-10-10 01:22 482304 ----a-w- c:\windows\system32\igfx11cmrt64.dll
2012-10-10 01:22 . 2012-10-10 01:22 386048 ----a-w- c:\windows\system32\igfxpph.dll
2012-10-10 01:22 . 2012-10-10 01:22 11595776 ----a-w- c:\windows\system32\ig7icd64.dll
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrsky.lrc
2012-10-10 01:22 . 2012-10-10 01:22 435712 ----a-w- c:\windows\system32\igfxrara.lrc
2012-10-10 01:22 . 2012-10-10 01:22 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc
2012-10-10 01:22 . 2012-10-10 01:22 28672 ----a-w- c:\windows\system32\igfxexps.dll
2012-10-10 01:22 . 2012-10-10 01:22 252448 ----a-w- c:\windows\system32\igfxext.exe
2012-10-10 01:22 . 2012-05-16 05:26 11040256 ----a-w- c:\windows\SysWow64\igdumd32.dll
2012-10-10 01:22 . 2012-10-10 01:22 9728 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2012-10-10 01:22 . 2012-10-10 01:22 755048 ----a-w- c:\windows\system32\igcodeckrng700.bin
2012-10-10 01:22 . 2012-10-10 01:22 439808 ----a-w- c:\windows\system32\igfxrfra.lrc
2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrptb.lrc
2012-10-09 22:07 . 2012-10-09 22:07 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-10-09 11:52 . 2012-10-20 22:39 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-10-08 09:42 . 2012-10-08 09:42 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-10-08 09:42 . 2012-10-08 09:42 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-08 09:42 . 2012-10-08 09:42 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-08 09:42 . 2012-10-08 09:42 26331496 ----a-w- c:\windows\system32\nvoglv64.dll
2012-10-08 09:42 . 2012-10-08 09:42 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Slavca\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Slavca\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Slavca\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="d:\programy\uTorrent\uTorrent.exe" [2012-12-10 969104]
"AdobeBridge"="" [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 fgilwkky;fgilwkky;c:\windows\system32\drivers\fgilwkky.sys [x]
R1 glmptuam;glmptuam;c:\windows\system32\drivers\glmptuam.sys [x]
R1 MpKsl16667cce;MpKsl16667cce;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E980822C-849E-48FC-9628-2A664BD376D4}\MpKsl16667cce.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2012-04-28 36480]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2012-02-02 134696]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2012-04-28 341120]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2012-04-28 111232]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2012-04-28 168064]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2012-04-28 68736]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2012-04-28 281472]
R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2012-02-02 615976]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 CV2K1;CommView Network Monitor;c:\windows\system32\DRIVERS\cv2k1.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys [2011-11-15 313960]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2012-08-07 35112]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-07 1255736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-02-27 16152]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2012-10-07 39008]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-10-09 283200]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2012-04-28 119424]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe [2010-12-17 198784]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-28 161560]
S2 SearchIndexer;Search Indexer;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-28 363800]
S2 US_ApacheS1;US_ApacheS1;d:\programy\UniServer\usr\local\apache2\bin\httpd1.exe [2012-08-18 22016]
S2 US_MySQLS1;US_MySQLS1;d:\programy\UniServer\usr\local\mysql\bin\mysqld1.exe [2012-09-29 8197120]
S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [2011-03-25 81008]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-03-25 539248]
S2 WDDMService;WD SmartWare Drive Manager Service;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-01-21 130048]
S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-04-28 163456]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2012-10-07 30816]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2012-04-28 30848]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-01-28 31088]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2012-01-15 208168]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-02-27 356120]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-02-27 788760]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2012-03-02 104048]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [2009-11-25 38992]
S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys [2011-12-06 952832]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-07 12:01]
.
2012-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-07 12:01]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 97792 ----a-w- c:\users\Slavca\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 97792 ----a-w- c:\users\Slavca\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 97792 ----a-w- c:\users\Slavca\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 97792 ----a-w- c:\users\Slavca\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
SearchIndexer
SearchIndexer
SearchIndexer
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyServer = http=
LSP: d:\programy\WMware player\vsocklib.dll
TCP: DhcpNameServer = 46.253.96.67 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-757641336-1295543811-1564917729-1000\Software\SecuROM\License information*]
"datasecu"=hex:95,f7,ff,34,e4,21,2b,2d,5a,80,9d,65,d9,8f,7a,b6,57,60,de,af,22,
cf,2a,2a,3a,13,86,25,e8,c8,6b,5f,2f,86,a9,f6,34,be,62,33,04,42,64,1e,48,ae,\
"rkeysecu"=hex:e2,8a,5c,b8,a0,a1,60,0d,b8,51,ab,5c,7c,2f,cd,02
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\vmnat.exe
c:\windows\SysWOW64\vmnetdhcp.exe
d:\programy\WMware player\vmware-authd.exe
c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files\lenovo\lenovo solution center\lsc.exe
.
**************************************************************************
.
Celkový čas: 2012-12-12 14:42:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-12-12 13:42
.
Před spuštěním: Volných bajtů: 105 783 214 080
Po spuštění: Volných bajtů: 105 996 513 280
.
- - End Of File - - FB1389131D81AFD38F6AF424C39E41C1

#3 Příspěvek od **JaRon** » 12 pro 2012 15:03

jamamoto Ty vie japonsky

,,, a CF pouzivas aj ked nevies, co moze vykonat

pouzi navod:
1/ spusť Správce úloh (Task manager) a nech spuštěný - kombinace Ctrl+Alt+Delete nebo Ctrl+Shift+Esc
2/ najdi "C:\Windows\SysWOW64\igfxupdate.exe" smaž ho
3/ Start -> Spustit - napiš services.msc -> Enter
4/ najdi službu Search Indexer -> klik pravým -> na roletce kde je "Automatic" změň na "Disable" ("Zakázáno")
5/ restartuj
6/ Start -> Spustit - napiš cmd -> klik pravým - spustit jako Administrátor (Run as an Administrator)
7/ do černého okna napiš sc delete SearchIndexer -> Enter

ak nieco nenajdes pokracuj dalsim krokom

blackpuffle · #4 Příspěvek od **blackpuffle** » 12 pro 2012 15:15

Vše uděláno, jak jste mi napsal. Úspěšně se SearchIndexer ostranil. Je to o něco lepší. Ještě jsem si všiml, že mi HDD pořád pracuje, i když nic nedělám (jakoby vrže, nevím jak ten zvuk popsat

)
Přikládám zde Screen Procesoru a Ramky.

: screen.png (140.32 KiB) Zobrazeno 4300 x

Japonsky neumím, proč?
CF jsem použil, protože když jsem se minule ptal ohledně BSOD, tak jste chtěli log. Napadlo mě, že by jste ho mohli chtít znova. Co jsem udělal špatně popř. co tedy ten CF umí? Abych chybu neopakoval.
SearchIndexer uměl co a ten soubor, co jsem měl odstranil byl k čemu?

#5 Příspěvek od **JaRon** » 12 pro 2012 15:22

bol to smejd, ale ciste to este nemas

prescanuj PC s MBAM - uplna kontrola

blackpuffle · #6 Příspěvek od **blackpuffle** » 12 pro 2012 15:25

Našel jsem: http://forum.viry.cz/viewtopic.php?t=115222
Jakou kontrolu mám spustit, až to nainstaluju?

tuvok07 · #7 Příspěvek od **tuvok07** » 12 pro 2012 15:37

Jaron psal že úplnou

blackpuffle · #8 Příspěvek od **blackpuffle** » 12 pro 2012 16:04

MG jsem slepý

.. Každopádně úplná kontrola jede už 26 minut a to jsem pořád na C: (zabráno 51,5 GB) Doufám, že nebude dlouho trvat D: (zabráno 400 GB)..

blackpuffle · #9 Příspěvek od **blackpuffle** » 12 pro 2012 16:38

Zde je log:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.65.1.1000
www.malwarebytes.org

Verze databáze: v2012.12.12.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Slavca :: ANONYM-PC [administrátor]

Ochrana: Povolena

12.12.2012 15:36:56
mbam-log-2012-12-12 (16-37-35).txt

Typ: Úplná kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 445370
Uplynulý čas: 53 minut, 21 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 4
C:\Qoobox\Quarantine\C\Windows\SysWOW64\msvfd32.exe.vir (Trojan.Clicker.CT) -> Žádná instrukce nebyla provedena.
D:\Programy\Cain & Abel\Abel.exe (HackTool.Cain) -> Žádná instrukce nebyla provedena.
D:\Programy\Cain & Abel\Abel64.exe (HackTool.Cain) -> Žádná instrukce nebyla provedena.
D:\Programy\Cain & Abel\Cain.exe (PUP.Passwordtool.Cain) -> Žádná instrukce nebyla provedena.

(konec)

#10 Příspěvek od **JaRon** » 12 pro 2012 16:56

najdene nechaj odstranit v MBAM - restart a napis ci su nejake problemy

ak ano vloz log RSIT - pozriem ho rano

blackpuffle · #11 Příspěvek od **blackpuffle** » 12 pro 2012 17:05

Zdá se mi to o hodně lepší. Ntb už není tak teplý jak byl. Ale občas se mi zdá, že větráček z ničeho nic zvýší frekvenci, i když nic nedělám.
Log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Slavca at 2012-12-12 17:02:20
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 101 GB (66%) free of 154 GB
Total RAM: 8094 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:02:28, on 12.12.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
D:\Programy\Malwarebytes' Anti-Malware\mbamgui.exe
D:\Programy\uTorrent\uTorrent.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Slavca.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O4 - HKCU\..\Run: [uTorrent] "D:\Programy\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-21-757641336-1295543811-1564917729-1000\..\Run: [uTorrent] "D:\Programy\uTorrent\uTorrent.exe" /MINIMIZED (User '?')
O4 - HKUS\S-1-5-21-757641336-1295543811-1564917729-1000\..\Run: [AdobeBridge] (User '?')
O4 - HKUS\S-1-5-21-757641336-1295543811-1564917729-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-21-757641336-1295543811-1564917729-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O10 - Unknown file in Winsock LSP: d:\programy\wmware player\vsocklib.dll
O10 - Unknown file in Winsock LSP: d:\programy\wmware player\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - D:\Programy\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Programy\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - D:\Programy\WMware player\vmware-ufad.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: US_ApacheS1 - Apache Software Foundation - D:\Programy\UniServer\usr\local\apache2\bin\httpd1.exe
O23 - Service: US_MySQLS1 - Unknown owner - D:\Programy\UniServer\usr\local\mysql\bin\mysqld1.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - D:\Programy\WMware player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD SmartWare Drive Manager Service (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 10073 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
taskeng.exe {4C436254-C4E8-4942-BF46-65A7894CE2A6}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
C:\Windows\system32\CxAudMsg64.exe
C:\Windows\Explorer.EXE
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"D:\Programy\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"D:\Programy\Malwarebytes' Anti-Malware\mbamservice.exe"
C:\Windows\System32\tcpsvcs.exe
"D:\Programy\UniServer\usr\local\apache2\bin\httpd1.exe" -k runservice
"D:\Programy\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
D:\Programy\UniServer\usr\local\mysql\bin\mysqld1.exe --defaults-file=D:\Programy\UniServer\usr\local\mysql\my.ini US_MySQLS1
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe"
C:\Windows\SysWOW64\vmnat.exe
"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe"
D:\Programy\UniServer\usr\local\apache2\bin\httpd1.exe -d D:/Programy/UniServer/usr/local/apache2 -f D:\Programy\UniServer\usr\local\apache2\conf\httpd.conf
"C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"D:\Programy\WMware player\vmware-authd.exe"
C:\Windows\SysWOW64\vmnetdhcp.exe
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"D:\Programy\uTorrent\uTorrent.exe" /MINIMIZED
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
taskeng.exe {1DA7E25F-3792-486E-AACC-54BA8CE7D8E7}
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/9/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_25/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="1372.0.1686477977\206807670" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1372.1.1693119554\748978487" --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2867 --ignored=" --type=renderer " /prefetch:12
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/9/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_25/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/ --extension-process --renderer-print-preview --channel="1372.2.1111740452\1601033081" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/9/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_25/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/ --extension-process --renderer-print-preview --channel="1372.3.6719564\1441789015" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Slavca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\mgHelperGCFB.dll" --lang=cs --channel="1372.4.1930579064\967664893" /prefetch:4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/9/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_25/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="1372.5.1782802022\1631338516" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/9/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_25/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="1372.6.678777398\899967585" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="1372.7.349307490\852022141" --lang=cs --ignored=" --type=renderer " /prefetch:13
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\sppsvc.exe
"D:\Profil\Plocha\Dokumenty\Programy\RSITx64.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - D:\Programy\LibreOffice 3\bin\ssv.dll [2012-11-15 537576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Programy\LibreOffice 3\bin\jp2ssv.dll [2012-11-15 193512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-10-30 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-04-28 52352]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-10-30 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2012-09-12 1289704]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-10-10 171040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-10-10 399392]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-10-10 441888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=D:\Programy\uTorrent\uTorrent.exe [2012-12-10 969104]
"AdobeBridge"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\331BigDog]
C:\Program Files (x86)\USB Camera\VM331_STI.EXE [2011-11-24 548864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
C:\Program Files (x86)\Bluetooth Suite\athbttray.exe [2012-04-28 801920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
C:\Program Files (x86)\Bluetooth Suite\btvstack.exe [2012-04-28 1022592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Auto Hide IP]
D:\Programy\AutoHideIP\AutoHideIP.exe [2010-05-31 2436952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cAudioFilterAgent]
C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2011-12-15 564352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ComplexWebServer]
D:\programy\ComplexWebServer\bin\ServiceDirect.exe /RUNHIDE /CONF=D:\programy\ComplexWebServer\bin\ServiceDirect.conf []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\Programy\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dolby Advanced Audio v2]
C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2011-12-20 507744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Energy Management]
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-10-07 8079408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EnergyUtility]
C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-10-07 6202416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDCtrl]
C:\Program Files\Elantech\ETDCtrl.exe [2012-01-16 2809856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hide IP Easy]
D:\Programy\HideIPEasy\HideIPEasy.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hide IP Platinum]
D:\Programy\Hide IP Platinum\hideippla.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2012-10-10 399392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-11-29 284440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2012-10-10 171040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LockKey]
C:\Program Files (x86)\LockKey\LockKey.exe [2011-08-25 337776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Oracle Java]
C:\Windows\system32\javaw.exe [2012-11-15 189416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2012-10-10 441888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17420464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartAudio]
C:\Program Files\CONEXANT\SAII\SACpl.exe [2011-12-06 1654400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sweetpacks Communicator]
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePRCShortCut]
C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-13 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB3MON]
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-02-27 291608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeriFaceManager]
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia]
D:\Programy\Tor\Vidalia\vidalia.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMware hqtray]
D:\Programy\WMware player\hqtray.exe [2011-03-25 64112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirage]
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-28 136488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Tray]
C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [2011-01-28 228448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\Lenovo\BLUETO~1\BTTray.exe [2012-02-01 1380128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WDDMStatus.lnk]
C:\PROGRA~1\WESTER~1\WDSMAR~1\WDDRIV~1\WDDMST~1.EXE [2010-01-21 2119488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WDSmartWare.lnk]
C:\PROGRA~2\WESTER~1\WDSMAR~1\FRONTP~1\WDSMAR~1.EXE [2010-01-21 9136960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Slavca^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Slavca\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-05-24 27112840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Slavca^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk]
D:\Programy\Xfire\Xfire.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-10-10 441856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"midi3"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-12-12 17:02:21 ----D---- C:\Program Files\trend micro
2012-12-12 17:02:20 ----D---- C:\rsit
2012-12-12 15:29:18 ----D---- C:\Users\Slavca\AppData\Roaming\Malwarebytes
2012-12-12 15:29:09 ----D---- C:\ProgramData\Malwarebytes
2012-12-12 15:29:07 ----A---- C:\Windows\system32\drivers\mbam.sys
2012-12-12 14:42:14 ----A---- C:\ComboFix.txt
2012-12-12 14:29:17 ----D---- C:\$RECYCLE.BIN
2012-12-12 14:11:49 ----A---- C:\Windows\zip.exe
2012-12-12 14:11:49 ----A---- C:\Windows\SWSC.exe
2012-12-12 14:11:49 ----A---- C:\Windows\SWREG.exe
2012-12-12 14:11:49 ----A---- C:\Windows\sed.exe
2012-12-12 14:11:49 ----A---- C:\Windows\PEV.exe
2012-12-12 14:11:49 ----A---- C:\Windows\NIRCMD.exe
2012-12-12 14:11:49 ----A---- C:\Windows\MBR.exe
2012-12-12 14:11:49 ----A---- C:\Windows\grep.exe
2012-12-11 21:59:14 ----D---- C:\Windows\Minidump
2012-12-10 21:52:52 ----D---- C:\Windows\SYSWOW64\directx
2012-12-10 12:08:17 ----D---- C:\ProgramData\Orbit
2012-12-10 12:06:19 ----D---- C:\Program Files (x86)\Ubisoft
2012-12-08 15:07:47 ----A---- C:\Windows\system32\SearchIndexer.dll
2012-12-08 15:07:47 ----A---- C:\Windows\system32\SearchEngine.dat
2012-12-04 11:54:45 ----D---- C:\Users\Slavca\AppData\Roaming\dist8
2012-12-02 10:28:06 ----D---- C:\Users\Slavca\AppData\Roaming\GameMaker-Studio
2012-11-27 19:44:55 ----D---- C:\ProgramData\Conexant
2012-11-27 18:18:40 ----D---- C:\Záloha
2012-11-24 21:58:16 ----A---- C:\Windows\SYSWOW64\pncrt.dll
2012-11-24 21:48:09 ----AH---- C:\Windows\system32\hamachi.sys
2012-11-24 21:44:56 ----D---- C:\Windows\system32\drivers\zh-TW
2012-11-24 21:44:56 ----D---- C:\Windows\system32\drivers\zh-CN
2012-11-24 21:44:56 ----D---- C:\Windows\system32\drivers\tr-TR
2012-11-24 21:44:56 ----D---- C:\Windows\system32\drivers\th-TH
2012-11-24 21:44:56 ----D---- C:\Windows\system32\drivers\sv-SE
2012-11-24 21:44:56 ----D---- C:\Windows\system32\drivers\ru-RU
2012-11-24 21:44:56 ----D---- C:\Windows\system32\drivers\ro-RO
2012-11-24 21:44:56 ----D---- C:\Windows\system32\drivers\pt-PT
2012-11-24 21:44:56 ----D---- C:\Windows\system32\drivers\pt-BR
2012-11-24 21:44:56 ----D---- C:\Windows\system32\drivers\pl-PL
2012-11-24 21:44:56 ----D---- C:\Windows\system32\drivers\nl-NL
2012-11-24 21:44:56 ----D---- C:\Windows\system32\drivers\nb-NO
2012-11-24 21:44:56 ----D---- C:\Windows\system32\drivers\ko-KR
2012-11-24 21:44:56 ----D---- C:\Windows\system32\drivers\ja-JP
2012-11-24 21:44:56 ----D---- C:\Windows\system32\drivers\it-IT
2012-11-24 21:44:56 ----D---- C:\Windows\system32\drivers\hu-HU
2012-11-24 21:44:56 ----D---- C:\Windows\system32\drivers\he-IL
2012-11-24 21:44:56 ----D---- C:\Windows\system32\drivers\fr-FR
2012-11-24 21:44:56 ----D---- C:\Windows\system32\drivers\fi-FI
2012-11-24 21:44:56 ----D---- C:\Windows\system32\drivers\es-ES
2012-11-24 21:44:56 ----D---- C:\Windows\system32\drivers\el-GR
2012-11-24 21:44:56 ----D---- C:\Windows\system32\drivers\de-DE
2012-11-24 21:44:56 ----D---- C:\Windows\system32\drivers\da-DK
2012-11-24 21:44:56 ----D---- C:\Windows\system32\drivers\ar-SA
2012-11-24 21:44:56 ----D---- C:\Program Files (x86)\Windows Virtual PC
2012-11-24 21:01:40 ----A---- C:\Windows\system32\vpchbuspipe.dll
2012-11-24 21:01:33 ----A---- C:\Windows\system32\drivers\vpchbus.sys
2012-11-24 21:01:33 ----A---- C:\Windows\system32\drivers\vpcusb.sys
2012-11-24 21:01:31 ----A---- C:\Windows\SYSWOW64\vmsal.exe
2012-11-24 21:01:31 ----A---- C:\Windows\system32\VPCWizard.exe
2012-11-24 21:01:31 ----A---- C:\Windows\system32\VPCSettings.exe
2012-11-24 21:01:31 ----A---- C:\Windows\system32\vpc.exe
2012-11-24 21:01:31 ----A---- C:\Windows\system32\VMWindow.exe
2012-11-24 21:01:31 ----A---- C:\Windows\system32\vmsal.exe
2012-11-24 21:01:31 ----A---- C:\Windows\system32\VMCPropertyHandler.dll
2012-11-24 21:01:31 ----A---- C:\Windows\system32\drivers\vpcvmm.sys
2012-11-24 21:01:31 ----A---- C:\Windows\system32\drivers\vpcnfltr.sys
2012-11-24 14:31:43 ----D---- C:\ProgramData\Tarma Installer
2012-11-24 14:31:30 ----D---- C:\Program Files (x86)\Anon
2012-11-23 21:39:15 ----D---- C:\Program Files (x86)\NCT
2012-11-23 21:13:22 ----D---- C:\Users\Slavca\AppData\Roaming\Reallusion
2012-11-23 21:10:55 ----D---- C:\ProgramData\Reallusion
2012-11-23 21:10:26 ----D---- C:\Program Files (x86)\Reallusion
2012-11-22 22:42:26 ----D---- C:\ProgramData\Advanced Chemistry Development
2012-11-19 19:46:17 ----D---- C:\ProgramData\Energy Management
2012-11-17 14:49:40 ----D---- C:\Users\Slavca\AppData\Roaming\Mumble
2012-11-17 10:54:14 ----A---- C:\Windows\SYSWOW64\NCTTextToAudio.dll
2012-11-17 10:54:14 ----A---- C:\Windows\SYSWOW64\NCTAudioFile.dll
2012-11-17 10:54:14 ----A---- C:\Windows\SYSWOW64\lame_enc.dll
2012-11-17 10:27:45 ----D---- C:\Users\Slavca\AppData\Roaming\Screaming Bee
2012-11-17 10:26:37 ----D---- C:\ProgramData\Screaming Bee
2012-11-17 10:02:27 ----D---- C:\Users\Slavca\AppData\Roaming\Audacity
2012-11-15 12:31:02 ----A---- C:\Windows\system32\javaws.exe
2012-11-15 12:30:56 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2012-11-15 12:30:56 ----A---- C:\Windows\system32\javaw.exe
2012-11-15 12:30:56 ----A---- C:\Windows\system32\java.exe
2012-11-15 12:28:46 ----A---- C:\Windows\system32\deployJava1.dll
2012-11-15 12:28:45 ----A---- C:\Windows\system32\npDeployJava1.dll
2012-11-15 10:05:56 ----RA---- C:\Windows\SYSWOW64\psfind.dll
2012-11-14 21:21:34 ----D---- C:\Users\Slavca\AppData\Roaming\Xfire
2012-11-14 17:01:47 ----A---- C:\Windows\system32\Wdfres.dll
2012-11-14 17:01:47 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2012-11-14 17:01:47 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2012-11-14 16:55:51 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-11-14 16:55:51 ----A---- C:\Windows\system32\mshtmled.dll
2012-11-14 16:55:50 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-11-14 16:55:50 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-11-14 16:55:50 ----A---- C:\Windows\system32\ieui.dll
2012-11-14 16:55:49 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-11-14 16:55:49 ----A---- C:\Windows\SYSWOW64\url.dll
2012-11-14 16:55:49 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-11-14 16:55:49 ----A---- C:\Windows\system32\url.dll
2012-11-14 16:55:49 ----A---- C:\Windows\system32\ieUnatt.exe
2012-11-14 16:55:48 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-11-14 16:55:48 ----A---- C:\Windows\system32\urlmon.dll
2012-11-14 16:55:48 ----A---- C:\Windows\system32\msfeeds.dll
2012-11-14 16:55:48 ----A---- C:\Windows\system32\jscript9.dll
2012-11-14 16:55:47 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-11-14 16:55:47 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-11-14 16:55:47 ----A---- C:\Windows\system32\wininet.dll
2012-11-14 16:55:47 ----A---- C:\Windows\system32\jsproxy.dll
2012-11-14 16:55:46 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-11-14 16:55:46 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-11-14 16:55:46 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-11-14 16:55:46 ----A---- C:\Windows\system32\vbscript.dll
2012-11-14 16:55:46 ----A---- C:\Windows\system32\jscript.dll
2012-11-14 16:55:46 ----A---- C:\Windows\system32\iertutil.dll
2012-11-14 16:55:44 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-11-14 16:55:44 ----A---- C:\Windows\system32\mshtml.dll
2012-11-14 16:55:43 ----A---- C:\Windows\system32\ieframe.dll
2012-11-14 16:55:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-11-14 16:51:19 ----A---- C:\Windows\system32\WUDFSvc.dll
2012-11-14 16:51:19 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2012-11-14 16:51:19 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2012-11-14 16:51:18 ----A---- C:\Windows\system32\WUDFPlatform.dll
2012-11-14 16:51:16 ----A---- C:\Windows\system32\WUDFx.dll
2012-11-14 16:51:16 ----A---- C:\Windows\system32\WUDFHost.exe
2012-11-14 16:51:16 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2012-11-14 11:28:21 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-11-14 11:28:20 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2012-11-14 11:28:20 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2012-11-14 11:28:20 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2012-11-14 11:28:20 ----A---- C:\Windows\system32\nlasvc.dll
2012-11-14 11:28:20 ----A---- C:\Windows\system32\nlaapi.dll
2012-11-14 11:28:20 ----A---- C:\Windows\system32\netcorehc.dll
2012-11-14 11:28:20 ----A---- C:\Windows\system32\ncsi.dll
2012-11-14 11:28:20 ----A---- C:\Windows\system32\iphlpsvc.dll
2012-11-14 11:28:20 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2012-11-14 11:28:19 ----A---- C:\Windows\SYSWOW64\netevent.dll
2012-11-14 11:28:19 ----A---- C:\Windows\system32\netevent.dll
2012-11-14 11:26:49 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2012-11-14 11:26:49 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2012-11-14 11:26:49 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2012-11-14 11:26:49 ----A---- C:\Windows\system32\dhcpcore6.dll
2012-11-14 11:26:47 ----A---- C:\Windows\system32\win32k.sys
2012-11-14 10:55:57 ----A---- C:\Windows\SYSWOW64\synceng.dll
2012-11-14 10:55:57 ----A---- C:\Windows\system32\synceng.dll
2012-11-14 10:47:03 ----D---- C:\ProgramData\PopCap Games
2012-11-13 19:44:38 ----A---- C:\Windows\SYSWOW64\Access.dat
2012-11-13 19:38:16 ----D---- C:\Users\Slavca\AppData\Roaming\Tunngle
2012-11-13 19:38:16 ----D---- C:\ProgramData\Tunngle
2012-11-13 19:38:10 ----A---- C:\Windows\system32\drivers\tap0901t.sys
2012-11-13 19:34:09 ----D---- C:\Users\Slavca\AppData\Roaming\Hamachi

======List of files/folders modified in the last 1 month======

2012-12-12 17:02:21 ----RD---- C:\Program Files
2012-12-12 17:02:18 ----D---- C:\Windows\temp
2012-12-12 17:02:01 ----A---- C:\Windows\SYSWOW64\log.txt
2012-12-12 17:00:07 ----D---- C:\Users\Slavca\AppData\Roaming\uTorrent
2012-12-12 16:59:47 ----D---- C:\ProgramData\VMware
2012-12-12 16:58:28 ----D---- C:\Users\Slavca\AppData\Roaming\AIMP3
2012-12-12 15:29:09 ----D---- C:\ProgramData
2012-12-12 15:29:07 ----D---- C:\Windows\system32\drivers
2012-12-12 15:07:38 ----D---- C:\Windows\system32\config
2012-12-12 15:05:08 ----D---- C:\Windows\SysWOW64
2012-12-12 14:42:24 ----D---- C:\Qoobox
2012-12-12 14:29:29 ----D---- C:\Windows
2012-12-12 14:29:29 ----A---- C:\Windows\system.ini
2012-12-12 14:29:16 ----D---- C:\Windows\system32\drivers\etc
2012-12-12 14:27:06 ----D---- C:\Windows\erdnt
2012-12-12 14:23:00 ----RD---- C:\Program Files (x86)
2012-12-12 14:21:56 ----D---- C:\Windows\system
2012-12-12 14:18:01 ----D---- C:\Windows\SYSWOW64\drivers
2012-12-12 14:18:01 ----D---- C:\Windows\AppPatch
2012-12-12 14:18:00 ----D---- C:\Program Files (x86)\Common Files
2012-12-12 14:00:53 ----RSD---- C:\Windows\assembly
2012-12-12 14:00:17 ----SHD---- C:\Windows\Installer
2012-12-12 14:00:00 ----SHD---- C:\System Volume Information
2012-12-12 13:59:00 ----D---- C:\Windows\Tasks
2012-12-12 13:59:00 ----D---- C:\Windows\system32\Tasks
2012-12-11 22:11:22 ----AD---- C:\Windows\System32
2012-12-11 22:08:14 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-12-11 22:06:24 ----D---- C:\Windows\Prefetch
2012-12-11 22:04:07 ----D---- C:\Program Files (x86)\VstPlugins
2012-12-11 22:01:12 ----D---- C:\Windows\pss
2012-12-11 22:00:58 ----D---- C:\Users\Slavca\AppData\Roaming\Dropbox
2012-12-11 12:26:05 ----D---- C:\Programy
2012-12-10 19:54:12 ----D---- C:\Users\Slavca\AppData\Roaming\Skype
2012-12-10 12:06:28 ----D---- C:\Windows\system32\LogFiles
2012-12-09 16:41:24 ----D---- C:\Users\Slavca\AppData\Roaming\Mikrotik
2012-12-09 13:04:51 ----D---- C:\Windows\Logs
2012-12-08 15:09:12 ----D---- C:\Users\Slavca\AppData\Roaming\Publish Providers
2012-12-08 15:07:42 ----D---- C:\Users\Slavca\AppData\Roaming\PSpad
2012-12-08 15:02:18 ----D---- C:\Users\Slavca\AppData\Roaming\AutoHideIP
2012-12-08 14:49:03 ----D---- C:\Users\Slavca\AppData\Roaming\vlc
2012-12-08 14:02:46 ----D---- C:\Users\Slavca\AppData\Roaming\Macromedia
2012-12-07 16:46:18 ----D---- C:\Users\Slavca\AppData\Roaming\Lenovo
2012-12-04 11:55:08 ----D---- C:\Windows\LiveKernelReports
2012-12-02 12:02:30 ----D---- C:\ProgramData\Adobe
2012-12-02 10:31:07 ----SD---- C:\Users\Slavca\AppData\Roaming\Microsoft
2012-12-01 14:25:12 ----D---- C:\Windows\system32\catroot2
2012-11-28 23:04:09 ----D---- C:\Windows\rescache
2012-11-28 03:00:43 ----D---- C:\Windows\winsxs
2012-11-28 00:17:54 ----D---- C:\Windows\system32\catroot
2012-11-26 21:58:16 ----D---- C:\Program Files (x86)\Google
2012-11-25 16:47:05 ----D---- C:\Windows\inf
2012-11-25 16:47:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-24 21:45:00 ----D---- C:\Windows\SYSWOW64\zh-TW
2012-11-24 21:45:00 ----D---- C:\Windows\SYSWOW64\zh-CN
2012-11-24 21:45:00 ----D---- C:\Windows\SYSWOW64\tr-TR
2012-11-24 21:45:00 ----D---- C:\Windows\SYSWOW64\th-TH
2012-11-24 21:45:00 ----D---- C:\Windows\SYSWOW64\sv-SE
2012-11-24 21:45:00 ----D---- C:\Windows\SYSWOW64\ru-RU
2012-11-24 21:45:00 ----D---- C:\Windows\SYSWOW64\ro-RO
2012-11-24 21:45:00 ----D---- C:\Windows\SYSWOW64\pt-PT
2012-11-24 21:45:00 ----D---- C:\Windows\SYSWOW64\pt-BR
2012-11-24 21:45:00 ----D---- C:\Windows\SYSWOW64\pl-PL
2012-11-24 21:45:00 ----D---- C:\Windows\SYSWOW64\nl-NL
2012-11-24 21:45:00 ----D---- C:\Windows\SYSWOW64\nb-NO
2012-11-24 21:45:00 ----D---- C:\Windows\SYSWOW64\ko-KR
2012-11-24 21:45:00 ----D---- C:\Windows\SYSWOW64\ja-JP
2012-11-24 21:45:00 ----D---- C:\Windows\SYSWOW64\it-IT
2012-11-24 21:45:00 ----D---- C:\Windows\SYSWOW64\hu-HU
2012-11-24 21:45:00 ----D---- C:\Windows\SYSWOW64\he-IL
2012-11-24 21:45:00 ----D---- C:\Windows\SYSWOW64\fr-FR
2012-11-24 21:45:00 ----D---- C:\Windows\SYSWOW64\fi-FI
2012-11-24 21:45:00 ----D---- C:\Windows\SYSWOW64\es-ES
2012-11-24 21:45:00 ----D---- C:\Windows\SYSWOW64\en-US
2012-11-24 21:45:00 ----D---- C:\Windows\SYSWOW64\el-GR
2012-11-24 21:45:00 ----D---- C:\Windows\SYSWOW64\de-DE
2012-11-24 21:45:00 ----D---- C:\Windows\SYSWOW64\da-DK
2012-11-24 21:45:00 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-11-24 21:45:00 ----D---- C:\Windows\SYSWOW64\ar-SA
2012-11-24 21:45:00 ----D---- C:\Windows\system32\zh-TW
2012-11-24 21:45:00 ----D---- C:\Windows\system32\tr-TR
2012-11-24 21:45:00 ----D---- C:\Windows\system32\pt-PT
2012-11-24 21:45:00 ----D---- C:\Windows\system32\pt-BR
2012-11-24 21:45:00 ----D---- C:\Windows\system32\nl-NL
2012-11-24 21:45:00 ----D---- C:\Windows\system32\ja-JP
2012-11-24 21:45:00 ----D---- C:\Windows\system32\it-IT
2012-11-24 21:45:00 ----D---- C:\Windows\system32\fr-FR
2012-11-24 21:45:00 ----D---- C:\Windows\system32\fi-FI
2012-11-24 21:45:00 ----D---- C:\Windows\system32\el-GR
2012-11-24 21:45:00 ----D---- C:\Windows\system32\de-DE
2012-11-24 21:44:59 ----D---- C:\Windows\system32\ro-RO
2012-11-24 21:44:59 ----D---- C:\Windows\system32\nb-NO
2012-11-24 21:44:59 ----D---- C:\Windows\system32\ko-KR
2012-11-24 21:44:59 ----D---- C:\Windows\system32\en-US
2012-11-24 21:44:59 ----D---- C:\Windows\system32\drivers\en-US
2012-11-24 21:44:59 ----D---- C:\Windows\system32\drivers\cs-CZ
2012-11-24 21:44:59 ----D---- C:\Windows\system32\da-DK
2012-11-24 21:44:59 ----D---- C:\Windows\system32\cs-CZ
2012-11-24 21:44:59 ----D---- C:\Windows\system32\ar-SA
2012-11-24 21:44:58 ----D---- C:\Windows\system32\th-TH
2012-11-24 21:44:58 ----D---- C:\Windows\system32\pl-PL
2012-11-24 21:44:58 ----D---- C:\Windows\system32\hu-HU
2012-11-24 21:44:57 ----D---- C:\Windows\system32\zh-CN
2012-11-24 21:44:57 ----D---- C:\Windows\system32\sv-SE
2012-11-24 21:44:57 ----D---- C:\Windows\system32\ru-RU
2012-11-24 21:44:57 ----D---- C:\Windows\system32\he-IL
2012-11-24 21:44:57 ----D---- C:\Windows\system32\es-ES
2012-11-24 21:44:56 ----D---- C:\Windows\system32\DriverStore
2012-11-24 13:35:20 ----D---- C:\Users\Slavca\AppData\Roaming\VMware
2012-11-23 12:22:23 ----D---- C:\Windows\system32\wdi
2012-11-21 19:29:22 ----D---- C:\Windows\debug
2012-11-19 18:38:37 ----D---- C:\Windows\Microsoft.NET
2012-11-15 12:18:52 ----D---- C:\Windows\ShellNew
2012-11-15 12:18:12 ----RSD---- C:\Windows\Fonts
2012-11-14 20:35:47 ----SD---- C:\ProgramData\Microsoft
2012-11-14 17:11:58 ----D---- C:\Windows\SYSWOW64\NV
2012-11-14 17:11:57 ----D---- C:\Windows\system32\NV
2012-11-14 17:11:56 ----D---- C:\ProgramData\NVIDIA
2012-11-14 17:09:27 ----D---- C:\Windows\system32\wbem
2012-11-14 17:09:26 ----D---- C:\Windows\SYSWOW64\migration
2012-11-14 17:09:26 ----D---- C:\Windows\system32\migration
2012-11-14 17:09:26 ----D---- C:\Program Files\Internet Explorer
2012-11-14 17:09:26 ----D---- C:\Program Files (x86)\Internet Explorer
2012-11-14 16:59:57 ----D---- C:\Program Files\NVIDIA Corporation
2012-11-14 16:55:36 ----D---- C:\Program Files (x86)\Intel
2012-11-14 16:52:17 ----A---- C:\Windows\system32\MRT.exe
2012-11-13 20:13:09 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-11-29 568600]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-02-27 16152]
R0 LHDmgr;LHDmgr; C:\Windows\System32\DRIVERS\LhdX64.sys [2012-10-07 39008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-08-30 228768]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-10-07 560184]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-10-09 283200]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2009-07-22 66304]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2009-07-22 358144]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2011-03-25 38512]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R2 vmci;VMware vmci; \??\C:\Windows\system32\drivers\vmci.sys [2011-03-25 81008]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2011-03-25 45104]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2011-03-25 30320]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2011-03-25 68720]
R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\D:\Programy\WMware player\vstor2-ws60.sys [2010-08-19 32816]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2012-10-07 30816]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2012-04-28 30848]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2011-01-28 31088]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2012-01-31 1601152]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-01-15 208168]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-10-10 5343584]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-02-27 356120]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-02-27 788760]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2012-03-02 104048]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-09-29 25928]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 ScreamBAudioSvc;ScreamBee Audio; C:\Windows\system32\drivers\ScreamingBAudio64.sys [2009-11-26 38992]
R3 vm331avs;Digital Camera 1; C:\Windows\System32\Drivers\vm331avs.sys [2011-12-06 952832]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2011-03-25 31856]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2009-07-22 187904]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2009-07-22 95232]
S1 fgilwkky;fgilwkky; \??\C:\Windows\system32\drivers\fgilwkky.sys []
S1 glmptuam;glmptuam; \??\C:\Windows\system32\drivers\glmptuam.sys []
S1 MpKsl16667cce;MpKsl16667cce; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E980822C-849E-48FC-9628-2A664BD376D4}\MpKsl16667cce.sys []
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2012-04-28 36480]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2012-02-02 134696]
S3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-10-27 4746304]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2012-04-28 341120]
S3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2012-04-28 111232]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2012-04-28 168064]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2012-04-28 68736]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2012-04-28 281472]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2012-02-02 615976]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys []
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2012-02-02 211496]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys []
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CV2K1;CommView Network Monitor; C:\Windows\system32\DRIVERS\cv2k1.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RTSUVSTOR.sys [2011-11-15 313960]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2012-08-07 35112]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2011-03-25 20016]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-04-28 119424]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2012-02-01 945440]
R2 CxAudMsg;@C:\Windows\system32\CxAudMsg64.exe,-100; C:\Windows\system32\CxAudMsg64.exe [2010-12-17 198784]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-28 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-02-28 277784]
R2 MBAMService;MBAMService; D:\Programy\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
R2 MBAMScheduler;MBAMScheduler; D:\Programy\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 22072]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-10-02 891240]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-08 1258856]
R2 simptcp;@%SystemRoot%\system32\simptcp.dll,-200; C:\Windows\System32\tcpsvcs.exe [2009-07-14 10240]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-28 363800]
R2 US_ApacheS1;US_ApacheS1; D:\Programy\UniServer\usr\local\apache2\bin\httpd1.exe [2012-08-18 22016]
R2 US_MySQLS1;US_MySQLS1; D:\Programy\UniServer\usr\local\mysql\bin\mysqld1.exe [2012-09-29 8197120]
R2 VMAuthdService;VMware Authorization Service; D:\Programy\WMware player\vmware-authd.exe [2011-03-25 113264]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2011-03-25 334448]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-03-25 539248]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2011-03-25 404080]
R2 WDDMService;WD SmartWare Drive Manager Service; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-01-21 130048]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-07 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-10-10 277024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-07 136176]
S3 ufad-ws60;VMware Agent Service; D:\Programy\WMware player\vmware-ufad.exe [2010-08-19 191024]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-10-07 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 TlntSvr;@%SystemRoot%\system32\tlntsvr.exe,-119; C:\Windows\System32\tlntsvr.exe [2009-07-14 81920]

-----------------EOF-----------------

#12 Příspěvek od **JaRon** » 12 pro 2012 17:52

preventivne daj prehladat s RK http://forum.viry.cz/viewtopic.php?f=24&t=120452

blackpuffle · #13 Příspěvek od **blackpuffle** » 12 pro 2012 22:00

Zde:
RogueKiller V8.4.0 [Dec 12 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Slavca [Práva správce]
Mód : Kontrola -- Datum : 12/12/2012 21:59:43

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[TASK][SUSP PATH] Launcher : "D:\Profil\Plocha\Dokumenty\Projekty\GM Project\SkyNet System\SkyNet System.exe" -> NALEZENO
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp=) -> NALEZENO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST1000LM024 HN-M101MBB +++++
--- User ---
[MBR] 819f2b6ddb94dd836e5c2767ca3ea830
[BSP] 613abe43204c404f43cbf2aae7f7181d : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 153813 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 315420672 | Size: 799854 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: WD My Book 1110 USB Device +++++
--- User ---
[MBR] ef741b957ea61dab3f4fdaa98ecbd5f8
[BSP] 3fa53b4bb0f79e5d20cfb71a742f2ce6 : Linux MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953196 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[1]_S_12122012_02d2159.txt >>
RKreport[1]_S_12122012_02d2159.txt

#14 Příspěvek od **JaRon** » 13 pro 2012 07:12

Presun ComboFix
na plochu (ak tam este nie je)

otvor si Poznamkovy blok - notepad

do neho zkopiruj skript z nasledujiceho okna:

Kód: Vybrat vše

Driver::
fgilwkky
glmptuam

uloz vytvoreny textovy soubor ako CFScript.txt na plochu

po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:

Obrázek

po aplikacii by mal vzniknut dalsi log, ten vloz sem

+ D:\Profil\Plocha\Dokumenty\Projekty\GM Project\SkyNet System\SkyNet System.exe otestuj na www.virustotal.com
ak ho aspon 3 AV oznacia za infikovany, tak ho ZMAZ

blackpuffle · #15 Příspěvek od **blackpuffle** » 13 pro 2012 15:01

D:\Profil\Plocha\Dokumenty\Projekty\GM Project\SkyNet System\SkyNet System.exe tento soubor tam není, je tam jen SkyNet System.gmk (vir to není, je to projekt, na kterém pracuji, vím celý zdrojový kód. Možná to hlási jako vir, protože tam je zabudovaný zápis do registrů

)

Jinak nový log z CF:
ComboFix 12-12-12.01 - Slavca 13.12.2012 14:44:45.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8094.5724 [GMT 1:00]
Spuštěný z: d:\profil\Plocha\ComboFix.exe
Použité ovládací přepínače :: d:\profil\Plocha\CFScript.txt
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\tmpA171.tmp
c:\windows\SysWow64\tmpA1A1.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_fgilwkky
-------\Service_glmptuam
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-11-13 do 2012-12-13 )))))))))))))))))))))))))))))))
.
.
2012-12-13 13:49 . 2012-12-13 13:49 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-12-13 13:49 . 2012-12-13 13:49 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-12-13 13:49 . 2012-12-13 13:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-13 09:16 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FDC486E4-DD04-47BB-9E5E-2B02E007EED2}\mpengine.dll
2012-12-12 23:03 . 2012-11-14 07:06 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-12-12 23:03 . 2012-11-14 06:32 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-12-12 20:40 . 2012-12-12 20:40 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2012-12-12 20:40 . 2012-12-12 20:40 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-12-12 20:40 . 2012-12-12 20:40 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2012-12-12 20:40 . 2012-12-12 20:40 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-12-12 20:40 . 2012-12-12 20:40 -------- d-----w- c:\program files (x86)\OpenAL
2012-12-12 16:02 . 2012-12-12 16:02 -------- d-----w- c:\program files\trend micro
2012-12-12 16:02 . 2012-12-12 16:02 -------- d-----w- C:\rsit
2012-12-12 14:29 . 2012-12-12 14:29 -------- d-----w- c:\users\Slavca\AppData\Roaming\Malwarebytes
2012-12-12 14:29 . 2012-12-12 14:29 -------- d-----w- c:\programdata\Malwarebytes
2012-12-12 14:29 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-12 13:45 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-10 11:08 . 2012-12-11 17:20 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-12-10 11:08 . 2012-12-10 11:08 -------- d-----w- c:\users\Slavca\AppData\Local\PunkBuster
2012-12-10 11:08 . 2012-12-10 11:08 -------- d-----w- c:\programdata\Orbit
2012-12-10 11:06 . 2012-12-11 17:18 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-12-10 11:06 . 2012-12-12 13:00 -------- d-----w- c:\program files (x86)\Ubisoft
2012-12-09 15:46 . 2012-12-09 15:46 -------- d-----w- c:\users\Slavca\AppData\Local\GameMaker8.1
2012-12-09 12:18 . 2012-12-09 12:18 -------- d-----w- c:\users\Slavca\AppData\Local\Activision
2012-12-08 14:07 . 2012-12-08 16:21 410112 ----a-w- c:\windows\system32\taskhost.rs
2012-12-08 14:07 . 2012-12-08 16:21 307712 ----a-w- c:\windows\system32\SearchIndexer.dll
2012-12-08 14:07 . 2012-12-08 16:21 269824 ----a-w- c:\windows\system32\SearchEngine.rs
2012-12-07 11:45 . 2012-12-07 11:45 -------- d-----w- c:\users\Slavca\AppData\Local\Programs
2012-12-04 10:54 . 2012-12-04 10:54 -------- d-----w- c:\users\Slavca\AppData\Roaming\dist8
2012-12-02 09:31 . 2012-12-02 09:31 -------- d-----w- c:\users\Slavca\AppData\Local\YoYo_Games_Ltd
2012-12-02 09:31 . 2012-12-02 09:31 -------- d-----w- c:\users\Slavca\AppData\Local\GameMaker-Studio
2012-12-02 09:28 . 2012-12-11 21:06 -------- d-----w- c:\users\Slavca\AppData\Roaming\GameMaker-Studio
2012-11-28 12:01 . 2012-11-28 12:01 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7B71B647-CF88-4505-9451-D305F6E14829}\gapaengine.dll
2012-11-28 05:10 . 2012-11-29 18:53 -------- d-----w- c:\users\Slavca\AppData\Local\Skyrim
2012-11-27 18:44 . 2012-11-27 18:44 -------- d-----w- c:\programdata\Conexant
2012-11-27 18:44 . 2012-11-27 18:44 -------- d-----w- c:\users\Slavca\AppData\Local\Conexant
2012-11-27 17:18 . 2012-11-27 17:18 -------- d-----w- C:\Záloha
2012-11-26 18:38 . 2012-11-26 18:39 -------- d-----w- c:\users\Slavca\AppData\Local\Oblivion
2012-11-25 21:02 . 2012-11-25 21:02 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-11-24 20:48 . 2009-03-18 15:35 33856 ---ha-w- c:\windows\system32\hamachi.sys
2012-11-24 20:26 . 2012-11-24 20:26 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-11-24 13:31 . 2012-11-28 22:12 -------- d-----w- c:\programdata\Tarma Installer
2012-11-24 13:31 . 2012-11-24 13:31 -------- d-----w- c:\program files (x86)\Anon
2012-11-23 20:39 . 2012-11-23 20:39 -------- d-----w- c:\program files (x86)\NCT
2012-11-23 20:13 . 2012-11-23 20:13 -------- d-----w- c:\users\Slavca\AppData\Roaming\Reallusion
2012-11-23 20:11 . 2012-11-23 20:11 75 --sh--r- c:\windows\CT6PRET.BIN
2012-11-23 20:10 . 2012-11-23 20:10 -------- d-----w- c:\programdata\Reallusion
2012-11-23 20:10 . 2012-11-23 20:10 -------- d-----w- c:\program files (x86)\Reallusion
2012-11-23 20:10 . 2012-11-23 20:10 -------- d-----w- c:\program files (x86)\Common Files\Reallusion
2012-11-22 21:42 . 2012-11-22 21:42 -------- d-----w- c:\programdata\Advanced Chemistry Development
2012-11-19 23:24 . 2012-11-19 23:24 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-11-19 23:24 . 2012-11-19 23:24 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-11-19 18:46 . 2012-11-19 18:46 -------- d-----w- c:\programdata\Energy Management
2012-11-19 17:16 . 2012-12-08 14:00 -------- d-----w- c:\users\Slavca\AppData\Local\SKIDROW
2012-11-17 13:49 . 2012-11-17 13:50 -------- d-----w- c:\users\Slavca\AppData\Roaming\Mumble
2012-11-17 13:49 . 2012-11-17 13:49 -------- d-----w- c:\users\Slavca\AppData\Local\Mumble
2012-11-17 09:54 . 2002-12-03 02:10 158208 ----a-w- c:\windows\SysWow64\NCTTextToAudio.dll
2012-11-17 09:54 . 2002-12-03 02:02 491520 ----a-w- c:\windows\SysWow64\NCTAudioFile.dll
2012-11-17 09:54 . 2002-03-19 06:18 120832 ----a-w- c:\windows\SysWow64\lame_enc.dll
2012-11-17 09:27 . 2012-11-17 09:27 -------- d-----w- c:\users\Slavca\AppData\Roaming\Screaming Bee
2012-11-17 09:26 . 2012-11-17 09:27 -------- d-----w- c:\programdata\Screaming Bee
2012-11-17 09:02 . 2012-12-07 22:46 -------- d-----w- c:\users\Slavca\AppData\Roaming\Audacity
2012-11-15 11:31 . 2012-11-15 11:30 289768 ----a-w- c:\windows\system32\javaws.exe
2012-11-15 11:30 . 2012-11-15 11:30 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-11-15 11:30 . 2012-11-15 11:30 189416 ----a-w- c:\windows\system32\javaw.exe
2012-11-15 11:30 . 2012-11-15 11:30 188904 ----a-w- c:\windows\system32\java.exe
2012-11-15 11:28 . 2012-11-15 11:30 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-15 11:28 . 2012-11-15 11:30 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-11-15 09:05 . 2007-01-01 19:03 40960 ----a-r- c:\windows\SysWow64\psfind.dll
2012-11-15 09:02 . 2006-02-07 14:44 65024 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe
2012-11-15 09:02 . 2012-11-15 09:02 331908 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
2012-11-15 09:02 . 2012-11-15 09:02 200836 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
2012-11-15 09:02 . 2006-02-07 14:45 757760 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
2012-11-15 09:02 . 2006-02-07 14:40 204800 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
2012-11-15 09:02 . 2006-02-07 14:40 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
2012-11-15 09:02 . 2006-02-07 14:40 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
2012-11-15 09:02 . 2005-11-13 22:19 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2012-11-14 20:21 . 2012-11-14 20:21 -------- d-----w- c:\users\Slavca\AppData\Roaming\Xfire
2012-11-14 16:01 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2012-11-14 16:01 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-14 16:01 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-14 16:01 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-14 15:51 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-14 15:51 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-14 15:51 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-14 15:51 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-14 15:51 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-14 15:51 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-14 15:51 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-14 12:20 . 2012-11-29 18:43 -------- d-----w- c:\users\Slavca\AppData\Local\LogMeIn Hamachi
2012-11-14 10:28 . 2012-10-03 17:56 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-11-14 10:28 . 2012-10-03 17:44 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-11-14 10:28 . 2012-10-03 17:44 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-11-14 10:28 . 2012-10-03 17:44 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-11-14 10:28 . 2012-10-03 17:44 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-11-14 10:28 . 2012-10-03 17:42 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-11-14 10:28 . 2012-10-03 16:42 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-11-14 10:28 . 2012-10-03 16:42 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-11-14 10:28 . 2012-10-03 16:07 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-11-14 10:28 . 2012-01-13 07:12 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2012-11-14 10:28 . 2012-10-03 17:44 18944 ----a-w- c:\windows\system32\netevent.dll
2012-11-14 10:28 . 2012-10-03 16:42 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-11-14 10:26 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-11-14 10:26 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-11-14 10:26 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-11-14 10:26 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-11-14 09:55 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-11-14 09:55 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2012-11-14 09:47 . 2012-11-14 10:17 -------- d-----w- c:\programdata\PopCap Games
2012-11-13 18:38 . 2012-11-13 18:38 -------- d-----w- c:\users\Slavca\AppData\Roaming\Tunngle
2012-11-13 18:38 . 2012-11-13 18:38 -------- d-----w- c:\programdata\Tunngle
2012-11-13 18:38 . 2009-09-16 06:02 31232 ----a-w- c:\windows\system32\drivers\tap0901t.sys
2012-11-13 18:34 . 2012-11-13 18:34 -------- d-----w- c:\users\Slavca\AppData\Roaming\Hamachi
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-12 23:05 . 2012-10-07 14:03 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-10-30 17:13 . 2012-10-30 17:13 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-30 17:13 . 2012-10-09 12:34 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-30 17:13 . 2012-10-09 12:34 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-10-21 16:26 . 2012-10-21 16:26 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-10-17 05:16 . 2012-10-17 05:16 24920 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2012-10-16 08:38 . 2012-11-27 23:21 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-27 23:21 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-27 23:21 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-13 21:43 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-10-13 21:43 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-10-10 01:22 . 2012-10-10 01:22 80384 ----a-w- c:\windows\system32\igdde64.dll
2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc
2012-10-10 01:22 . 2012-10-10 01:22 21818368 ----a-w- c:\windows\SysWow64\igdfcl32.dll
2012-10-10 01:22 . 2012-10-10 01:22 216064 ----a-w- c:\windows\system32\iglhcp64.dll
2012-10-10 01:22 . 2012-10-10 01:22 180224 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2012-10-10 01:22 . 2012-10-10 01:22 5903392 ----a-w- c:\windows\system32\GfxUI.exe
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc
2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrhun.lrc
2012-10-10 01:22 . 2012-10-10 01:22 3776512 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll
2012-10-10 01:22 . 2012-10-10 01:22 27438080 ----a-w- c:\windows\system32\igdfcl64.dll
2012-10-10 01:22 . 2012-10-10 01:22 64512 ----a-w- c:\windows\SysWow64\igdde32.dll
2012-10-10 01:22 . 2012-10-10 01:22 501760 ----a-w- c:\windows\system32\igfxcmrt64.dll
2012-10-10 01:22 . 2012-10-10 01:22 439296 ----a-w- c:\windows\system32\igfxrrus.lrc
2012-10-10 01:22 . 2012-10-10 01:22 431104 ----a-w- c:\windows\system32\igfxrkor.lrc
2012-10-10 01:22 . 2012-10-10 01:22 410624 ----a-w- c:\windows\system32\igfxTMM.dll
2012-10-10 01:22 . 2012-10-10 01:22 27664896 ----a-w- c:\windows\system32\igdrcl64.dll
2012-10-10 01:22 . 2012-10-10 01:22 110592 ----a-w- c:\windows\system32\hccutils.dll
2012-10-10 01:22 . 2012-03-19 21:22 12836864 ----a-w- c:\windows\system32\igd10umd64.dll
2012-10-10 01:22 . 2012-10-10 01:22 598780 ----a-w- c:\windows\system32\igvpkrng700.bin
2012-10-10 01:22 . 2012-10-10 01:22 330240 ----a-w- c:\windows\SysWow64\igfxdv32.dll
2012-10-10 01:22 . 2012-10-10 01:22 12604416 ----a-w- c:\windows\system32\igdumd64.dll
2012-10-10 01:22 . 2012-10-10 01:22 56832 ----a-w- c:\windows\system32\Intel_OpenCL_ICD64.dll
2012-10-10 01:22 . 2012-10-10 01:22 441888 ----a-w- c:\windows\system32\igfxpers.exe
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc
2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc
2012-10-10 01:22 . 2012-10-10 01:22 3582976 ----a-w- c:\windows\system32\igdbcl64.dll
2012-10-10 01:22 . 2012-10-10 01:22 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2012-10-10 01:22 . 2012-05-16 05:26 56832 ----a-w- c:\windows\system32\OpenCL.dll
2012-10-10 01:22 . 2012-10-10 01:22 9007616 ----a-w- c:\windows\system32\igfxress.dll
2012-10-10 01:22 . 2012-10-10 01:22 63488 ----a-w- c:\windows\system32\igfxsrvc.dll
2012-10-10 01:22 . 2012-10-10 01:22 5343584 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2012-10-10 01:22 . 2012-10-10 01:22 448512 ----a-w- c:\windows\SysWow64\igfx11cmrt32.dll
2012-10-10 01:22 . 2012-10-10 01:22 441856 ----a-w- c:\windows\system32\igfxdev.dll
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrnld.lrc
2012-10-10 01:22 . 2012-10-10 01:22 399392 ----a-w- c:\windows\system32\hkcmd.exe
2012-10-10 01:22 . 2012-10-10 01:22 241664 ----a-w- c:\windows\system32\IntelOpenCL64.dll
2012-10-10 01:22 . 2012-10-10 01:22 195584 ----a-w- c:\windows\SysWow64\IntelOpenCL32.dll
2012-10-10 01:22 . 2012-10-10 01:22 126976 ----a-w- c:\windows\system32\igfxcpl.cpl
2012-10-10 01:22 . 2012-10-10 01:22 116224 ----a-w- c:\windows\system32\igfxCoIn_v2867.dll
2012-10-10 01:22 . 2012-10-10 01:22 604160 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2012-10-10 01:22 . 2012-10-10 01:22 4571136 ----a-w- c:\windows\system32\igfxcmjit64.dll
2012-10-10 01:22 . 2012-10-10 01:22 439808 ----a-w- c:\windows\system32\igfxresn.lrc
2012-10-10 01:22 . 2012-10-10 01:22 439296 ----a-w- c:\windows\system32\igfxrrom.lrc
2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrsve.lrc
2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrslv.lrc
2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrnor.lrc
2012-10-10 01:22 . 2012-10-10 01:22 437248 ----a-w- c:\windows\system32\igfxrdan.lrc
2012-10-10 01:22 . 2012-10-10 01:22 2899968 ----a-w- c:\windows\SysWow64\igdbcl32.dll
2012-10-10 01:22 . 2012-10-10 01:22 277024 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
2012-10-10 01:22 . 2012-10-10 01:22 185376 ----a-w- c:\windows\system32\difx64.exe
2012-10-10 01:22 . 2012-10-10 01:22 173568 ----a-w- c:\windows\system32\gfxSrvc.dll
2012-10-10 01:22 . 2012-10-10 01:22 435712 ----a-w- c:\windows\system32\igfxrheb.lrc
2012-10-10 01:22 . 2012-10-10 01:22 429056 ----a-w- c:\windows\system32\igfxrcht.lrc
2012-10-10 01:22 . 2012-10-10 01:22 171040 ----a-w- c:\windows\system32\igfxtray.exe
2012-10-10 01:22 . 2012-10-10 01:22 11158528 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2012-10-10 01:22 . 2012-10-10 01:22 56320 ----a-w- c:\windows\SysWow64\Intel_OpenCL_ICD32.dll
2012-10-10 01:22 . 2012-10-10 01:22 509984 ----a-w- c:\windows\system32\igfxsrvc.exe
2012-10-10 01:22 . 2012-10-10 01:22 440320 ----a-w- c:\windows\system32\igfxrell.lrc
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrptg.lrc
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrplk.lrc
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrita.lrc
2012-10-10 01:22 . 2012-10-10 01:22 438272 ----a-w- c:\windows\system32\igfxrfin.lrc
2012-10-10 01:22 . 2012-10-10 01:22 437248 ----a-w- c:\windows\system32\igfxrtha.lrc
2012-10-10 01:22 . 2012-10-10 01:22 428544 ----a-w- c:\windows\system32\igfxrchs.lrc
2012-10-10 01:22 . 2012-10-10 01:22 286208 ----a-w- c:\windows\system32\igfxrenu.lrc
2012-10-10 01:22 . 2012-10-10 01:22 27643904 ----a-w- c:\windows\SysWow64\igdrcl32.dll
2012-10-10 01:22 . 2012-10-10 01:22 142336 ----a-w- c:\windows\system32\igfxdo.dll
2012-10-10 01:22 . 2012-05-16 05:26 56320 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-10-10 01:22 . 2012-10-10 01:22 8579584 ----a-w- c:\windows\SysWow64\ig7icd32.dll
2012-10-10 01:22 . 2012-10-10 01:22 482304 ----a-w- c:\windows\system32\igfx11cmrt64.dll
2012-10-10 01:22 . 2012-10-10 01:22 386048 ----a-w- c:\windows\system32\igfxpph.dll
2012-10-10 01:22 . 2012-10-10 01:22 11595776 ----a-w- c:\windows\system32\ig7icd64.dll
2012-10-10 01:22 . 2012-10-10 01:22 438784 ----a-w- c:\windows\system32\igfxrsky.lrc
2012-10-10 01:22 . 2012-10-10 01:22 435712 ----a-w- c:\windows\system32\igfxrara.lrc
2012-10-10 01:22 . 2012-10-10 01:22 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc
2012-10-10 01:22 . 2012-10-10 01:22 28672 ----a-w- c:\windows\system32\igfxexps.dll
2012-10-10 01:22 . 2012-10-10 01:22 252448 ----a-w- c:\windows\system32\igfxext.exe
2012-10-10 01:22 . 2012-05-16 05:26 11040256 ----a-w- c:\windows\SysWow64\igdumd32.dll
2012-10-10 01:22 . 2012-10-10 01:22 9728 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2012-10-10 01:22 . 2012-10-10 01:22 755048 ----a-w- c:\windows\system32\igcodeckrng700.bin
2012-10-10 01:22 . 2012-10-10 01:22 439808 ----a-w- c:\windows\system32\igfxrfra.lrc
2012-10-10 01:22 . 2012-10-10 01:22 437760 ----a-w- c:\windows\system32\igfxrptb.lrc
2012-10-09 22:07 . 2012-10-09 22:07 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-10-09 11:52 . 2012-10-20 22:39 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-10-08 09:42 . 2012-10-08 09:42 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-10-08 09:42 . 2012-10-08 09:42 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-08 09:42 . 2012-10-08 09:42 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-08 09:42 . 2012-10-08 09:42 26331496 ----a-w- c:\windows\system32\nvoglv64.dll
2012-10-08 09:42 . 2012-10-08 09:42 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Slavca\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Slavca\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Slavca\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="d:\programy\uTorrent\uTorrent.exe" [2012-12-10 969104]
"AdobeBridge"="" [BU]
"DAEMON Tools Lite"="d:\programy\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2012-04-28 36480]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2012-02-02 134696]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2012-04-28 341120]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2012-04-28 111232]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2012-04-28 168064]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2012-04-28 68736]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2012-04-28 281472]
R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2012-02-02 615976]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 CV2K1;CommView Network Monitor;c:\windows\system32\DRIVERS\cv2k1.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys [2011-11-15 313960]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2012-08-07 35112]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-07 1255736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-02-27 16152]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2012-10-07 39008]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2012-04-28 119424]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe [2010-12-17 198784]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-28 161560]
S2 MBAMService;MBAMService;d:\programy\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-28 363800]
S2 US_ApacheS1;US_ApacheS1;d:\programy\UniServer\usr\local\apache2\bin\httpd1.exe [2012-08-18 22016]
S2 US_MySQLS1;US_MySQLS1;d:\programy\UniServer\usr\local\mysql\bin\mysqld1.exe [2012-09-29 8197120]
S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [2011-03-25 81008]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-03-25 539248]
S2 WDDMService;WD SmartWare Drive Manager Service;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-01-21 130048]
S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-04-28 163456]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2012-10-07 30816]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2012-04-28 30848]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-01-28 31088]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-10-09 283200]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2012-01-15 208168]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-02-27 356120]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-02-27 788760]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2012-03-02 104048]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
S3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [2009-11-25 38992]
S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys [2011-12-06 952832]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-12-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-07 12:01]
.
2012-12-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-07 12:01]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 97792 ----a-w- c:\users\Slavca\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 97792 ----a-w- c:\users\Slavca\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 97792 ----a-w- c:\users\Slavca\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 97792 ----a-w- c:\users\Slavca\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
SearchIndexer
SearchIndexer
SearchIndexer
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyServer = http=
LSP: d:\programy\WMware player\vsocklib.dll
TCP: DhcpNameServer = 46.253.96.67 192.168.1.1
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-757641336-1295543811-1564917729-1000\Software\SecuROM\License information*]
"datasecu"=hex:95,f7,ff,34,e4,21,2b,2d,5a,80,9d,65,d9,8f,7a,b6,57,60,de,af,22,
cf,2a,2a,3a,13,86,25,e8,c8,6b,5f,2f,86,a9,f6,34,be,62,33,04,42,64,1e,48,ae,\
"rkeysecu"=hex:e2,8a,5c,b8,a0,a1,60,0d,b8,51,ab,5c,7c,2f,cd,02
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
d:\programy\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\SysWOW64\vmnat.exe
d:\programy\WMware player\vmware-authd.exe
c:\windows\SysWOW64\vmnetdhcp.exe
d:\programy\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Celkový čas: 2012-12-13 14:56:43 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-12-13 13:56
ComboFix2.txt 2012-12-12 13:42
.
Před spuštěním: Volných bajtů: 107 077 132 288
Po spuštění: Volných bajtů: 106 804 486 144
.
- - End Of File - - F7CD37108BE7FAD8F106D1E5677FE99B

VIRY.CZ

Procesor někdy na 100%, využití RAM nestabilní

Procesor někdy na 100%, využití RAM nestabilní

Re: Procesor někdy na 100%, využití RAM nestabilní

Re: Procesor někdy na 100%, využití RAM nestabilní

Re: Procesor někdy na 100%, využití RAM nestabilní

Re: Procesor někdy na 100%, využití RAM nestabilní

Re: Procesor někdy na 100%, využití RAM nestabilní

Re: Procesor někdy na 100%, využití RAM nestabilní

Re: Procesor někdy na 100%, využití RAM nestabilní

Re: Procesor někdy na 100%, využití RAM nestabilní

Re: Procesor někdy na 100%, využití RAM nestabilní

Re: Procesor někdy na 100%, využití RAM nestabilní

Re: Procesor někdy na 100%, využití RAM nestabilní

Re: Procesor někdy na 100%, využití RAM nestabilní

Re: Procesor někdy na 100%, využití RAM nestabilní

Re: Procesor někdy na 100%, využití RAM nestabilní