r.o.s.t.a.c.k.a - kontrola logu.

[Rudy]

Toto je OK. PC by měl být v pořádku.

[r.o.s.t.a.c.k.a]

Ok, moc děkuji za pomoc

[Rudy]

Nemáte zač!

[r.o.s.t.a.c.k.a]

Dobrý den, prosím zase jednou o kontrolu logu, pc začíná občas být zasekaný, tak jestli tam něco není.. Děkuji

Logfile of random's system information tool 1.09 (written by random/random)
Run by Junior at 2013-03-28 11:31:52
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 323 GB (68%) free of 477 GB
Total RAM: 2783 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:32:44, on 28.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Raxco\PerfectSpeed20\PerfectSpeed.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\Explorer.exe
C:\Program Files\Raxco\PerfectSpeed20\Rx2AgentS1.exe
C:\Users\Junior\Downloads\RSIT.exe
C:\Program Files\trend micro\Junior.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?affID=1198 ... 626d96f050
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [VIARaidUtl] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [PerfectSpeed.exe] C:\Program Files\Raxco\PerfectSpeed20\PerfectSpeed.exe /tray /startrun
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-21-3183601904-2497013897-3255697537-1007\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3183601904-2497013897-3255697537-1007\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~1\contin~1\sprote~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Rx2Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectSpeed20\Rx2Agent.exe
O23 - Service: Rx2Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectSpeed20\Rx2Engine.exe
O23 - Service: VRAID Log Service - Unknown owner - C:\Program Files\VIA\RAID\vialogsv.exe

--
End of file - 8574 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\ContinueToSaveUpdaterTask{CF366F34-A319-48CE-9CA2-2B25418DDF5D}.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Junior\AppData\Roaming\Mozilla\Firefox\Profiles\066qb0xl.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "keyword.URL" - ""

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=8]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.2.183.23\npGoogleOneClick8.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
quickstores@quickstores.de
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsIQTScriptablePlugin.xpt
nsJSRealPlayerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
avg-secure-search.xml
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2013-01-15 139344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-23 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2012-10-01 704664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
Free Download Manager - C:\Program Files\Free Download Manager\iefdm2.dll [2012-05-14 231424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2013-02-22 1722976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-23 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"VIARaidUtl"=C:\Program Files\VIA\RAID\raid_tool.exe [2000-01-01 2375392]
"PerfectSpeed.exe"=C:\Program Files\Raxco\PerfectSpeed20\PerfectSpeed.exe [2010-01-21 7365896]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-28 642728]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-12-12 11734240]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-02-13 310128]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2013-03-03 385248]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2013-02-13 1509232]
""=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-02-13 844144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" c:\progra~1\contin~1\sprote~1.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2013-03-23 204800]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"msacm.vorbis"=vorbis.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-03-26 11:36:29 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-25 20:46:39 ----D---- C:\ProgramData\BlueStacksSetup
2013-03-25 16:01:46 ----A---- C:\Windows\PKZIP.PIF
2013-03-25 16:01:46 ----A---- C:\Windows\PKUNZIP.PIF
2013-03-23 20:31:31 ----D---- C:\Program Files\KMSnano Final
2013-03-23 20:20:41 ----D---- C:\Program Files\Common Files\DESIGNER
2013-03-23 20:19:31 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2013-03-23 20:18:54 ----D---- C:\Windows\PCHEALTH
2013-03-23 20:18:54 ----D---- C:\Program Files\Microsoft SQL Server
2013-03-23 20:16:21 ----D---- C:\Program Files\Microsoft Analysis Services
2013-03-23 20:14:10 ----D---- C:\ProgramData\AutoKMS
2013-03-23 19:03:05 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-03-23 19:02:51 ----A---- C:\Windows\system32\javaws.exe
2013-03-23 10:19:54 ----A---- C:\Windows\system32\wininet.dll
2013-03-23 10:19:54 ----A---- C:\Windows\system32\wextract.exe
2013-03-23 10:19:54 ----A---- C:\Windows\system32\vbscript.dll
2013-03-23 10:19:54 ----A---- C:\Windows\system32\urlmon.dll
2013-03-23 10:19:54 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-03-23 10:19:54 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-03-23 10:19:54 ----A---- C:\Windows\system32\msrating.dll
2013-03-23 10:19:54 ----A---- C:\Windows\system32\msls31.dll
2013-03-23 10:19:54 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-23 10:19:54 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-23 10:19:54 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-23 10:19:54 ----A---- C:\Windows\system32\inseng.dll
2013-03-23 10:19:54 ----A---- C:\Windows\system32\iexpress.exe
2013-03-23 10:19:54 ----A---- C:\Windows\system32\iertutil.dll
2013-03-23 10:19:54 ----A---- C:\Windows\system32\elshyph.dll
2013-03-23 10:19:53 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-03-23 10:19:53 ----A---- C:\Windows\system32\pngfilt.dll
2013-03-23 10:19:53 ----A---- C:\Windows\system32\occache.dll
2013-03-23 10:19:53 ----A---- C:\Windows\system32\mshtmler.dll
2013-03-23 10:19:53 ----A---- C:\Windows\system32\mshtml.dll
2013-03-23 10:19:53 ----A---- C:\Windows\system32\mshta.exe
2013-03-23 10:19:53 ----A---- C:\Windows\system32\msfeedssync.exe
2013-03-23 10:19:53 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-03-23 10:19:53 ----A---- C:\Windows\system32\jscript9.dll
2013-03-23 10:19:53 ----A---- C:\Windows\system32\jscript.dll
2013-03-23 10:19:53 ----A---- C:\Windows\system32\imgutil.dll
2013-03-23 10:19:53 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-23 10:19:53 ----A---- C:\Windows\system32\ieui.dll
2013-03-23 10:19:53 ----A---- C:\Windows\system32\iesysprep.dll
2013-03-23 10:19:53 ----A---- C:\Windows\system32\iepeers.dll
2013-03-23 10:19:53 ----A---- C:\Windows\system32\ieframe.dll
2013-03-23 10:19:53 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-03-23 10:19:52 ----A---- C:\Windows\system32\webcheck.dll
2013-03-23 10:19:52 ----A---- C:\Windows\system32\url.dll
2013-03-23 10:19:52 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-03-23 10:19:52 ----A---- C:\Windows\system32\licmgr10.dll
2013-03-23 10:19:52 ----A---- C:\Windows\system32\iesetup.dll
2013-03-23 10:19:52 ----A---- C:\Windows\system32\iernonce.dll
2013-03-23 10:19:52 ----A---- C:\Windows\system32\iedkcs32.dll
2013-03-23 10:19:52 ----A---- C:\Windows\system32\ieapfltr.dll
2013-03-23 10:19:52 ----A---- C:\Windows\system32\ieapfltr.dat
2013-03-23 10:19:52 ----A---- C:\Windows\system32\ie4uinit.exe
2013-03-23 10:19:52 ----A---- C:\Windows\system32\icardie.dll
2013-03-23 10:19:52 ----A---- C:\Windows\system32\dxtrans.dll
2013-03-23 10:19:52 ----A---- C:\Windows\system32\dxtmsft.dll
2013-03-22 12:41:49 ----A---- C:\data.txt
2013-03-17 18:48:18 ----A---- C:\Windows\KA.ini
2013-03-17 18:48:14 ----D---- C:\Program Files\Barbie(TM)
2013-03-08 19:49:33 ----D---- C:\Program Files\Mozilla Firefox
2013-03-03 17:04:39 ----D---- C:\Users\Junior\AppData\Roaming\Babylon
2013-03-03 17:04:39 ----D---- C:\ProgramData\Babylon
2013-03-03 17:04:25 ----D---- C:\Users\Junior\AppData\Roaming\Seznam.cz
2013-03-03 16:38:11 ----D---- C:\Users\Junior\AppData\Roaming\Avira
2013-03-03 16:32:19 ----A---- C:\Windows\system32\drivers\ssmdrv.sys
2013-03-03 16:32:12 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2013-03-03 16:32:12 ----A---- C:\Windows\system32\drivers\avipbb.sys
2013-03-03 16:32:12 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2013-03-03 16:31:21 ----D---- C:\ProgramData\Avira
2013-03-03 15:33:46 ----A---- C:\Windows\system32\drivers\ssudmdm.sys
2013-03-03 15:33:46 ----A---- C:\Windows\system32\drivers\ssudbus.sys
2013-03-03 15:33:28 ----A---- C:\Windows\system32\drivers\ssadwhnt.sys
2013-03-03 15:33:28 ----A---- C:\Windows\system32\drivers\ssadwh.sys
2013-03-03 15:33:28 ----A---- C:\Windows\system32\drivers\ssadserd.sys
2013-03-03 15:33:28 ----A---- C:\Windows\system32\drivers\ssadmdm.sys
2013-03-03 15:33:28 ----A---- C:\Windows\system32\drivers\ssadmdfl.sys
2013-03-03 15:33:28 ----A---- C:\Windows\system32\drivers\ssadcmnt.sys
2013-03-03 15:33:28 ----A---- C:\Windows\system32\drivers\ssadcm.sys
2013-03-03 15:33:28 ----A---- C:\Windows\system32\drivers\ssadbus.sys
2013-03-03 15:33:28 ----A---- C:\Windows\system32\drivers\ssadadb.sys
2013-03-03 15:33:18 ----A---- C:\Windows\system32\drivers\sscdwhnt.sys
2013-03-03 15:33:18 ----A---- C:\Windows\system32\drivers\sscdwh.sys
2013-03-03 15:33:18 ----A---- C:\Windows\system32\drivers\sscdmdm.sys
2013-03-03 15:33:18 ----A---- C:\Windows\system32\drivers\sscdmdfl.sys
2013-03-03 15:33:18 ----A---- C:\Windows\system32\drivers\sscdcmnt.sys
2013-03-03 15:33:18 ----A---- C:\Windows\system32\drivers\sscdcm.sys
2013-03-03 15:33:18 ----A---- C:\Windows\system32\drivers\sscdbus.sys
2013-03-03 15:31:37 ----A---- C:\Windows\system32\Redemption.dll
2013-03-03 15:31:26 ----A---- C:\Windows\system32\dgderapi.dll

======List of files/folders modified in the last 1 month======

2013-03-28 11:32:04 ----D---- C:\Windows\Prefetch
2013-03-28 11:31:57 ----D---- C:\Windows\temp
2013-03-28 11:31:54 ----D---- C:\Program Files\trend micro
2013-03-28 11:31:51 ----A---- C:\Windows\wincmd.ini
2013-03-28 11:00:21 ----D---- C:\Windows\system32\config
2013-03-28 10:50:58 ----D---- C:\Windows\System32
2013-03-28 10:50:58 ----D---- C:\Windows\inf
2013-03-28 10:50:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-27 14:53:01 ----D---- C:\=== Opera Download ===
2013-03-27 14:34:05 ----D---- C:\Windows\Microsoft.NET
2013-03-27 14:23:37 ----SHD---- C:\Windows\Installer
2013-03-27 14:23:35 ----RSD---- C:\Windows\assembly
2013-03-27 14:23:28 ----HD---- C:\ProgramData
2013-03-27 14:23:28 ----D---- C:\Program Files
2013-03-27 09:00:52 ----D---- C:\Windows\winsxs
2013-03-27 08:58:35 ----D---- C:\Windows\system32\drivers
2013-03-27 08:58:34 ----D---- C:\Windows\system32\DriverStore
2013-03-25 16:48:06 ----D---- C:\Windows
2013-03-25 16:14:26 ----D---- C:\ProgramData\NVIDIA
2013-03-25 16:14:21 ----RD---- C:\Users
2013-03-25 16:14:19 ----D---- C:\Program Files\NVIDIA Corporation
2013-03-25 16:13:00 ----D---- C:\Windows\system32\catroot
2013-03-25 16:07:30 ----D---- C:\Program Files\totalcmd
2013-03-25 15:19:15 ----SHD---- C:\System Volume Information
2013-03-25 14:01:04 ----D---- C:\Windows\system32\catroot2
2013-03-24 16:34:15 ----D---- C:\Windows\rescache
2013-03-23 21:13:53 ----D---- C:\ProgramData\Microsoft Help
2013-03-23 21:08:47 ----A---- C:\Windows\win.ini
2013-03-23 20:35:13 ----SD---- C:\Users\Junior\AppData\Roaming\Microsoft
2013-03-23 20:31:59 ----D---- C:\Windows\system32\Tasks
2013-03-23 20:21:16 ----RSD---- C:\Windows\Fonts
2013-03-23 20:20:56 ----D---- C:\Windows\ShellNew
2013-03-23 20:20:50 ----D---- C:\Program Files\Common Files\microsoft shared
2013-03-23 20:20:41 ----D---- C:\Program Files\Common Files
2013-03-23 20:19:56 ----D---- C:\Program Files\Microsoft.NET
2013-03-23 20:18:55 ----D---- C:\Program Files\Microsoft Office
2013-03-23 20:18:54 ----SD---- C:\ProgramData\Microsoft
2013-03-23 20:17:27 ----D---- C:\Program Files\Common Files\System
2013-03-23 20:01:33 ----D---- C:\Program Files\MSBuild
2013-03-23 19:03:00 ----A---- C:\Windows\system32\npDeployJava1.dll
2013-03-23 19:03:00 ----A---- C:\Windows\system32\javaw.exe
2013-03-23 19:03:00 ----A---- C:\Windows\system32\java.exe
2013-03-23 19:03:00 ----A---- C:\Windows\system32\deployJava1.dll
2013-03-23 19:02:59 ----D---- C:\Program Files\Java
2013-03-23 16:36:20 ----D---- C:\Program Files\EA GAMES
2013-03-23 16:32:05 ----D---- C:\Users\Junior\AppData\Roaming\Samsung
2013-03-23 16:31:54 ----HD---- C:\Program Files\InstallShield Installation Information
2013-03-23 16:30:25 ----D---- C:\ProgramData\Electronic Arts
2013-03-23 16:30:25 ----D---- C:\Program Files\Electronic Arts
2013-03-23 16:29:25 ----D---- C:\Program Files\FreeTime
2013-03-23 16:26:49 ----D---- C:\Program Files\CDex
2013-03-23 16:12:38 ----D---- C:\Games
2013-03-23 16:11:56 ----D---- C:\=== R4 DS ===
2013-03-23 10:25:16 ----D---- C:\Windows\Panther
2013-03-23 10:23:20 ----D---- C:\Windows\system32\cs-CZ
2013-03-23 10:23:20 ----D---- C:\Program Files\Internet Explorer
2013-03-23 10:23:19 ----D---- C:\Windows\system32\migration
2013-03-23 10:23:19 ----D---- C:\Windows\system32\en-US
2013-03-23 10:23:19 ----D---- C:\Windows\PolicyDefinitions
2013-03-23 10:22:27 ----D---- C:\Windows\Logs
2013-03-22 10:05:51 ----D---- C:\Users\Junior\AppData\Roaming\uTorrent
2013-03-15 09:52:31 ----D---- C:\Windows\AppPatch
2013-03-15 09:52:25 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 10:43:42 ----A---- C:\Windows\system32\MRT.exe
2013-03-14 10:42:08 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-03-11 15:13:00 ----D---- C:\Program Files\Common Files\Adobe
2013-03-09 08:29:55 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-03-03 15:31:13 ----D---- C:\ProgramData\Samsung
2013-03-03 15:31:06 ----D---- C:\Program Files\Samsung

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-04-19 721904]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-03-03 134336]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-03-03 36552]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-21 218688]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2013-03-03 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-03-03 83944]
R2 DefragFS;DefragFS; C:\Windows\system32\drivers\DefragFS.sys [2009-08-21 73232]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-11-10 8913920]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-11-10 263680]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-05-14 86656]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-12-28 2570528]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2012-12-02 47360]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2000-01-01 43008]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 185344]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\adusbser.sys [2009-11-06 106880]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2013-01-31 30312]
S3 athrusb;Atheros Wireless LAN USB device driver; C:\Windows\system32\DRIVERS\athrusb.sys [2008-07-29 904192]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-11-10 8913920]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 Bridge;@%SystemRoot%\system32\bridgeres.dll,-3; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\Users\Junior\AppData\Local\Temp\catchme.sys []
S3 CFcatchme;CFcatchme; \??\C:\Users\Junior\AppData\Local\Temp\CFcatchme.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-01-31 83168]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-01-15 13224]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena Classic\safedrv.sys []
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-01-15 25512]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HTCAND32;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2012-08-20 15576]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2012-08-20 10200]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2013-01-31 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2013-01-31 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2013-01-31 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2013-01-31 114280]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2013-01-31 104648]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2013-01-31 14920]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2013-01-31 132424]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-01-31 181344]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2013-01-01 12984]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUSB;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 35968]
S3 ZD1211BU(TP-LINK);TL-WN322G Wireless USB Adapter Driver(TP-LINK); C:\Windows\system32\DRIVERS\zd1211Bu.sys [2007-06-25 500736]
S3 ZDPSp60;ZDPSp60 NDIS Protocol Driver; C:\Windows\System32\Drivers\ZDPSp60.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-11-10 176128]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-09-28 291840]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2013-03-03 110816]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2013-03-03 86752]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2010-07-04 238952]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-31 634656]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-19 1259296]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-01-26 75136]
R2 Rx2Agent;Rx2Agent; C:\Program Files\Raxco\PerfectSpeed20\Rx2Agent.exe [2010-01-21 779528]
R2 VRAID Log Service;VRAID Log Service; C:\Program Files\VIA\RAID\vialogsv.exe [2000-01-01 52888]
R3 Rx2Engine;Rx2Engine; C:\Program Files\Raxco\PerfectSpeed20\Rx2Engine.exe [2010-01-21 947464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-14 253656]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 4846168]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-15 1343400]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://stahnu.cz/tag/adw-cleaner-free-download
Uložte na plochu
Ukončete všechny programy
Klikněte na Search
Proběhne skenováni a pak se objeví log, který sem vložte.

[r.o.s.t.a.c.k.a]

# AdwCleaner v2.109 - Logfile created 04/04/2013 at 21:12:07
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Junior - JUNIOR-PC
# Boot Mode : Normal
# Running from : C:\Users\Junior\Desktop\adwcleaner_2.110.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Found : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\Users\Junior\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
Folder Found : C:\Program Files\ICQ6Toolbar
Folder Found : C:\Program Files\Mozilla Firefox\Extensions\quickstores@quickstores.de
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\ProgramData\ICQ\ICQToolbar
Folder Found : C:\ProgramData\InstallMate
Folder Found : C:\ProgramData\Premium
Folder Found : C:\Users\Junior\AppData\Roaming\Babylon
Folder Found : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar

***** [Registry] *****

Data Found : HKLM\..\Windows [AppInit_DLLs] = c:\progra~1\contin~1\sprote~1.dll
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\SProtector
Key Found : HKCU\Software\BabylonToolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\Softonic
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\SP Global
Key Found : HKLM\Software\SProtector
Key Found : HKU\S-1-5-21-3183601904-2497013897-3255697537-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-21-3183601904-2497013897-3255697537-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKU\S-1-5-21-3183601904-2497013897-3255697537-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKU\S-1-5-21-3183601904-2497013897-3255697537-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run []
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16521

[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Mozilla Firefox v19.0.2 (cs)

File : C:\Users\Junior\AppData\Roaming\Mozilla\Firefox\Profiles\066qb0xl.default\prefs.js

Found : user_pref("aol_toolbar.default.homepage.check", false);
Found : user_pref("aol_toolbar.default.search.check", false);
Found : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Found : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Found : user_pref("extensions.BabylonToolbar_i.newTab", true);
Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.delta-search.com/?affID=119816&babsrc[...]
Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Found : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Found : user_pref("sweetim.toolbar.searchguard.enable", "");

-\\ Opera v12.14.1738.0

File : C:\Users\Junior\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [5568 octets] - [04/04/2013 21:12:07]

########## EOF - C:\AdwCleaner[R1].txt - [5628 octets] ##########

[Rudy]

Spusťte znovu ADWCleaner a klikněte na >Delete<. Vložte nový log.

[r.o.s.t.a.c.k.a]

Toto mi vyběhlo po smazání:

# AdwCleaner v2.109 - Logfile created 04/05/2013 at 19:29:45
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Junior - JUNIOR-PC
# Boot Mode : Normal
# Running from : C:\Users\Junior\Desktop\adwcleaner_2.110.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\Premium
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\Users\Junior\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
Folder Deleted : C:\Program Files\ICQ6Toolbar
Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\quickstores@quickstores.de
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\Users\Junior\AppData\Roaming\Babylon
Folder Deleted : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar

***** [Registry] *****

Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~1\contin~1\sprote~1.dll
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run []
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16521

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com

-\\ Mozilla Firefox v19.0.2 (cs)

File : C:\Users\Junior\AppData\Roaming\Mozilla\Firefox\Profiles\066qb0xl.default\prefs.js

Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Deleted : user_pref("aol_toolbar.default.search.check", false);
Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.delta-search.com/?affID=119816&babsrc[...]
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Deleted : user_pref("sweetim.toolbar.searchguard.enable", "");

-\\ Opera v12.14.1738.0

File : C:\Users\Junior\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [5697 octets] - [04/04/2013 21:12:07]
AdwCleaner[S1].txt - [5172 octets] - [05/04/2013 19:29:45]

########## EOF - C:\AdwCleaner[S1].txt - [5232 octets] ##########

[r.o.s.t.a.c.k.a]

Nový log:

# AdwCleaner v2.109 - Logfile created 04/05/2013 at 19:33:46
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Junior - JUNIOR-PC
# Boot Mode : Normal
# Running from : C:\Users\Junior\Desktop\adwcleaner_2.110.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\ProgramData\Premium

***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16521

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (cs)

File : C:\Users\Junior\AppData\Roaming\Mozilla\Firefox\Profiles\066qb0xl.default\prefs.js

[OK] File is clean.

-\\ Opera v12.14.1738.0

File : C:\Users\Junior\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [5697 octets] - [04/04/2013 21:12:07]
AdwCleaner[R2].txt - [895 octets] - [05/04/2013 19:33:46]
AdwCleaner[S1].txt - [5301 octets] - [05/04/2013 19:29:45]

########## EOF - C:\AdwCleaner[R2].txt - [1014 octets] ##########

[r.o.s.t.a.c.k.a]

nový rsit log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Junior at 2013-04-05 19:36:55
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 320 GB (67%) free of 477 GB
Total RAM: 2783 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:37:54, on 5.4.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Raxco\PerfectSpeed20\PerfectSpeed.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Raxco\PerfectSpeed20\Rx2AgentS1.exe
C:\Users\Junior\Downloads\RSIT.exe
C:\Program Files\trend micro\Junior.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?affID=1198 ... 626d96f050
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [VIARaidUtl] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [PerfectSpeed.exe] C:\Program Files\Raxco\PerfectSpeed20\PerfectSpeed.exe /tray /startrun
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKUS\S-1-5-21-3183601904-2497013897-3255697537-1007\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3183601904-2497013897-3255697537-1007\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Rx2Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectSpeed20\Rx2Agent.exe
O23 - Service: Rx2Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectSpeed20\Rx2Engine.exe
O23 - Service: VRAID Log Service - Unknown owner - C:\Program Files\VIA\RAID\vialogsv.exe

--
End of file - 8352 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\ContinueToSaveUpdaterTask{CF366F34-A319-48CE-9CA2-2B25418DDF5D}.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Junior\AppData\Roaming\Mozilla\Firefox\Profiles\066qb0xl.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=8]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.2.183.23\npGoogleOneClick8.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsIQTScriptablePlugin.xpt
nsJSRealPlayerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2013-01-15 139344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-23 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2012-10-01 704664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
Free Download Manager - C:\Program Files\Free Download Manager\iefdm2.dll [2012-05-14 231424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2013-02-22 1722976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-23 170912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"VIARaidUtl"=C:\Program Files\VIA\RAID\raid_tool.exe [2000-01-01 2375392]
"PerfectSpeed.exe"=C:\Program Files\Raxco\PerfectSpeed20\PerfectSpeed.exe [2010-01-21 7365896]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-28 642728]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-12-12 11734240]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-02-13 310128]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2013-03-28 345312]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2013-02-13 1509232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2013-03-23 204800]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"msacm.vorbis"=vorbis.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-04-05 19:33:46 ----A---- C:\AdwCleaner[R2].txt
2013-04-05 19:29:45 ----A---- C:\AdwCleaner[S1].txt
2013-04-04 21:12:07 ----A---- C:\AdwCleaner[R1].txt
2013-04-02 21:04:28 ----D---- C:\Users\Junior\AppData\Roaming\GHISLER
2013-03-26 12:36:29 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-25 21:46:39 ----D---- C:\ProgramData\BlueStacksSetup
2013-03-25 17:01:46 ----A---- C:\Windows\PKZIP.PIF
2013-03-25 17:01:46 ----A---- C:\Windows\PKUNZIP.PIF
2013-03-23 21:31:31 ----D---- C:\Program Files\KMSnano Final
2013-03-23 21:20:41 ----D---- C:\Program Files\Common Files\DESIGNER
2013-03-23 21:19:31 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2013-03-23 21:18:54 ----D---- C:\Windows\PCHEALTH
2013-03-23 21:18:54 ----D---- C:\Program Files\Microsoft SQL Server
2013-03-23 21:16:21 ----D---- C:\Program Files\Microsoft Analysis Services
2013-03-23 21:14:10 ----D---- C:\ProgramData\AutoKMS
2013-03-23 20:03:05 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-03-23 20:02:51 ----A---- C:\Windows\system32\javaws.exe
2013-03-23 11:19:54 ----A---- C:\Windows\system32\wininet.dll
2013-03-23 11:19:54 ----A---- C:\Windows\system32\wextract.exe
2013-03-23 11:19:54 ----A---- C:\Windows\system32\vbscript.dll
2013-03-23 11:19:54 ----A---- C:\Windows\system32\urlmon.dll
2013-03-23 11:19:54 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-03-23 11:19:54 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-03-23 11:19:54 ----A---- C:\Windows\system32\msrating.dll
2013-03-23 11:19:54 ----A---- C:\Windows\system32\msls31.dll
2013-03-23 11:19:54 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-23 11:19:54 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-23 11:19:54 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-23 11:19:54 ----A---- C:\Windows\system32\inseng.dll
2013-03-23 11:19:54 ----A---- C:\Windows\system32\iexpress.exe
2013-03-23 11:19:54 ----A---- C:\Windows\system32\iertutil.dll
2013-03-23 11:19:54 ----A---- C:\Windows\system32\elshyph.dll
2013-03-23 11:19:53 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-03-23 11:19:53 ----A---- C:\Windows\system32\pngfilt.dll
2013-03-23 11:19:53 ----A---- C:\Windows\system32\occache.dll
2013-03-23 11:19:53 ----A---- C:\Windows\system32\mshtmler.dll
2013-03-23 11:19:53 ----A---- C:\Windows\system32\mshtml.dll
2013-03-23 11:19:53 ----A---- C:\Windows\system32\mshta.exe
2013-03-23 11:19:53 ----A---- C:\Windows\system32\msfeedssync.exe
2013-03-23 11:19:53 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-03-23 11:19:53 ----A---- C:\Windows\system32\jscript9.dll
2013-03-23 11:19:53 ----A---- C:\Windows\system32\jscript.dll
2013-03-23 11:19:53 ----A---- C:\Windows\system32\imgutil.dll
2013-03-23 11:19:53 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-23 11:19:53 ----A---- C:\Windows\system32\ieui.dll
2013-03-23 11:19:53 ----A---- C:\Windows\system32\iesysprep.dll
2013-03-23 11:19:53 ----A---- C:\Windows\system32\iepeers.dll
2013-03-23 11:19:53 ----A---- C:\Windows\system32\ieframe.dll
2013-03-23 11:19:53 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-03-23 11:19:52 ----A---- C:\Windows\system32\webcheck.dll
2013-03-23 11:19:52 ----A---- C:\Windows\system32\url.dll
2013-03-23 11:19:52 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-03-23 11:19:52 ----A---- C:\Windows\system32\licmgr10.dll
2013-03-23 11:19:52 ----A---- C:\Windows\system32\iesetup.dll
2013-03-23 11:19:52 ----A---- C:\Windows\system32\iernonce.dll
2013-03-23 11:19:52 ----A---- C:\Windows\system32\iedkcs32.dll
2013-03-23 11:19:52 ----A---- C:\Windows\system32\ieapfltr.dll
2013-03-23 11:19:52 ----A---- C:\Windows\system32\ieapfltr.dat
2013-03-23 11:19:52 ----A---- C:\Windows\system32\ie4uinit.exe
2013-03-23 11:19:52 ----A---- C:\Windows\system32\icardie.dll
2013-03-23 11:19:52 ----A---- C:\Windows\system32\dxtrans.dll
2013-03-23 11:19:52 ----A---- C:\Windows\system32\dxtmsft.dll
2013-03-22 13:41:49 ----A---- C:\data.txt
2013-03-17 19:48:18 ----A---- C:\Windows\KA.ini
2013-03-17 19:48:14 ----D---- C:\Program Files\Barbie(TM)
2013-03-08 20:49:33 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2013-04-05 19:37:07 ----D---- C:\Windows\Prefetch
2013-04-05 19:36:57 ----D---- C:\Windows\temp
2013-04-05 19:36:57 ----D---- C:\Program Files\trend micro
2013-04-05 19:35:40 ----D---- C:\Windows\System32
2013-04-05 19:35:40 ----D---- C:\Windows\inf
2013-04-05 19:35:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-05 19:31:47 ----D---- C:\Windows
2013-04-05 19:29:54 ----D---- C:\Program Files
2013-04-05 19:29:53 ----HD---- C:\ProgramData
2013-04-05 19:29:53 ----D---- C:\ProgramData\ICQ
2013-04-05 19:29:13 ----D---- C:\Windows\system32\config
2013-04-04 21:27:13 ----SHD---- C:\Windows\Installer
2013-04-04 21:23:06 ----D---- C:\Windows\system32\catroot
2013-04-04 11:16:48 ----D---- C:\=== Opera Download ===
2013-04-04 09:38:19 ----D---- C:\FFOutput
2013-04-02 21:08:44 ----D---- C:\Program Files\totalcmd
2013-04-02 21:04:25 ----A---- C:\Windows\wincmd.ini
2013-04-01 20:23:41 ----SHD---- C:\System Volume Information
2013-03-29 20:50:11 ----RSD---- C:\Windows\assembly
2013-03-29 20:49:54 ----D---- C:\Windows\Logs
2013-03-27 15:34:05 ----D---- C:\Windows\Microsoft.NET
2013-03-27 10:00:52 ----D---- C:\Windows\winsxs
2013-03-27 09:58:35 ----D---- C:\Windows\system32\drivers
2013-03-27 09:58:34 ----D---- C:\Windows\system32\DriverStore
2013-03-25 17:14:26 ----D---- C:\ProgramData\NVIDIA
2013-03-25 17:14:21 ----RD---- C:\Users
2013-03-25 17:14:19 ----D---- C:\Program Files\NVIDIA Corporation
2013-03-25 15:01:04 ----D---- C:\Windows\system32\catroot2
2013-03-24 17:34:15 ----D---- C:\Windows\rescache
2013-03-23 22:13:53 ----D---- C:\ProgramData\Microsoft Help
2013-03-23 22:08:47 ----A---- C:\Windows\win.ini
2013-03-23 21:35:13 ----SD---- C:\Users\Junior\AppData\Roaming\Microsoft
2013-03-23 21:31:59 ----D---- C:\Windows\system32\Tasks
2013-03-23 21:21:16 ----RSD---- C:\Windows\Fonts
2013-03-23 21:20:56 ----D---- C:\Windows\ShellNew
2013-03-23 21:20:50 ----D---- C:\Program Files\Common Files\microsoft shared
2013-03-23 21:20:41 ----D---- C:\Program Files\Common Files
2013-03-23 21:19:56 ----D---- C:\Program Files\Microsoft.NET
2013-03-23 21:18:55 ----D---- C:\Program Files\Microsoft Office
2013-03-23 21:18:54 ----SD---- C:\ProgramData\Microsoft
2013-03-23 21:17:27 ----D---- C:\Program Files\Common Files\System
2013-03-23 21:01:33 ----D---- C:\Program Files\MSBuild
2013-03-23 20:03:00 ----A---- C:\Windows\system32\npDeployJava1.dll
2013-03-23 20:03:00 ----A---- C:\Windows\system32\javaw.exe
2013-03-23 20:03:00 ----A---- C:\Windows\system32\java.exe
2013-03-23 20:03:00 ----A---- C:\Windows\system32\deployJava1.dll
2013-03-23 20:02:59 ----D---- C:\Program Files\Java
2013-03-23 17:36:20 ----D---- C:\Program Files\EA GAMES
2013-03-23 17:33:00 ----D---- C:\Users\Junior\AppData\Roaming\Seznam.cz
2013-03-23 17:32:05 ----D---- C:\Users\Junior\AppData\Roaming\Samsung
2013-03-23 17:31:54 ----HD---- C:\Program Files\InstallShield Installation Information
2013-03-23 17:30:25 ----D---- C:\ProgramData\Electronic Arts
2013-03-23 17:30:25 ----D---- C:\Program Files\Electronic Arts
2013-03-23 17:29:25 ----D---- C:\Program Files\FreeTime
2013-03-23 17:26:49 ----D---- C:\Program Files\CDex
2013-03-23 17:12:38 ----D---- C:\Games
2013-03-23 17:11:56 ----D---- C:\=== R4 DS ===
2013-03-23 11:25:16 ----D---- C:\Windows\Panther
2013-03-23 11:23:20 ----D---- C:\Windows\system32\cs-CZ
2013-03-23 11:23:20 ----D---- C:\Program Files\Internet Explorer
2013-03-23 11:23:19 ----D---- C:\Windows\system32\migration
2013-03-23 11:23:19 ----D---- C:\Windows\system32\en-US
2013-03-23 11:23:19 ----D---- C:\Windows\PolicyDefinitions
2013-03-22 11:05:51 ----D---- C:\Users\Junior\AppData\Roaming\uTorrent
2013-03-15 10:52:31 ----D---- C:\Windows\AppPatch
2013-03-15 10:52:25 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 11:43:42 ----A---- C:\Windows\system32\MRT.exe
2013-03-14 11:42:08 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-03-11 16:13:00 ----D---- C:\Program Files\Common Files\Adobe
2013-03-09 09:29:55 ----D---- C:\Program Files\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-04-19 721904]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-03-28 135136]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-03-28 37352]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-21 218688]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2013-03-03 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-03-28 84744]
R2 DefragFS;DefragFS; C:\Windows\system32\drivers\DefragFS.sys [2009-08-21 73232]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-11-10 8913920]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-11-10 263680]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-05-14 86656]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-12-28 2570528]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2012-12-02 47360]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2000-01-01 43008]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 185344]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\adusbser.sys [2009-11-06 106880]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2013-01-31 30312]
S3 athrusb;Atheros Wireless LAN USB device driver; C:\Windows\system32\DRIVERS\athrusb.sys [2008-07-29 904192]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-11-10 8913920]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 Bridge;@%SystemRoot%\system32\bridgeres.dll,-3; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\Users\Junior\AppData\Local\Temp\catchme.sys []
S3 CFcatchme;CFcatchme; \??\C:\Users\Junior\AppData\Local\Temp\CFcatchme.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-01-31 83168]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-01-15 13224]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena Classic\safedrv.sys []
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-01-15 25512]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HTCAND32;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-10-27 25088]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2012-08-20 15576]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2012-08-20 10200]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2013-01-31 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2013-01-31 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2013-01-31 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2013-01-31 114280]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2013-01-31 104648]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2013-01-31 14920]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2013-01-31 132424]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-01-31 181344]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2013-01-01 12984]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUSB;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 35968]
S3 ZD1211BU(TP-LINK);TL-WN322G Wireless USB Adapter Driver(TP-LINK); C:\Windows\system32\DRIVERS\zd1211Bu.sys [2007-06-25 500736]
S3 ZDPSp60;ZDPSp60 NDIS Protocol Driver; C:\Windows\System32\Drivers\ZDPSp60.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-11-10 176128]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-09-28 291840]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2013-03-28 110816]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2013-03-28 86752]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2010-07-04 238952]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-31 634656]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-19 1259296]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-01-26 75136]
R2 Rx2Agent;Rx2Agent; C:\Program Files\Raxco\PerfectSpeed20\Rx2Agent.exe [2010-01-21 779528]
R2 VRAID Log Service;VRAID Log Service; C:\Program Files\VIA\RAID\vialogsv.exe [2000-01-01 52888]
R3 Rx2Engine;Rx2Engine; C:\Program Files\Raxco\PerfectSpeed20\Rx2Engine.exe [2010-01-21 947464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-14 253656]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 4846168]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-15 1343400]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\ProgramData\AutoKMS

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

[r.o.s.t.a.c.k.a]

Hotovo.. po restartu mi vyběhlo tohle:

All processes killed
========== FILES ==========
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\ProgramData\AutoKMS\Resources\StartX folder moved successfully.
C:\ProgramData\AutoKMS\Resources\MSGBox folder moved successfully.
C:\ProgramData\AutoKMS\Resources\LicenseManagement folder moved successfully.
C:\ProgramData\AutoKMS\Resources\KMSKG folder moved successfully.
C:\ProgramData\AutoKMS\Resources folder moved successfully.
Folder move failed. C:\ProgramData\AutoKMS scheduled to be moved on reboot.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Junior
->Temp folder emptied: 1571018361 bytes
->Temporary Internet Files folder emptied: 53901429 bytes
->Java cache emptied: 1277039 bytes
->FireFox cache emptied: 363760792 bytes
->Opera cache emptied: 54036076 bytes
->Flash cache emptied: 17565 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 5 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 43919861 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 4687190 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 728 bytes
RecycleBin emptied: 580235 bytes

Total Files Cleaned = 1 996,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Junior
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 04062013_104530

Files moved on Reboot...
C:\ProgramData\AutoKMS\Resources\StartX folder moved successfully.
C:\ProgramData\AutoKMS\Resources\MSGBox folder moved successfully.
C:\ProgramData\AutoKMS\Resources\LicenseManagement folder moved successfully.
C:\ProgramData\AutoKMS\Resources\KMSKG folder moved successfully.
C:\ProgramData\AutoKMS\Resources folder moved successfully.
Folder move failed. C:\ProgramData\AutoKMS scheduled to be moved on reboot.

Registry entries deleted on Reboot...


Ještě jdu udělat ten rsit

[r.o.s.t.a.c.k.a]

nový log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Junior at 2013-04-06 10:53:09
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 322 GB (67%) free of 477 GB
Total RAM: 2783 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:54:11, on 6.4.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Raxco\PerfectSpeed20\Rx2AgentS1.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Raxco\PerfectSpeed20\PerfectSpeed.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Users\Junior\Desktop\RSIT.exe
C:\Program Files\trend micro\Junior.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?affID=1198 ... 626d96f050
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [VIARaidUtl] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [PerfectSpeed.exe] C:\Program Files\Raxco\PerfectSpeed20\PerfectSpeed.exe /tray /startrun
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Rx2Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectSpeed20\Rx2Agent.exe
O23 - Service: Rx2Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectSpeed20\Rx2Engine.exe
O23 - Service: VRAID Log Service - Unknown owner - C:\Program Files\VIA\RAID\vialogsv.exe

--
End of file - 7980 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\ContinueToSaveUpdaterTask{CF366F34-A319-48CE-9CA2-2B25418DDF5D}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Junior\AppData\Roaming\Mozilla\Firefox\Profiles\066qb0xl.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=8]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.2.183.23\npGoogleOneClick8.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsIQTScriptablePlugin.xpt
nsJSRealPlayerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2013-01-15 139344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-23 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2012-10-01 704664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
Free Download Manager - C:\Program Files\Free Download Manager\iefdm2.dll [2012-05-14 231424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2013-02-22 1722976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-23 170912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"VIARaidUtl"=C:\Program Files\VIA\RAID\raid_tool.exe [2000-01-01 2375392]
"PerfectSpeed.exe"=C:\Program Files\Raxco\PerfectSpeed20\PerfectSpeed.exe [2010-01-21 7365896]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-28 642728]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-12-12 11734240]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-02-13 310128]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2013-03-28 345312]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2013-02-13 1509232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2013-03-23 204800]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"msacm.vorbis"=vorbis.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-04-06 10:45:30 ----D---- C:\_OTM
2013-04-05 19:33:46 ----A---- C:\AdwCleaner[R2].txt
2013-04-05 19:29:45 ----A---- C:\AdwCleaner[S1].txt
2013-04-04 21:12:07 ----A---- C:\AdwCleaner[R1].txt
2013-04-02 21:04:28 ----D---- C:\Users\Junior\AppData\Roaming\GHISLER
2013-03-26 12:36:29 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-25 21:46:39 ----D---- C:\ProgramData\BlueStacksSetup
2013-03-25 17:01:46 ----A---- C:\Windows\PKZIP.PIF
2013-03-25 17:01:46 ----A---- C:\Windows\PKUNZIP.PIF
2013-03-23 21:31:31 ----D---- C:\Program Files\KMSnano Final
2013-03-23 21:20:41 ----D---- C:\Program Files\Common Files\DESIGNER
2013-03-23 21:19:31 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2013-03-23 21:18:54 ----D---- C:\Windows\PCHEALTH
2013-03-23 21:18:54 ----D---- C:\Program Files\Microsoft SQL Server
2013-03-23 21:16:21 ----D---- C:\Program Files\Microsoft Analysis Services
2013-03-23 20:03:05 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-03-23 20:02:51 ----A---- C:\Windows\system32\javaws.exe
2013-03-23 11:19:54 ----A---- C:\Windows\system32\wininet.dll
2013-03-23 11:19:54 ----A---- C:\Windows\system32\wextract.exe
2013-03-23 11:19:54 ----A---- C:\Windows\system32\vbscript.dll
2013-03-23 11:19:54 ----A---- C:\Windows\system32\urlmon.dll
2013-03-23 11:19:54 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-03-23 11:19:54 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-03-23 11:19:54 ----A---- C:\Windows\system32\msrating.dll
2013-03-23 11:19:54 ----A---- C:\Windows\system32\msls31.dll
2013-03-23 11:19:54 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-23 11:19:54 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-23 11:19:54 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-23 11:19:54 ----A---- C:\Windows\system32\inseng.dll
2013-03-23 11:19:54 ----A---- C:\Windows\system32\iexpress.exe
2013-03-23 11:19:54 ----A---- C:\Windows\system32\iertutil.dll
2013-03-23 11:19:54 ----A---- C:\Windows\system32\elshyph.dll
2013-03-23 11:19:53 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-03-23 11:19:53 ----A---- C:\Windows\system32\pngfilt.dll
2013-03-23 11:19:53 ----A---- C:\Windows\system32\occache.dll
2013-03-23 11:19:53 ----A---- C:\Windows\system32\mshtmler.dll
2013-03-23 11:19:53 ----A---- C:\Windows\system32\mshtml.dll
2013-03-23 11:19:53 ----A---- C:\Windows\system32\mshta.exe
2013-03-23 11:19:53 ----A---- C:\Windows\system32\msfeedssync.exe
2013-03-23 11:19:53 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-03-23 11:19:53 ----A---- C:\Windows\system32\jscript9.dll
2013-03-23 11:19:53 ----A---- C:\Windows\system32\jscript.dll
2013-03-23 11:19:53 ----A---- C:\Windows\system32\imgutil.dll
2013-03-23 11:19:53 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-23 11:19:53 ----A---- C:\Windows\system32\ieui.dll
2013-03-23 11:19:53 ----A---- C:\Windows\system32\iesysprep.dll
2013-03-23 11:19:53 ----A---- C:\Windows\system32\iepeers.dll
2013-03-23 11:19:53 ----A---- C:\Windows\system32\ieframe.dll
2013-03-23 11:19:53 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-03-23 11:19:52 ----A---- C:\Windows\system32\webcheck.dll
2013-03-23 11:19:52 ----A---- C:\Windows\system32\url.dll
2013-03-23 11:19:52 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-03-23 11:19:52 ----A---- C:\Windows\system32\licmgr10.dll
2013-03-23 11:19:52 ----A---- C:\Windows\system32\iesetup.dll
2013-03-23 11:19:52 ----A---- C:\Windows\system32\iernonce.dll
2013-03-23 11:19:52 ----A---- C:\Windows\system32\iedkcs32.dll
2013-03-23 11:19:52 ----A---- C:\Windows\system32\ieapfltr.dll
2013-03-23 11:19:52 ----A---- C:\Windows\system32\ieapfltr.dat
2013-03-23 11:19:52 ----A---- C:\Windows\system32\ie4uinit.exe
2013-03-23 11:19:52 ----A---- C:\Windows\system32\icardie.dll
2013-03-23 11:19:52 ----A---- C:\Windows\system32\dxtrans.dll
2013-03-23 11:19:52 ----A---- C:\Windows\system32\dxtmsft.dll
2013-03-22 13:41:49 ----A---- C:\data.txt
2013-03-17 19:48:18 ----A---- C:\Windows\KA.ini
2013-03-17 19:48:14 ----D---- C:\Program Files\Barbie(TM)
2013-03-08 20:49:33 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2013-04-06 10:53:18 ----D---- C:\Program Files\trend micro
2013-04-06 10:53:17 ----D---- C:\Windows\Prefetch
2013-04-06 10:53:14 ----D---- C:\Windows\temp
2013-04-06 10:51:31 ----HD---- C:\ProgramData
2013-04-06 10:49:42 ----D---- C:\Windows\system32\config
2013-04-06 10:49:21 ----D---- C:\Windows\System32
2013-04-06 10:45:31 ----D---- C:\Windows\Tasks
2013-04-06 08:24:58 ----D---- C:\Windows\inf
2013-04-06 08:24:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-05 19:31:47 ----D---- C:\Windows
2013-04-05 19:29:54 ----D---- C:\Program Files
2013-04-05 19:29:53 ----D---- C:\ProgramData\ICQ
2013-04-04 21:27:13 ----SHD---- C:\Windows\Installer
2013-04-04 21:23:06 ----D---- C:\Windows\system32\catroot
2013-04-04 11:16:48 ----D---- C:\=== Opera Download ===
2013-04-04 09:38:19 ----D---- C:\FFOutput
2013-04-02 21:08:44 ----D---- C:\Program Files\totalcmd
2013-04-02 21:04:25 ----A---- C:\Windows\wincmd.ini
2013-04-01 20:23:41 ----SHD---- C:\System Volume Information
2013-03-29 20:50:11 ----RSD---- C:\Windows\assembly
2013-03-29 20:49:54 ----D---- C:\Windows\Logs
2013-03-27 15:34:05 ----D---- C:\Windows\Microsoft.NET
2013-03-27 10:00:52 ----D---- C:\Windows\winsxs
2013-03-27 09:58:35 ----D---- C:\Windows\system32\drivers
2013-03-27 09:58:34 ----D---- C:\Windows\system32\DriverStore
2013-03-25 17:14:26 ----D---- C:\ProgramData\NVIDIA
2013-03-25 17:14:21 ----RD---- C:\Users
2013-03-25 17:14:19 ----D---- C:\Program Files\NVIDIA Corporation
2013-03-25 15:01:04 ----D---- C:\Windows\system32\catroot2
2013-03-24 17:34:15 ----D---- C:\Windows\rescache
2013-03-23 22:13:53 ----D---- C:\ProgramData\Microsoft Help
2013-03-23 22:08:47 ----A---- C:\Windows\win.ini
2013-03-23 21:35:13 ----SD---- C:\Users\Junior\AppData\Roaming\Microsoft
2013-03-23 21:31:59 ----D---- C:\Windows\system32\Tasks
2013-03-23 21:21:16 ----RSD---- C:\Windows\Fonts
2013-03-23 21:20:56 ----D---- C:\Windows\ShellNew
2013-03-23 21:20:50 ----D---- C:\Program Files\Common Files\microsoft shared
2013-03-23 21:20:41 ----D---- C:\Program Files\Common Files
2013-03-23 21:19:56 ----D---- C:\Program Files\Microsoft.NET
2013-03-23 21:18:55 ----D---- C:\Program Files\Microsoft Office
2013-03-23 21:18:54 ----SD---- C:\ProgramData\Microsoft
2013-03-23 21:17:27 ----D---- C:\Program Files\Common Files\System
2013-03-23 21:01:33 ----D---- C:\Program Files\MSBuild
2013-03-23 20:03:00 ----A---- C:\Windows\system32\npDeployJava1.dll
2013-03-23 20:03:00 ----A---- C:\Windows\system32\javaw.exe
2013-03-23 20:03:00 ----A---- C:\Windows\system32\java.exe
2013-03-23 20:03:00 ----A---- C:\Windows\system32\deployJava1.dll
2013-03-23 20:02:59 ----D---- C:\Program Files\Java
2013-03-23 17:36:20 ----D---- C:\Program Files\EA GAMES
2013-03-23 17:33:00 ----D---- C:\Users\Junior\AppData\Roaming\Seznam.cz
2013-03-23 17:32:05 ----D---- C:\Users\Junior\AppData\Roaming\Samsung
2013-03-23 17:31:54 ----HD---- C:\Program Files\InstallShield Installation Information
2013-03-23 17:30:25 ----D---- C:\ProgramData\Electronic Arts
2013-03-23 17:30:25 ----D---- C:\Program Files\Electronic Arts
2013-03-23 17:29:25 ----D---- C:\Program Files\FreeTime
2013-03-23 17:26:49 ----D---- C:\Program Files\CDex
2013-03-23 17:12:38 ----D---- C:\Games
2013-03-23 17:11:56 ----D---- C:\=== R4 DS ===
2013-03-23 11:25:16 ----D---- C:\Windows\Panther
2013-03-23 11:23:20 ----D---- C:\Windows\system32\cs-CZ
2013-03-23 11:23:20 ----D---- C:\Program Files\Internet Explorer
2013-03-23 11:23:19 ----D---- C:\Windows\system32\migration
2013-03-23 11:23:19 ----D---- C:\Windows\system32\en-US
2013-03-23 11:23:19 ----D---- C:\Windows\PolicyDefinitions
2013-03-22 11:05:51 ----D---- C:\Users\Junior\AppData\Roaming\uTorrent
2013-03-15 10:52:31 ----D---- C:\Windows\AppPatch
2013-03-15 10:52:25 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 11:43:42 ----A---- C:\Windows\system32\MRT.exe
2013-03-14 11:42:08 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-03-11 16:13:00 ----D---- C:\Program Files\Common Files\Adobe
2013-03-09 09:29:55 ----D---- C:\Program Files\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-04-19 721904]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-03-28 135136]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-03-28 37352]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-21 218688]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2013-03-03 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-03-28 84744]
R2 DefragFS;DefragFS; C:\Windows\system32\drivers\DefragFS.sys [2009-08-21 73232]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-11-10 8913920]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-11-10 263680]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-05-14 86656]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-12-28 2570528]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2012-12-02 47360]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2000-01-01 43008]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 185344]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\adusbser.sys [2009-11-06 106880]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2013-01-31 30312]
S3 athrusb;Atheros Wireless LAN USB device driver; C:\Windows\system32\DRIVERS\athrusb.sys [2008-07-29 904192]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-11-10 8913920]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 Bridge;@%SystemRoot%\system32\bridgeres.dll,-3; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\Users\Junior\AppData\Local\Temp\catchme.sys []
S3 CFcatchme;CFcatchme; \??\C:\Users\Junior\AppData\Local\Temp\CFcatchme.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-01-31 83168]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-01-15 13224]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena Classic\safedrv.sys []
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-01-15 25512]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HTCAND32;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-10-27 25088]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2012-08-20 15576]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2012-08-20 10200]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2013-01-31 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2013-01-31 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2013-01-31 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2013-01-31 114280]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2013-01-31 104648]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2013-01-31 14920]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2013-01-31 132424]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-01-31 181344]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2013-01-01 12984]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUSB;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 35968]
S3 ZD1211BU(TP-LINK);TL-WN322G Wireless USB Adapter Driver(TP-LINK); C:\Windows\system32\DRIVERS\zd1211Bu.sys [2007-06-25 500736]
S3 ZDPSp60;ZDPSp60 NDIS Protocol Driver; C:\Windows\System32\Drivers\ZDPSp60.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-11-10 176128]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-09-28 291840]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2013-03-28 110816]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2013-03-28 86752]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2010-07-04 238952]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-31 634656]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-19 1259296]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-01-26 75136]
R2 Rx2Agent;Rx2Agent; C:\Program Files\Raxco\PerfectSpeed20\Rx2Agent.exe [2010-01-21 779528]
R2 VRAID Log Service;VRAID Log Service; C:\Program Files\VIA\RAID\vialogsv.exe [2000-01-01 52888]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 4846168]
R3 Rx2Engine;Rx2Engine; C:\Program Files\Raxco\PerfectSpeed20\Rx2Engine.exe [2010-01-21 947464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-14 253656]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-15 1343400]

-----------------EOF-----------------

[Rudy]

Dvouklikem na soubor C:\Program Files\trend micro\Junior.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?affID=1198 ... 626d96f050
R3 - URLSearchHook: (no name) - - (no file)
O20 - AppInit_DLLs:

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

[r.o.s.t.a.c.k.a]

Hotovo, je to vše nebo mám ještě pro jistotu znovu udělat log z RSIT?