Prosba o kontrolu

[Pakl]

Po delší době prosím, podívejte se:


Logfile of random's system information tool 1.09 (written by random/random)
Run by Pavel at 2012-09-06 08:38:50
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 48 GB (46%) free of 103 GB
Total RAM: 5120 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:39:01, on 6.9.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Utility\HotkeyP\HotkeyP.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Users\Pavel\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\Pavel\AppData\Local\Facebook\Messenger\2.1.4623.0\FacebookMessenger.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\JetToolBar\JetTB.exe
C:\Program Files (x86)\DisplayFusion\DisplayFusionHookx86.exe
C:\Utility\GmailNotifierPro\GmailNotifierPro.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\QTranslate\QTranslate.exe
C:\Program Files (x86)\SugarSync\SugarSyncManager.exe
C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\totalcmd\TOTALCMD.EXE
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Pavel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/ig?hl=cs&source=iglk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Pavel\AppData\Roaming\Complitly\Complitly.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: LastPass Browser Helper Object - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Users\Pavel\AppData\Roaming\LastPass\LPBar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Users\Pavel\AppData\Roaming\LastPass\LPBar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HotkeyP] C:\Utility\HotkeyP\HotkeyP.exe 0
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Pavel\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Facebook Messenger.lnk = Pavel\AppData\Local\Facebook\Messenger\2.1.4623.0\FacebookMessenger.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: LastPass - file://C:\Users\Pavel\AppData\Roaming\LastPass\context.html?cmd=lastpass
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Users\Pavel\AppData\Roaming\LastPass\context.html?cmd=fillforms
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Přidat do stávajícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Users\Pavel\AppData\Roaming\LastPass\LPBar.dll
O9 - Extra 'Tools' menuitem: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Users\Pavel\AppData\Roaming\LastPass\LPBar.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D13E15D5-F232-404C-B972-594E6B4396D2}: NameServer = 192.168.1.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: ABBYY FineReader 10 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.10.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba Acronis Nonstop Backup (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Canon Driver Information Assist Service - CANON INC. - C:\Program Files\Canon\DIAS\CnxDIAS.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SearchAnonymizer - Unknown owner - C:\Users\Pavel\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Windows7FirewallService - Sphinx Software - C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14459 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe"
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files\Canon\DIAS\CnxDIAS.exe"
"C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe" -s DefaultInstance
"C:\Users\Pavel\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe"
"C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe"
"C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe" -s DefaultInstance
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Utility\HotkeyP\HotkeyP.exe" 0
"C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" -tray
"C:\Users\Pavel\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Users\Pavel\AppData\Local\Facebook\Messenger\2.1.4623.0\FacebookMessenger.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
"C:\Program Files (x86)\JetToolBar\JetTB.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe"
"C:\Program Files (x86)\DisplayFusion\DisplayFusionHookx86.exe" 132322*3b67389b-6500-4c2c-ab4a-16b35bf3b8f7*C:\Program Files (x86)\DisplayFusion\Hooks\DisplayFusionHookx86_74D086AC-251D-439B-8962-3F3C6C74EB18.dll
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Utility\GmailNotifierPro\GmailNotifierPro.exe" /minimized
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\QTranslate\QTranslate.exe"
"C:\Program Files (x86)\SugarSync\SugarSyncManager.exe" -startInTray -usedelay=true
"C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
{151B2A45-DEAE-4372-A0A0-C5C82A31A7DC}
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\totalcmd\TOTALCMD.EXE"
"C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/7/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_48/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="6572.0.144695009\1914255516" /prefetch:3
"C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/7/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_48/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --extension-process --renderer-print-preview --channel="6572.1.414895038\43248098" /prefetch:3
"C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/7/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_48/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --extension-process --renderer-print-preview --channel="6572.2.696094793\676230548" /prefetch:3
"C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/7/Prerender/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_48/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --extension-process --renderer-print-preview --channel="6572.3.1208485944\503995029" /prefetch:3
"C:\Users\Pavel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.11_0\nplastpass.dll" --lang=cs --channel="6572.4.1981719914\1087595308" /prefetch:4
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2874635146-696550908-3422958121-100016_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2874635146-696550908-3422958121-100016 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"E:\Stahy\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2874635146-696550908-3422958121-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2874635146-696550908-3422958121-1000UA.job
C:\Windows\tasks\GlaryInitialize.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2874635146-696550908-3422958121-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2874635146-696550908-3422958121-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\y9nt2i60.default

prefs.js - "browser.startup.homepage" - "http://www.google.cz/ig?hl=cs&source=iglk"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.271 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm LTD Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin]
"Description"=SumatraPDF Browser Plugin
"Path"=C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.271 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33]
"Description"=
"Path"=C:\Windows\system32\npdeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
npPDFXCviewNPPlugin.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\y9nt2i60.default\extensions\
support@lastpass.com
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
{33e0daa6-3af3-d8b5-6752-10e949c61516}
{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}

C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\y9nt2i60.default\searchplugins\
{43E6CE7F-AF76-498F-AE5A-64759DEFEB8A}.xml
{61B420E6-64F3-4136-BCC5-E13327BED058}.xml
{A0F5DE81-3F87-4729-86A6-4A9784EE5F1C}.xml
{F051555C-EABD-44AA-BE1F-B7D61080A01C}.xml
{F18371CC-B4C3-46E7-B0FA-B9E30F9CE9BD}.xml
{FABF22AC-15B3-4ED0-A740-225BA5C49C8C}.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - C:\Users\Pavel\AppData\Roaming\Complitly\64\Complitly64.dll [2011-10-16 167416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-08-21 1501776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 6721936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-08-13 350984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95D9ECF5-2A4D-4550-BE49-70D42F71296E}]
LastPass Browser Helper Object - C:\Users\Pavel\AppData\Roaming\LastPass\LPBar64.dll [2012-05-08 11602976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-08-13 53512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2011-06-06 64928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - C:\Users\Pavel\AppData\Roaming\Complitly\Complitly.dll [2011-10-16 139768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-05 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95D9ECF5-2A4D-4550-BE49-70D42F71296E}]
LastPass Browser Helper Object - C:\Users\Pavel\AppData\Roaming\LastPass\LPBar.dll [2012-05-08 7889952]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-05 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}
{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - LastPass Toolbar - C:\Users\Pavel\AppData\Roaming\LastPass\LPBar64.dll [2012-05-08 11602976]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-08-21 1501776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]
{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - LastPass Toolbar - C:\Users\Pavel\AppData\Roaming\LastPass\LPBar.dll [2012-05-08 7889952]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartupDelayer"=C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe [2012-08-15 1069568]
"Windows7FirewallControl"=C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe [2012-04-12 1125376]
"Ocs_SM"=C:\Users\Pavel\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [2011-04-01 106496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"HotkeyP"=C:\Utility\HotkeyP\HotkeyP.exe [2011-09-23 147456]
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2012-08-03 1086376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-08 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad]
C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2012-05-01 1895424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
C:\Windows\Installer\{AC76BA86-1029-0000-7760-000000000003}\_SC_Acrobat.exe [2011-02-15 295606]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Synchronizer.lnk]
C:\PROGRA~2\Adobe\ACROBA~1.0\Acrobat\ADOBEC~1.EXE [2006-10-23 734872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
C:\PROGRA~2\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-09-25 113664]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-08-21 4282728]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Pavel\AppData\Roaming\Dropbox\bin\Dropbox.exe
Facebook Messenger.lnk - C:\Users\Pavel\AppData\Local\Facebook\Messenger\2.1.4623.0\FacebookMessenger.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 6721936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-09-06 08:38:50 ----D---- C:\rsit
2012-09-05 15:49:47 ----ASH---- C:\hiberfil.sys
2012-09-05 09:38:53 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-09-05 09:38:03 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2012-09-05 09:38:03 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-09-05 09:38:03 ----A---- C:\Windows\SYSWOW64\java.exe
2012-08-30 16:41:53 ----A---- C:\Windows\system32\drivers\pccsmcfdx64.sys
2012-08-30 16:41:22 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2012-08-25 11:15:06 ----D---- C:\Program Files\Windows7FirewallControl
2012-08-22 11:27:58 ----D---- C:\Users\Pavel\AppData\Roaming\QTranslate
2012-08-22 11:27:57 ----D---- C:\Program Files (x86)\QTranslate
2012-08-17 13:52:54 ----D---- C:\Users\Pavel\AppData\Roaming\Opera
2012-08-17 13:24:24 ----D---- C:\ProgramData\r2 Studios
2012-08-17 13:24:04 ----D---- C:\Program Files\r2 Studios
2012-08-16 13:05:09 ----A---- C:\Windows\SYSWOW64\MSVBVM50.dll
2012-08-16 13:05:08 ----A---- C:\Windows\SYSWOW64\VB5StKit.dll
2012-08-16 13:05:08 ----A---- C:\Windows\ST5UNST.EXE
2012-08-15 10:00:28 ----A---- C:\Windows\system32\srcore.dll
2012-08-15 10:00:27 ----A---- C:\Windows\SYSWOW64\srclient.dll
2012-08-15 10:00:12 ----A---- C:\Windows\system32\win32spl.dll
2012-08-15 10:00:12 ----A---- C:\Windows\system32\spoolsv.exe
2012-08-15 10:00:11 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2012-08-15 10:00:11 ----A---- C:\Windows\splwow64.exe
2012-08-15 10:00:08 ----A---- C:\Windows\system32\jscript.dll
2012-08-15 10:00:07 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-08-15 10:00:07 ----A---- C:\Windows\system32\vbscript.dll
2012-08-15 10:00:06 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-08-15 09:59:56 ----A---- C:\Windows\system32\netapi32.dll
2012-08-15 09:59:56 ----A---- C:\Windows\system32\browser.dll
2012-08-15 09:59:56 ----A---- C:\Windows\system32\browcli.dll
2012-08-15 09:59:55 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2012-08-15 09:59:55 ----A---- C:\Windows\SYSWOW64\browcli.dll
2012-08-15 09:58:52 ----A---- C:\Windows\system32\win32k.sys
2012-08-15 09:58:45 ----A---- C:\Windows\system32\localspl.dll
2012-08-14 17:36:12 ----D---- C:\Program Files (x86)\Oracle
2012-08-14 17:36:04 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2012-08-14 15:16:32 ----D---- C:\Program Files (x86)\SugarSync
2012-08-14 08:10:57 ----D---- C:\Users\Pavel\AppData\Roaming\Dropbox
2012-08-13 19:13:09 ----D---- C:\Program Files (x86)\rajce
2012-08-13 11:04:22 ----A---- C:\Windows\system32\javaws.exe
2012-08-13 11:04:22 ----A---- C:\Windows\system32\javaw.exe
2012-08-13 11:04:22 ----A---- C:\Windows\system32\java.exe
2012-08-13 11:01:58 ----A---- C:\Windows\system32\npdeployJava1.dll
2012-08-13 10:54:12 ----D---- C:\Users\Pavel\AppData\Roaming\XnRetro
2012-08-13 08:04:40 ----D---- C:\ProgramData\ATI
2012-08-13 08:04:33 ----D---- C:\Program Files (x86)\AMD AVT
2012-08-13 08:04:27 ----D---- C:\Program Files (x86)\AMD APP
2012-08-12 22:18:55 ----A---- C:\Windows\SYSWOW64\ativvsvl.dat
2012-08-12 22:18:55 ----A---- C:\Windows\SYSWOW64\ativvsva.dat
2012-08-12 22:18:55 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2012-08-12 22:18:55 ----A---- C:\Windows\system32\coinst_8.98.dll
2012-08-12 22:18:55 ----A---- C:\Windows\system32\ativvsvl.dat
2012-08-12 22:18:55 ----A---- C:\Windows\system32\ativvsva.dat
2012-08-12 22:18:54 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2012-08-12 22:18:54 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2012-08-12 22:18:54 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2012-08-12 22:18:54 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2012-08-12 22:18:54 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2012-08-12 22:18:54 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2012-08-12 22:18:54 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2012-08-12 22:18:54 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2012-08-12 22:18:54 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2012-08-12 22:18:54 ----A---- C:\Windows\SYSWOW64\ati2edxx.dll
2012-08-12 22:18:54 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2012-08-12 22:18:54 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2012-08-12 22:18:54 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2012-08-12 22:18:54 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2012-08-12 22:18:54 ----A---- C:\Windows\system32\atiumd6a.dll
2012-08-12 22:18:54 ----A---- C:\Windows\system32\atiumd64.dll
2012-08-12 22:18:54 ----A---- C:\Windows\system32\atiu9p64.dll
2012-08-12 22:18:54 ----A---- C:\Windows\system32\atitmm64.dll
2012-08-12 22:18:54 ----A---- C:\Windows\system32\atio6axx.dll
2012-08-12 22:18:54 ----A---- C:\Windows\system32\atimuixx.dll
2012-08-12 22:18:54 ----A---- C:\Windows\system32\atimpc64.dll
2012-08-12 22:18:54 ----A---- C:\Windows\system32\atiicdxx.dat
2012-08-12 22:18:54 ----A---- C:\Windows\system32\atiglpxx.dll
2012-08-12 22:18:54 ----A---- C:\Windows\system32\atig6txx.dll
2012-08-12 22:18:54 ----A---- C:\Windows\system32\atig6pxx.dll
2012-08-12 22:18:54 ----A---- C:\Windows\system32\atiesrxx.exe
2012-08-12 22:18:54 ----A---- C:\Windows\system32\atiedu64.dll
2012-08-12 22:18:54 ----A---- C:\Windows\system32\atieclxx.exe
2012-08-12 22:18:54 ----A---- C:\Windows\system32\ATIDEMGX.dll
2012-08-12 22:18:54 ----A---- C:\Windows\system32\aticalrt64.dll
2012-08-12 22:18:54 ----A---- C:\Windows\system32\aticaldd64.dll
2012-08-12 22:18:54 ----A---- C:\Windows\system32\aticalcl64.dll
2012-08-12 22:18:54 ----A---- C:\Windows\system32\atiapfxx.exe
2012-08-12 22:18:54 ----A---- C:\Windows\system32\atiadlxx.dll
2012-08-12 22:18:54 ----A---- C:\Windows\system32\amdpcom64.dll

======List of files/folders modified in the last 1 month======

2012-09-06 08:38:57 ----D---- C:\Program Files\trend micro
2012-09-06 08:38:55 ----D---- C:\Windows\Temp
2012-09-06 08:38:42 ----D---- C:\Users\Pavel\AppData\Roaming\Skype
2012-09-06 08:38:41 ----D---- C:\Windows\inf
2012-09-06 08:38:37 ----D---- C:\Windows
2012-09-06 08:38:21 ----D---- C:\Users\Pavel\AppData\Roaming\DisplayFusion
2012-09-06 08:16:16 ----D---- C:\Windows\system32\config
2012-09-05 19:36:45 ----D---- C:\Users\Pavel\AppData\Roaming\KeePass
2012-09-05 16:27:36 ----D---- C:\Users\Pavel\AppData\Roaming\gtk-2.0
2012-09-05 14:49:44 ----D---- C:\ProgramData\firebird
2012-09-05 10:06:39 ----D---- C:\Windows\System32
2012-09-05 10:06:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-09-05 09:39:23 ----SHD---- C:\Windows\Installer
2012-09-05 09:38:53 ----D---- C:\Windows\SysWOW64
2012-09-05 09:37:45 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2012-09-05 09:37:41 ----D---- C:\Program Files (x86)\Java
2012-09-05 09:36:24 ----SHD---- C:\System Volume Information
2012-09-03 11:27:26 ----D---- C:\Program Files (x86)\BibleWorks 8
2012-09-02 08:31:23 ----D---- C:\Windows\SoftwareDistribution
2012-09-01 23:30:47 ----D---- C:\Windows\Prefetch
2012-08-31 13:39:12 ----D---- C:\Program Files (x86)\Hesla JB
2012-08-30 19:28:33 ----D---- C:\Program Files (x86)\DOSBox-0.74
2012-08-30 19:16:20 ----D---- C:\Utility
2012-08-30 18:01:47 ----D---- C:\Windows\system32\catroot
2012-08-30 16:41:53 ----DC---- C:\Windows\system32\DRVSTORE
2012-08-30 16:41:53 ----D---- C:\Windows\system32\drivers
2012-08-30 16:41:51 ----D---- C:\Windows\system32\DriverStore
2012-08-30 16:41:22 ----RD---- C:\Program Files (x86)
2012-08-30 16:35:02 ----D---- C:\Users\Pavel\AppData\Roaming\Gmail Notifier
2012-08-26 14:51:27 ----D---- C:\Program Files (x86)\XnView
2012-08-26 14:50:26 ----D---- C:\Users\Pavel\AppData\Roaming\XnView
2012-08-25 11:15:06 ----RD---- C:\Program Files
2012-08-25 10:51:38 ----D---- C:\Windows\system32\Tasks
2012-08-25 10:47:49 ----D---- C:\Windows\Minidump
2012-08-21 11:12:23 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2012-08-21 11:12:02 ----A---- C:\Windows\system32\aswBoot.exe
2012-08-19 16:20:35 ----D---- C:\Moje ikony
2012-08-19 15:55:14 ----SD---- C:\Users\Pavel\AppData\Roaming\Microsoft
2012-08-18 17:32:48 ----D---- C:\Windows\Registration
2012-08-18 17:30:24 ----SD---- C:\ProgramData\Microsoft
2012-08-17 13:29:12 ----RSD---- C:\Windows\assembly
2012-08-17 13:24:24 ----HD---- C:\ProgramData
2012-08-17 08:07:54 ----D---- C:\Windows\winsxs
2012-08-17 08:02:59 ----D---- C:\Windows\system32\catroot2
2012-08-16 13:22:38 ----D---- C:\Program Files (x86)\FairStars CD Ripper
2012-08-16 13:01:58 ----D---- C:\Program Files (x86)\Games
2012-08-15 15:40:10 ----D---- C:\Windows\debug
2012-08-15 14:34:30 ----D---- C:\Program Files (x86)\OnLinePCXP
2012-08-15 13:15:14 ----RSD---- C:\Windows\Fonts
2012-08-15 13:14:35 ----D---- C:\ProgramData\Microsoft Help
2012-08-15 13:04:51 ----A---- C:\Windows\system32\MRT.exe
2012-08-15 11:24:06 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-08-14 17:36:38 ----D---- C:\Program Files (x86)\Common Files
2012-08-13 11:34:17 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-08-13 11:28:14 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-08-13 11:08:16 ----D---- C:\Program Files (x86)\LibreOffice 3.5
2012-08-13 11:08:12 ----D---- C:\Windows\ShellNew
2012-08-13 11:01:49 ----A---- C:\Windows\system32\deployJava1.dll
2012-08-13 10:43:25 ----D---- C:\Program Files (x86)\Glary Utilities
2012-08-13 10:43:20 ----D---- C:\Windows\Tasks
2012-08-13 10:43:13 ----D---- C:\Users\Pavel\AppData\Roaming\GlarySoft
2012-08-13 10:38:03 ----D---- C:\Program Files\CCleaner
2012-08-13 08:13:53 ----HD---- C:\Program Files (x86)\Temp
2012-08-13 08:04:35 ----D---- C:\ProgramData\AMD
2012-08-13 08:03:46 ----D---- C:\Program Files\ATI Technologies
2012-08-13 08:02:06 ----SHD---- C:\$RECYCLE.BIN
2012-08-13 00:17:57 ----D---- C:\Program Files (x86)\Aura

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2000-01-01 244328]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2011-02-15 277088]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-02-15 513080]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273); C:\Windows\system32\DRIVERS\tdrpm273.sys [2011-02-15 1263200]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2011-02-15 970336]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-08-21 54072]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-08-21 969200]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-08-21 359464]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-08-21 59728]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-08-21 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2011-02-15 279136]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-06-11 10248192]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-06-11 367616]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-10-17 93712]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2000-01-01 4734440]
R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmf6264.sys [2010-08-12 350952]
R3 V0530Dev;Creative Camera VF0530 Driver; C:\Windows\system32\DRIVERS\V0530Vid.sys [2009-12-15 319488]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2000-01-01 26440]
R3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2000-01-01 43976]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2000-01-01 77512]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-06-11 10248192]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-27 26112]
S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2010-09-01 17976]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2000-01-01 16200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-12 140672]
R2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [2009-11-25 814344]
R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2010-09-23 1079376]
R2 afcdpsrv;Služba Acronis Nonstop Backup; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-02-15 3975088]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-06-11 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-06-11 361984]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-08-21 44808]
R2 Canon Driver Information Assist Service;Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [2011-04-22 5873840]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [2010-09-17 98304]
R2 SearchAnonymizer;SearchAnonymizer; C:\Users\Pavel\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [2011-04-01 40960]
R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2011-04-19 399416]
R2 Správce výběru OS;Aktivátor Správce výběru OS Acronis; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2010-07-07 2156952]
R2 Windows7FirewallService;Windows7FirewallService; C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe [2012-04-12 760320]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [2010-09-17 3735552]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-08-01 724888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-29 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-02-15 654848]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-29 116648]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2011-04-19 993848]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-16 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[Mc_Murphy]

Zdravím.

Vydrž minutku, na logu se intenzivně pracuje.

[Mc_Murphy]

Pokud je tam najdeš, tak v nabídce Přidat nebo odebrat programy odinstaluj tyto toolbary:

• Adobe PDF Toolbar, LastPass Toolbar a JetToolBar.

Toolbary (lišty prohlížečů) jsou veliká "zdržovadla" systému a v případě například Ask.com Toolbar, Conduit Engine a dalších se dá hovořit už i o havěti.


Potom fixni v HJT níže uvedené položky.

• Fixnout znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek.
• Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
• Položky, které v seznamu nenajdeš, prostě přeskoč.
• HJT najdeš zde: C:\Program Files\trend micro\PC.exe

Bude-li Avast křičet, že to chce otevřít v Sandboxu, nedovol to! Vyber možnost Otevřít normálně!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll


Dále stáhni utilitu OTM z jednoho z těchto odkazů:

• http://oldtimer.geekstogo.com/OTM.exe
• http://oldtimer.geekstogo.com/OTM.com
• http://oldtimer.geekstogo.com/OTM.scr

Ulož ji na Plochu a dvojklikem spusť.

Bude-li Avast křičet, že to chce otevřít v Sandboxu, nedovol to! Vyber možnost Otevřít normálně!

Do levého okna Paste Instructions for Items to be Moved zkopíruj tento script (pouze zelená písmenka v bílém poli, včetně té dvojtečky před Commands!):

Kód: Vybrat vše

:Commands
[ClearAllRestorePoints]
[ResetHosts]
[Purity]
[EmptyTemp]
[EmptyFlash]

:Services
!SASCORE
AdobeFlashPlayerUpdateSvc
gupdate
gupdatem
SASDIFSV
SASKUTIL

:Files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2874635146-696550908-3422958121-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2874635146-696550908-3422958121-1000UA.job
C:\Windows\tasks\GlaryInitialize.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2874635146-696550908-3422958121-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2874635146-696550908-3422958121-1000UA.job
C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk

:Reg
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=-
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{32099AAC-C132-4136-9E9A-4E364A424E17}"=-
"{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5}"=-
"{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}"=-
"{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5}"=-
"{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartupDelayer"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Synchronizer.lnk] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk] /64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

Nyní klikni na tlačítko [MoveIt!], čímž vše spustíš.
Po restartu mi sem hoď log, který najdeš v C:\_OTM\MovedFiles\

[Pakl]

Ty lišty v Programech nebyly, nic jsem s nimi neudělal. JetToolBar bych si stejně ponechal, užívám ji již řadu let a jsem na ni zvyklý. Jinak jsem udělal vše v HJT i OTM.
Log z OTM:

All processes killed
========== COMMANDS ==========

Restore point Set: OTM Restore Point
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes

User: Pavel
->Temp folder emptied: 457269 bytes
->Temporary Internet Files folder emptied: 427156 bytes
->Java cache emptied: 1 bytes
->FireFox cache emptied: 50347500 bytes
->Google Chrome cache emptied: 12822414 bytes
->Flash cache emptied: 6820 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 3451 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 1274554 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 753 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 84027 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 62,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Pavel
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

========== SERVICES/DRIVERS ==========
Service !SASCORE stopped successfully!
Service !SASCORE deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service SASDIFSV stopped successfully!
Service SASDIFSV deleted successfully!
Service SASKUTIL stopped successfully!
Service SASKUTIL deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2425.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP739.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD29B.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP219B.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP26C1.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP377B.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3E57.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP72E5.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP847A.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP84E.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA0D4.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB145.tmp folder moved successfully.
C:\Windows\Installer\MSI1A16.tmp- folder moved successfully.
C:\Windows\Installer\MSI6F80.tmp- folder moved successfully.
C:\Windows\Installer\MSIA61F.tmp moved successfully.
C:\Windows\Installer\MSIAF7B.tmp moved successfully.
C:\Windows\Installer\MSIBF1F.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\d53ae6e3fa06f133f79883140dddca7d\BITA045.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\dba8df073bc970167aa3784840f081fd\BIT49C2.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Temp\~DF504A378A5D5AD79B.TMP moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Temp\~DFC3AE2320CDA9EB2C.TMP moved successfully.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2874635146-696550908-3422958121-1000Core.job moved successfully.
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2874635146-696550908-3422958121-1000UA.job moved successfully.
C:\Windows\tasks\GlaryInitialize.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2874635146-696550908-3422958121-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2874635146-696550908-3422958121-1000UA.job moved successfully.
C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk moved successfully.
========== REGISTRY ==========
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\Sidebar deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\Sidebar deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE7CD045-E861-484f-8273-0445EE161910}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\StartupDelayer not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Synchronizer.lnk\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 09062012_115034

Files moved on Reboot...
C:\Users\Pavel\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
Díííííííík.

[Mc_Murphy]

Ty lišty v Programech nebyly, nic jsem s nimi neudělal. JetToolBar bych si stejně ponechal, užívám ji již řadu let a jsem na ni zvyklý.

OK, v pořádku. Nechtěné toolbary jsem pro jistotu odpálil už ve scriptu pro OTM a pokud JetToolBar používáš, není problém.

Jinak tedy OTM provedlo, co mělo, takže pokud nejsou žádné problémy, jen pročistíme a máme hotovo.


OTC http://oldtimer.geekstogo.com/OTC.exe

• Stáhni a spusť.
• Klikni na CleanUp a potvrď YES.
• Program uklidí a může (nemusí) restartovat PC.

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stáhni a spusť.
• Klikni na Start a potvrď OK.
• Program uklidí a může (nemusí) restartovat PC.
• Po použití utilitu smaž.

Pokud nemáš, stáhni CCleaner z tohoto odkazu.

• Panel čistič
• Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.

• Panel registry
• Klikni na Hledej problémy.
• Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
• Postup opakuj, dokud nebude bez problémů - většinou cca 3x.

• Panel nástroje
• Zde můžeš odinstalovat nepotřebné programy.

CCleaner doporučuji používat cca jednou za týden.

... a pokud nejsou žádné dotazy, bylo by to z mé strany vše.

[Pakl]

Tak, vše uděláno, OK. Velký dík. CCleaner dělám pravidelně, kromě toho MBAM a SuperAntiSpyware. Ten poslední dobou nejen že nic nenachází, ale vypne se a nenechá po sobě žádný log. Je špatně nastaven nebo je to normální?
Provedu defragmentaci, restart a pak šup záloha - image disku.
Ještě jednou - dík.

[Mc_Murphy]

S CCleanerem správná volba.
MBAM a SAS také, jen si hlídej, aby se ani jeden z nich nespouštěl při startu systému a ani u jednoho z nich nezapínat rezidentní ochranu.
Ne, pokud jsi to nikde - třeba i omylem - nenastavil, tak to normální není. Zkus se podívat do nastavení programu a případně ho přeinstalovat. Vše musíš také udržovat aktualizované, ale to asi víš.

Jinak tedy není vůbec zač a rádo se stalo. Přeji pěkný den.