Prosím o kontrolu

[martinleso]

Prosím o kontrolu logu.

Notebook bol dlho bez AntiViru, samozrejme pripojený na internet... Kamarát mi ho dal, lebo mu "sekal". Po nainštalovaní Aviry našlo nejaké malware a vírusy. No notebook stále seká, už nejde ani wifi.Nič sa s ním nedá robiť Ďakujem

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.11.2
Run by doma at 15:01:13 on 2013-01-24
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.421.1029.18.765.181 [GMT 1:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\ProgramData\DatacardService\HWDeviceService.exe
C:\Windows\system32\srvany.exe
C:\Windows\KMService.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Windows\system32\conhost.exe
C:\Program Files\PC Speed Maximizer\SPMSmartScan.exe
C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.3.0\ToolbarUpdater.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\explorer.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Protected Search\ProtectedSearch.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\WUDFHost.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\System32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://searchab.com/?aff=7&uid=55f88916-6587-11e2-80c9-00248145e0dd
uSearch Bar = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
uSearch Page = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
uDefault_Search_URL = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
mStart Page = hxxp://searchab.com/?aff=7&uid=55f88916-6587-11e2-80c9-00248145e0dd
mSearch Bar = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
mSearch Page = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
mDefault_Search_URL = hxxp://search.certified-toolbar.com?si=33953&tid=2958&bs=true&q=
mSearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=c8931605000000000000000000000000&tlver=1.4.19.19&affID=19404
uURLSearchHooks: SFT_eng7 Toolbar: {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - c:\program files\sft_eng7\prxtbSFT0.dll
mURLSearchHooks: SFT_eng7 Toolbar: {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - c:\program files\sft_eng7\prxtbSFT0.dll
BHO: AcroIEHlprObj Class: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 5.0\reader\activex\AcroIEHelper.ocx
BHO: SFT_eng7 Toolbar: {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - c:\program files\sft_eng7\prxtbSFT0.dll
BHO: Certified Toolbar: {0de094f5-e894-48c7-b16f-338d64674721} - c:\users\doma\appdata\roaming\certifiedtoolbar\CertifiedToolbar.dll
BHO: Complitly: {0FB6A909-6086-458F-BD92-1F8EE10042A0} -
BHO: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\conduitengine\prxConduitEngine.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>
BHO: DealPly: {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - c:\program files\dealply\DealPlyIE.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
BHO: delta Helper Object: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - c:\program files\delta\delta\1.8.8.8\bh\delta.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: SFT_eng7 Toolbar: {08D6B0B4-C132-470D-A8E2-AA2E9C3851C9} - c:\program files\sft_eng7\prxtbSFT0.dll
TB: SFT_eng7 Toolbar: {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - c:\program files\sft_eng7\prxtbSFT0.dll
TB: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\conduitengine\prxConduitEngine.dll
TB: Certified Toolbar: {0de094f5-e894-48c7-b16f-338d64674721} - c:\users\doma\appdata\roaming\certifiedtoolbar\CertifiedToolbar.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Delta Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3} - c:\program files\delta\delta\1.8.8.8\deltaTlbr.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMBgMonitor.exe"
uRun: [Google Update] "c:\users\doma\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Spybot-S&D Cleaning] "c:\program files\spybot - search & destroy 2\SDCleaner.exe" /autoclean
uRun: [PC Speed Maximizer] c:\program files\pc speed maximizer\SPMLauncher.exe
uRun: [Smart Driver Updater] c:\program files\smart driver updater\SDULauncher.exe
mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
mRun: [PrivitizeVPN] c:\program files\privitizevpn\PrivitizeVPN.exe /autorun
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {a9ff5a45-b433-4940-9299-de737a9c11f6} - {0de094f5-e894-48c7-b16f-338d64674721}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: Interfaces\{55ED05D1-97D8-4977-83FB-4CBF5B24C3B2}\2656C6B696E6E233833616 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{55ED05D1-97D8-4977-83FB-4CBF5B24C3B2}\D4C4C4C4 : DHCPNameServer = 10.54.0.1 8.8.8.8
TCP: Interfaces\{6ADF80B0-0BFC-412A-A92B-9732A8B9FD46} : NameServer = 213.151.200.31 213.151.208.162
TCP: Interfaces\{80375C5F-02ED-49DE-8423-76FC0CBBEB83} : NameServer = 213.151.200.31 213.151.208.162
TCP: Interfaces\{EDE079EC-AE80-4701-B1A8-A55AA0B1A39D} : NameServer = 213.151.200.31 213.151.208.162
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\13.3.0\ViProtocol.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= c:\progra~2\browse~2\261095~1.52\{c16c1~1\browse~1.dll c:\progra~1\zoomex\sprote~1.dll
SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 genuine.microsoft.com
Hosts: 127.0.0.1 mpa.one.microsoft.com
Hosts: 127.0.0.1 sls.microsoft.com
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\doma\appdata\roaming\mozilla\firefox\profiles\e1e7zuul.default\
FF - prefs.js: keyword.URL - hxxp://searchab.com/?aff=7&uid=55f88916-6587-11e2-80c9-00248145e0dd&q=
FF - prefs.js: browser.startup.homepage - hxxp://searchab.com/?aff=7&uid=55f88916-6587-11e2-80c9-00248145e0dd
FF - prefs.js: browser.search.selectedEngine - Privitize VPN);
FF - prefs.js: browser.startup.homepage - hxxp://searchab.com/?aff=7&uid=55f88916-6587-11e2-80c9-00248145e0dd
FF - prefs.js: browser.search.selectedEngine - Privitize VPNFF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\13.3.0\npsitesafety.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\npjpi170_11.dll
FF - plugin: c:\program files\java\jre7\bin\npoji610.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\users\doma\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extentions.y2layers.installId - cfe308f9-8172-472e-81e0-4ffcaacde0b8
FF - user.js: extentions.y2layers.defaultEnableAppsList - TwitTube,toprelatedtopics,dropdowndeals,ezlooker,bestvideodownloader,contenko
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: security.csp.enable - false
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=c8931605000000000000002100b6db25&q=
FF - user.js: extensions.BabylonToolbar.id - c8931605000000000000002100b6db25
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15678
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.4.9
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.4.9
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.4.916:26:54
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar_i.excTlbr - false
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=112555&tt=4912_4
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar.rvrt - false
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - c8931605000000000000002100b6db25
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15727
FF - user.js: extensions.delta.vrsn - 1.8.8.8
FF - user.js: extensions.delta.vrsni - 1.8.8.8
FF - user.js: extensions.delta_i.vrsnTs - 1.8.8.820:39:06
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta_i.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta_i.excTlbr - false
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta_i.newTab - false
.
============= SERVICES / DRIVERS ===============
.
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-12-4 26984]
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2013-1-16 36552]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2013-1-16 83944]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2012-9-20 73984]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2012-9-20 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\drivers\ew_usbenumfilter.sys [2012-9-20 11136]
S3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\drivers\ew_jucdcacm.sys [2012-9-20 89856]
S3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\drivers\ew_juextctrl.sys [2012-9-20 26624]
S3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\drivers\ew_juwwanecm.sys [2012-9-20 190976]
.
=============== File Associations ===============
.
FileExt: .txt: opendocument.WriterDocument.1 - HKCR\Unknown\Shell=c:\windows\system32\rundll32.exe c:\windows\system32\shell32.dll,OpenAs_RunDLL %1 [UserChoice] [default=openas]
.
=============== Created Last 30 ================
.
2013-01-23 20:06:29 -------- d-sh--w- c:\windows\system32\%APPDATA%
2013-01-23 18:12:18 -------- d-----w- c:\program files\PrivitizeVPN
2013-01-23 18:12:07 -------- d-----w- c:\programdata\CLSoft LTD
2013-01-23 18:11:52 -------- d-----w- c:\program files\ZoomEx
2013-01-23 18:10:54 -------- d-----w- c:\programdata\InstallMate
2013-01-22 19:39:41 -------- d-----w- c:\programdata\BrowserProtect
2013-01-22 19:39:41 -------- d-----w- c:\program files\DealPly
2013-01-22 19:39:22 -------- d-----w- c:\users\doma\appdata\roaming\Smart Driver Updater
2013-01-22 19:39:21 -------- d-----w- c:\program files\Smart Driver Updater
2013-01-22 19:39:16 -------- d-----w- c:\users\doma\appdata\roaming\CRDeltaTB
2013-01-22 19:39:05 -------- d-----w- c:\program files\Delta
2013-01-22 19:38:59 -------- d-----w- c:\users\doma\appdata\roaming\Delta
2013-01-22 19:38:13 -------- d-----w- c:\users\doma\appdata\roaming\PC Speed Maximizer
2013-01-22 19:37:49 -------- d-----w- c:\program files\PC Speed Maximizer
2013-01-22 19:37:18 -------- d-----w- c:\programdata\Babylon
2013-01-22 19:37:16 -------- d-----w- c:\users\doma\appdata\roaming\Babylon
2013-01-22 19:33:14 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-01-22 18:38:11 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2013-01-22 18:36:44 -------- d-----w- c:\users\doma\appdata\local\Apple
2013-01-22 18:34:55 -------- d-----w- c:\program files\Bonjour
2013-01-20 21:55:51 768512 ----a-w- c:\windows\system32\localspl.dll
2013-01-19 20:48:12 139264 ----a-w- c:\windows\system32\cryptsvc.dll
2013-01-19 20:48:12 1157632 ----a-w- c:\windows\system32\crypt32.dll
2013-01-19 20:48:12 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-01-19 20:46:08 177152 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2013-01-19 20:44:27 987136 ----a-w- c:\program files\common files\system\ado\msado15.dll
2013-01-19 20:43:32 1388544 ----a-w- c:\windows\system32\msxml6.dll
2013-01-19 20:42:19 627712 ----a-w- c:\windows\system32\usp10.dll
2013-01-19 20:42:13 316928 ----a-w- c:\windows\system32\spoolsv.exe
2013-01-19 20:40:33 143744 ----a-w- c:\windows\system32\drivers\nvstor.sys
2013-01-19 20:40:32 1686016 ----a-w- c:\windows\system32\esent.dll
2013-01-19 20:40:32 117120 ----a-w- c:\windows\system32\drivers\nvraid.sys
2013-01-19 20:40:30 80256 ----a-w- c:\windows\system32\drivers\amdsata.sys
2013-01-19 20:40:30 146304 ----a-w- c:\windows\system32\drivers\storport.sys
2013-01-19 20:40:29 74240 ----a-w- c:\windows\system32\fsutil.exe
2013-01-19 20:40:29 332160 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2013-01-19 20:40:29 22400 ----a-w- c:\windows\system32\drivers\amdxata.sys
2013-01-19 20:40:05 417792 ----a-w- c:\windows\system32\msdri.dll
2013-01-19 20:39:42 478208 ----a-w- c:\windows\system32\timedate.cpl
2013-01-19 20:36:28 1328640 ----a-w- c:\windows\system32\quartz.dll
2013-01-19 20:36:27 514560 ----a-w- c:\windows\system32\qdvd.dll
2013-01-19 20:36:21 541184 ----a-w- c:\windows\system32\kerberos.dll
2013-01-19 20:36:16 2342400 ----a-w- c:\windows\system32\msi.dll
2013-01-19 20:36:10 490496 ----a-w- c:\windows\system32\d3d10level9.dll
2013-01-19 20:34:57 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2013-01-19 20:34:56 57856 ----a-w- c:\windows\system32\rdpwsx.dll
2013-01-19 20:34:56 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2013-01-19 20:32:21 690688 ----a-w- c:\windows\system32\msvcrt.dll
2013-01-19 20:32:11 163328 ----a-w- c:\windows\system32\profsvc.dll
2013-01-19 20:32:05 78336 ----a-w- c:\windows\system32\synceng.dll
2013-01-19 20:31:57 204288 ----a-w- c:\windows\system32\upnp.dll
2013-01-19 20:31:49 204800 ----a-w- c:\windows\system32\WebClnt.dll
2013-01-19 20:31:48 80384 ----a-w- c:\windows\system32\davclnt.dll
2013-01-19 20:31:48 51200 ----a-w- c:\windows\system32\wscapi.dll
2013-01-19 20:31:48 350720 ----a-w- c:\windows\system32\winhttp.dll
2013-01-19 20:31:47 73728 ----a-w- c:\windows\system32\wscsvc.dll
2013-01-19 20:31:47 14336 ----a-w- c:\windows\system32\slwga.dll
2013-01-19 20:31:30 442880 ----a-w- c:\windows\system32\ntshrui.dll
2013-01-19 20:31:13 802304 ----a-w- c:\windows\system32\FntCache.dll
2013-01-19 08:25:35 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-01-19 08:25:35 295424 ----a-w- c:\windows\system32\atmfd.dll
2013-01-19 08:11:31 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-01-19 08:11:31 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-01-19 08:11:31 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-01-19 08:08:10 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-01-19 08:08:10 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-01-19 08:08:07 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-01-19 08:08:07 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-01-19 08:08:02 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-01-19 08:08:01 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2013-01-19 08:08:00 613888 ----a-w- c:\windows\system32\WUDFx.dll
2013-01-19 08:06:20 5120 ----a-w- c:\windows\system32\wmi.dll
2013-01-19 08:06:20 19312 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-01-19 08:06:19 158720 ----a-w- c:\windows\system32\imagehlp.dll
2013-01-19 07:58:44 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-01-19 07:58:43 135168 ----a-w- c:\windows\system32\XpsRasterService.dll
2013-01-19 07:58:37 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll
2013-01-19 07:58:35 3181568 ----a-w- c:\windows\system32\mf.dll
2013-01-19 07:58:34 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2013-01-19 07:49:02 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2013-01-19 07:49:02 146304 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2013-01-19 07:43:13 276992 ----a-w- c:\windows\system32\wcncsvc.dll
2013-01-18 20:34:06 3958128 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-18 20:34:04 3902832 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-18 19:47:18 2344960 ----a-w- c:\windows\system32\win32k.sys
2013-01-18 19:35:05 2614784 ----a-w- c:\windows\explorer.exe
2013-01-18 17:58:31 1210736 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-01-18 17:57:00 400896 ----a-w- c:\windows\system32\srcore.dll
2013-01-18 17:50:58 85504 ----a-w- c:\windows\system32\secproc_ssp.dll
2013-01-18 17:50:58 369152 ----a-w- c:\windows\system32\secproc.dll
2013-01-18 17:50:58 365568 ----a-w- c:\windows\system32\secproc_isv.dll
2013-01-18 17:50:58 320512 ----a-w- c:\windows\system32\RMActivate.exe
2013-01-18 17:50:58 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2013-01-18 17:50:57 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2013-01-18 17:50:57 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe
2013-01-18 17:50:57 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2013-01-18 17:50:40 194488 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-01-18 17:50:17 172544 ----a-w- c:\windows\system32\wintrust.dll
2013-01-18 17:49:59 376832 ----a-w- c:\windows\system32\dpnet.dll
2013-01-18 17:49:55 31232 ----a-w- c:\windows\system32\prevhost.exe
2013-01-18 17:48:40 492032 ----a-w- c:\windows\system32\win32spl.dll
2013-01-18 17:45:23 219136 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-18 17:44:20 739840 ----a-w- c:\windows\system32\d2d1.dll
2013-01-18 17:44:20 1170944 ----a-w- c:\windows\system32\d3d10warp.dll
2013-01-18 17:44:18 218624 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-01-18 17:44:18 1074176 ----a-w- c:\windows\system32\DWrite.dll
2013-01-18 17:44:17 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2013-01-18 17:44:10 245616 ----a-w- c:\windows\system32\drivers\volsnap.sys
2013-01-18 17:41:51 26496 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2013-01-18 17:09:46 -------- d-----w- c:\program files\bitComposer Games
2013-01-18 13:16:24 2048 ----a-w- c:\windows\system32\tzres.dll
2013-01-18 13:14:18 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-01-18 13:14:17 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-01-18 13:14:17 107520 ----a-w- c:\windows\system32\cdd.dll
2013-01-18 13:07:31 826368 ----a-w- c:\windows\system32\rdpcore.dll
2013-01-18 13:07:30 24064 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-01-18 12:21:33 2422272 ----a-w- c:\windows\system32\wucltux.dll
2013-01-18 12:21:06 88576 ----a-w- c:\windows\system32\wudriver.dll
2013-01-18 12:20:38 33792 ----a-w- c:\windows\system32\wuapp.exe
2013-01-18 12:20:38 171904 ----a-w- c:\windows\system32\wuwebv.dll
2013-01-16 14:00:21 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-01-16 13:59:39 15224 ----a-w- c:\windows\system32\sdnclean.exe
2013-01-16 13:59:21 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2013-01-16 13:56:53 -------- d-----w- c:\users\doma\appdata\local\Programs
2013-01-16 13:38:25 -------- d-----w- c:\windows\system32\appmgmt
2013-01-16 13:29:17 859552 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-01-16 13:28:36 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-16 13:15:27 -------- d-----w- c:\program files\Sony
2013-01-16 09:50:46 -------- d-----w- c:\program files\CCleaner
2013-01-16 09:28:45 -------- d-----w- c:\users\doma\appdata\roaming\Avira
2013-01-16 09:22:21 36552 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-01-16 09:22:20 83944 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-01-16 09:22:17 -------- d-----w- c:\programdata\Avira
2013-01-16 09:22:17 -------- d-----w- c:\program files\Avira
2013-01-07 12:55:22 -------- d-----w- c:\program files\Data Design Interactive
.
==================== Find3M ====================
.
2013-01-19 08:03:01 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-01-19 08:03:01 161792 ----a-w- c:\windows\system32\msls31.dll
2013-01-19 08:03:00 86528 ----a-w- c:\windows\system32\iesysprep.dll
2013-01-19 08:03:00 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-01-19 08:03:00 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-01-19 08:03:00 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-01-19 08:03:00 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-01-16 13:28:15 780192 ----a-w- c:\windows\system32\deployJava1.dll
2012-12-07 05:04:20 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 04:57:38 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-12-04 15:02:56 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2012-11-30 05:06:15 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-11-30 05:00:06 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 03:07:41 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:51:41 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:51:41 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:51:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:51:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-25 11:54:06 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2012-11-25 11:54:06 110592 ----a-w- c:\windows\system32\OpenAL32.dll
.
============= FINISH: 15:03:26,82 ===============

[martinleso]

Ešte raz Vás prosím o pomoc. neviem si s tým rady. Ďakujem

[Márty84]

Zdravim

Nez se na to kouknem, chci se zeptat, jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze

Dejte sem log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=105895

[martinleso]

Ide o nezakúpený Windows.



Logfile of random's system information tool 1.09 (written by random/random)
Run by doma at 2013-01-24 21:35:42
Microsoft Windows 7 Ultimate
System drive C: has 17 GB (12%) free of 142 GB
Total RAM: 765 MB (48% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3642746990-1641391469-3704821272-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3642746990-1641391469-3704821272-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\e1e7zuul.default

prefs.js - "extensions.enabledItems" - "ffxtlbr@delta.com:1.5.0, {EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}:2.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.19"
prefs.js - "keyword.URL" - "http://searchab.com/?aff=7&uid=55f88916 ... 145e0dd&q="
prefs.js - "browser.startup.homepage" - "http://searchab.com/?aff=7&uid=55f88916 ... 248145e0dd"
prefs.js - "browser.startup.homepage" - "http://searchab.com/?aff=7&uid=55f88916 ... 248145e0dd"

"avg@toolbar"=C:\ProgramData\AVG Secure Search\FireFoxExt\13.3.0.8


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.3.0\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.11.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
aboutRights.js
aboutRobots.js
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
FeedConverter.js
FeedProcessor.js
FeedWriter.js
flashplayer.xpt
fuelApplication.js
jsconsole-clhandler.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsHandlerService.js
nsHelperAppDlg.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesTransactionsService.js
nsPostUpdateWin.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
np32dsw.dll
npnul32.dll
nppdf32.dll
NPSWF32.dll
ShockwavePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
avg-secure-search.xml
babylon.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
Web Search.xml
wikipedia-cz.xml

C:\Users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\e1e7zuul.default\extensions\
ffxtlbr@babylon.com
ffxtlbr@delta.com
{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}

C:\Users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\e1e7zuul.default\searchplugins\
babylon1.xml
conduit.xml
delta.xml
mngr.xml
Searchab.xml
Web Search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{08d6b0b4-c132-470d-a8e2-aa2e9c3851c9}]
SFT_eng7 Toolbar - C:\Program Files\SFT_eng7\prxtbSFT0.dll [2011-03-28 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0de094f5-e894-48c7-b16f-338d64674721}]
Certified Toolbar - C:\Users\doma\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll [2012-11-28 1031752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - C:\Users\doma\AppData\Roaming\Complitly\Complitly.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-03-28 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13 3214392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-01-16 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}]
DealPly - C:\Program Files\DealPly\DealPlyIE.dll [2012-12-26 99536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-15 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll [2013-01-15 1000984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
delta Helper Object - C:\Program Files\Delta\delta\1.8.8.8\bh\delta.dll [2013-01-03 247856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-01-16 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D0F4A166-B8D4-48b8-9D63-80849FE137CB}
{08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - SFT_eng7 Toolbar - C:\Program Files\SFT_eng7\prxtbSFT0.dll [2011-03-28 176936]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-03-28 176936]
{0de094f5-e894-48c7-b16f-338d64674721} - Certified Toolbar - C:\Users\doma\AppData\Roaming\CertifiedToolbar\CertifiedToolbar.dll [2012-11-28 1031752]
{95B7759C-8C7F-4BF1-B163-73684A933233}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-15 192144]
{82E1477C-B154-48D3-9891-33D83C26BCD3} - Delta Toolbar - C:\Program Files\Delta\delta\1.8.8.8\deltaTlbr.dll [2013-01-03 322096]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2012-12-04 1046984]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2012-12-04 384800]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"SDTray"=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2012-11-13 3825176]
"PrivitizeVPN"=C:\Program Files\PrivitizeVPN\PrivitizeVPN.exe [2013-01-23 196784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-10-24 39408]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe []
"Google Update"=C:\Users\doma\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-24 136176]
"Spybot-S&D Cleaning"=C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [2012-11-13 3713032]
"PC Speed Maximizer"=C:\Program Files\PC Speed Maximizer\SPMLauncher.exe [2012-03-01 80016]
"Smart Driver Updater"=C:\Program Files\Smart Driver Updater\SDULauncher.exe [2012-09-20 338576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~2\browse~2\261095~1.52\{c16c1~1\browse~1.dll c:\progra~1\zoomex\sprote~1.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
SDWinLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"vidc.VP62"=vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-01-24 21:35:48 ----D---- C:\Program Files\trend micro
2013-01-24 21:35:42 ----D---- C:\rsit
2013-01-23 21:06:29 ----SHD---- C:\Windows\system32\%APPDATA%
2013-01-23 19:12:18 ----D---- C:\Program Files\PrivitizeVPN
2013-01-23 19:12:07 ----D---- C:\ProgramData\CLSoft LTD
2013-01-23 19:11:52 ----D---- C:\Program Files\ZoomEx
2013-01-23 19:10:54 ----D---- C:\ProgramData\InstallMate
2013-01-23 08:40:19 ----D---- C:\Program Files\Microsoft.NET
2013-01-22 20:39:41 ----D---- C:\ProgramData\BrowserProtect
2013-01-22 20:39:41 ----D---- C:\Program Files\DealPly
2013-01-22 20:39:22 ----D---- C:\Users\doma\AppData\Roaming\Smart Driver Updater
2013-01-22 20:39:21 ----D---- C:\Program Files\Smart Driver Updater
2013-01-22 20:39:16 ----D---- C:\Users\doma\AppData\Roaming\CRDeltaTB
2013-01-22 20:39:05 ----D---- C:\Program Files\Delta
2013-01-22 20:38:59 ----D---- C:\Users\doma\AppData\Roaming\Delta
2013-01-22 20:38:13 ----D---- C:\Users\doma\AppData\Roaming\PC Speed Maximizer
2013-01-22 20:38:08 ----D---- C:\ProgramData\TEMP
2013-01-22 20:37:49 ----D---- C:\Program Files\PC Speed Maximizer
2013-01-22 20:37:18 ----D---- C:\ProgramData\Babylon
2013-01-22 20:37:16 ----D---- C:\Users\doma\AppData\Roaming\Babylon
2013-01-22 20:33:14 ----D---- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-01-22 19:39:20 ----DC---- C:\Windows\system32\DRVSTORE
2013-01-22 19:38:11 ----D---- C:\ProgramData\Apple Computer
2013-01-22 19:38:11 ----D---- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2013-01-22 19:36:34 ----D---- C:\Program Files\Apple Software Update
2013-01-22 19:35:23 ----D---- C:\Program Files\Common Files\Apple
2013-01-22 19:34:55 ----D---- C:\ProgramData\Apple
2013-01-22 19:34:55 ----D---- C:\Program Files\Bonjour
2013-01-20 22:55:51 ----A---- C:\Windows\system32\localspl.dll
2013-01-19 21:48:12 ----A---- C:\Windows\system32\cryptsvc.dll
2013-01-19 21:48:12 ----A---- C:\Windows\system32\cryptnet.dll
2013-01-19 21:48:12 ----A---- C:\Windows\system32\crypt32.dll
2013-01-19 21:47:50 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-01-19 21:47:50 ----A---- C:\Windows\system32\drivers\cng.sys
2013-01-19 21:47:49 ----A---- C:\Windows\system32\schannel.dll
2013-01-19 21:47:49 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-01-19 21:47:35 ----A---- C:\Windows\system32\KernelBase.dll
2013-01-19 21:47:35 ----A---- C:\Windows\system32\kernel32.dll
2013-01-19 21:47:34 ----A---- C:\Windows\system32\winsrv.dll
2013-01-19 21:47:34 ----A---- C:\Windows\system32\conhost.exe
2013-01-19 21:47:33 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-19 21:47:32 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-19 21:47:32 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-19 21:47:31 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-19 21:47:31 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-19 21:47:31 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-19 21:47:31 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-19 21:47:31 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-19 21:47:31 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-19 21:47:31 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-19 21:47:31 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-19 21:47:31 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-19 21:47:31 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-19 21:47:31 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-19 21:47:31 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-19 21:47:31 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-19 21:47:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-19 21:47:31 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-19 21:47:31 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-19 21:47:30 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-19 21:47:30 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-19 21:47:30 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-19 21:47:30 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-19 21:47:30 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-19 21:47:30 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-19 21:47:30 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-19 21:47:29 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-19 21:47:29 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-19 21:46:08 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2013-01-19 21:43:32 ----A---- C:\Windows\system32\msxml6.dll
2013-01-19 21:42:19 ----A---- C:\Windows\system32\usp10.dll
2013-01-19 21:42:13 ----A---- C:\Windows\system32\spoolsv.exe
2013-01-19 21:41:51 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-01-19 21:41:39 ----A---- C:\Windows\system32\msxml3.dll
2013-01-19 21:41:17 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-01-19 21:41:17 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-01-19 21:41:17 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-01-19 21:41:17 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-01-19 21:41:16 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-01-19 21:41:16 ----A---- C:\Windows\system32\drivers\usbohci.sys
2013-01-19 21:41:16 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-01-19 21:40:33 ----A---- C:\Windows\system32\drivers\nvstor.sys
2013-01-19 21:40:32 ----A---- C:\Windows\system32\esent.dll
2013-01-19 21:40:32 ----A---- C:\Windows\system32\drivers\nvraid.sys
2013-01-19 21:40:30 ----A---- C:\Windows\system32\drivers\storport.sys
2013-01-19 21:40:30 ----A---- C:\Windows\system32\drivers\amdsata.sys
2013-01-19 21:40:29 ----A---- C:\Windows\system32\fsutil.exe
2013-01-19 21:40:29 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2013-01-19 21:40:29 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2013-01-19 21:40:29 ----A---- C:\Windows\system32\drivers\amdxata.sys
2013-01-19 21:40:05 ----A---- C:\Windows\system32\msdri.dll
2013-01-19 21:38:44 ----A---- C:\Windows\system32\tquery.dll
2013-01-19 21:38:44 ----A---- C:\Windows\system32\mssrch.dll
2013-01-19 21:38:42 ----A---- C:\Windows\system32\SearchIndexer.exe
2013-01-19 21:38:42 ----A---- C:\Windows\system32\mssvp.dll
2013-01-19 21:38:41 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2013-01-19 21:38:41 ----A---- C:\Windows\system32\SearchFilterHost.exe
2013-01-19 21:38:41 ----A---- C:\Windows\system32\mssphtb.dll
2013-01-19 21:38:41 ----A---- C:\Windows\system32\mssph.dll
2013-01-19 21:38:41 ----A---- C:\Windows\system32\msscntrs.dll
2013-01-19 21:38:19 ----A---- C:\Windows\system32\netapi32.dll
2013-01-19 21:38:19 ----A---- C:\Windows\system32\browser.dll
2013-01-19 21:38:19 ----A---- C:\Windows\system32\browcli.dll
2013-01-19 21:38:10 ----A---- C:\Windows\system32\XpsPrint.dll
2013-01-19 21:38:01 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-01-19 21:36:28 ----A---- C:\Windows\system32\quartz.dll
2013-01-19 21:36:27 ----A---- C:\Windows\system32\qdvd.dll
2013-01-19 21:36:21 ----A---- C:\Windows\system32\kerberos.dll
2013-01-19 21:36:16 ----A---- C:\Windows\system32\msi.dll
2013-01-19 21:36:10 ----A---- C:\Windows\system32\d3d10level9.dll
2013-01-19 21:35:50 ----A---- C:\Windows\system32\Wpc.dll
2013-01-19 21:35:49 ----A---- C:\Windows\system32\gameux.dll
2013-01-19 21:35:02 ----A---- C:\Windows\system32\drivers\partmgr.sys
2013-01-19 21:34:57 ----A---- C:\Windows\system32\rdrmemptylst.exe
2013-01-19 21:34:56 ----A---- C:\Windows\system32\rdpwsx.dll
2013-01-19 21:34:56 ----A---- C:\Windows\system32\rdpcorekmts.dll
2013-01-19 21:32:21 ----A---- C:\Windows\system32\msvcrt.dll
2013-01-19 21:32:11 ----A---- C:\Windows\system32\profsvc.dll
2013-01-19 21:32:05 ----A---- C:\Windows\system32\synceng.dll
2013-01-19 21:31:57 ----A---- C:\Windows\system32\upnp.dll
2013-01-19 21:31:49 ----A---- C:\Windows\system32\WebClnt.dll
2013-01-19 21:31:48 ----A---- C:\Windows\system32\wscapi.dll
2013-01-19 21:31:48 ----A---- C:\Windows\system32\winhttp.dll
2013-01-19 21:31:48 ----A---- C:\Windows\system32\davclnt.dll
2013-01-19 21:31:47 ----A---- C:\Windows\system32\wscsvc.dll
2013-01-19 21:31:47 ----A---- C:\Windows\system32\slwga.dll
2013-01-19 21:31:30 ----A---- C:\Windows\system32\ntshrui.dll
2013-01-19 21:31:13 ----A---- C:\Windows\system32\FntCache.dll
2013-01-19 09:25:35 ----A---- C:\Windows\system32\atmlib.dll
2013-01-19 09:25:35 ----A---- C:\Windows\system32\atmfd.dll
2013-01-19 09:11:31 ----A---- C:\Windows\system32\Wdfres.dll
2013-01-19 09:11:31 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-01-19 09:11:31 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-01-19 09:08:10 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2013-01-19 09:08:10 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2013-01-19 09:08:07 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-01-19 09:08:07 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-01-19 09:08:02 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-01-19 09:08:01 ----A---- C:\Windows\system32\WUDFHost.exe
2013-01-19 09:08:00 ----A---- C:\Windows\system32\WUDFx.dll
2013-01-19 09:06:20 ----A---- C:\Windows\system32\wmi.dll
2013-01-19 09:06:20 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2013-01-19 09:06:19 ----A---- C:\Windows\system32\imagehlp.dll
2013-01-19 09:03:01 ----A---- C:\Windows\system32\urlmon.dll
2013-01-19 09:03:01 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-01-19 09:03:00 ----A---- C:\Windows\system32\wininet.dll
2013-01-19 09:03:00 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-01-19 09:03:00 ----A---- C:\Windows\system32\msrating.dll
2013-01-19 09:03:00 ----A---- C:\Windows\system32\msls31.dll
2013-01-19 09:03:00 ----A---- C:\Windows\system32\mshtmler.dll
2013-01-19 09:03:00 ----A---- C:\Windows\system32\msfeedssync.exe
2013-01-19 09:03:00 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-01-19 09:03:00 ----A---- C:\Windows\system32\jsproxy.dll
2013-01-19 09:03:00 ----A---- C:\Windows\system32\ieui.dll
2013-01-19 09:03:00 ----A---- C:\Windows\system32\iesysprep.dll
2013-01-19 09:03:00 ----A---- C:\Windows\system32\iertutil.dll
2013-01-19 09:03:00 ----A---- C:\Windows\system32\ieakeng.dll
2013-01-19 09:03:00 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-01-19 09:02:59 ----A---- C:\Windows\system32\ieframe.dll
2013-01-19 09:02:59 ----A---- C:\Windows\system32\dxtrans.dll
2013-01-19 09:02:59 ----A---- C:\Windows\system32\dxtmsft.dll
2013-01-19 09:02:58 ----A---- C:\Windows\system32\url.dll
2013-01-19 09:02:58 ----A---- C:\Windows\system32\iesetup.dll
2013-01-19 09:02:58 ----A---- C:\Windows\system32\iernonce.dll
2013-01-19 09:02:58 ----A---- C:\Windows\system32\iedkcs32.dll
2013-01-19 09:02:58 ----A---- C:\Windows\system32\ieapfltr.dll
2013-01-19 09:02:58 ----A---- C:\Windows\system32\ieapfltr.dat
2013-01-19 09:02:58 ----A---- C:\Windows\system32\ie4uinit.exe
2013-01-19 09:02:58 ----A---- C:\Windows\system32\icardie.dll
2013-01-19 09:02:57 ----A---- C:\Windows\system32\wextract.exe
2013-01-19 09:02:57 ----A---- C:\Windows\system32\webcheck.dll
2013-01-19 09:02:57 ----A---- C:\Windows\system32\vbscript.dll
2013-01-19 09:02:57 ----A---- C:\Windows\system32\mshtmled.dll
2013-01-19 09:02:57 ----A---- C:\Windows\system32\mshtml.dll
2013-01-19 09:02:57 ----A---- C:\Windows\system32\msfeeds.dll
2013-01-19 09:02:57 ----A---- C:\Windows\system32\licmgr10.dll
2013-01-19 09:02:57 ----A---- C:\Windows\system32\inseng.dll
2013-01-19 09:02:57 ----A---- C:\Windows\system32\iexpress.exe
2013-01-19 09:02:56 ----A---- C:\Windows\system32\pngfilt.dll
2013-01-19 09:02:56 ----A---- C:\Windows\system32\occache.dll
2013-01-19 09:02:56 ----A---- C:\Windows\system32\mshta.exe
2013-01-19 09:02:56 ----A---- C:\Windows\system32\jscript9.dll
2013-01-19 09:02:56 ----A---- C:\Windows\system32\jscript.dll
2013-01-19 09:02:56 ----A---- C:\Windows\system32\imgutil.dll
2013-01-19 09:02:56 ----A---- C:\Windows\system32\ieUnatt.exe
2013-01-19 09:02:56 ----A---- C:\Windows\system32\iepeers.dll
2013-01-19 09:02:56 ----A---- C:\Windows\system32\ieakui.dll
2013-01-19 09:02:56 ----A---- C:\Windows\system32\ieaksie.dll
2013-01-19 09:02:56 ----A---- C:\Windows\system32\admparse.dll
2013-01-19 08:58:44 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-01-19 08:58:43 ----A---- C:\Windows\system32\XpsRasterService.dll
2013-01-19 08:58:37 ----A---- C:\Windows\system32\ExplorerFrame.dll
2013-01-19 08:58:35 ----A---- C:\Windows\system32\mf.dll
2013-01-19 08:58:34 ----A---- C:\Windows\system32\mfreadwrite.dll
2013-01-19 08:49:02 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-01-19 08:49:02 ----A---- C:\Windows\system32\drivers\ks.sys
2013-01-19 08:43:13 ----A---- C:\Windows\system32\wcncsvc.dll
2013-01-18 21:34:06 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-01-18 21:34:04 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-01-18 20:47:18 ----A---- C:\Windows\system32\win32k.sys
2013-01-18 20:35:05 ----A---- C:\Windows\explorer.exe
2013-01-18 19:23:53 ----A---- C:\Windows\system32\shell32.dll
2013-01-18 18:58:31 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-01-18 18:57:00 ----A---- C:\Windows\system32\srcore.dll
2013-01-18 18:50:58 ----A---- C:\Windows\system32\secproc_ssp.dll
2013-01-18 18:50:58 ----A---- C:\Windows\system32\secproc_isv.dll
2013-01-18 18:50:58 ----A---- C:\Windows\system32\secproc.dll
2013-01-18 18:50:58 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2013-01-18 18:50:58 ----A---- C:\Windows\system32\RMActivate.exe
2013-01-18 18:50:57 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2013-01-18 18:50:57 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2013-01-18 18:50:57 ----A---- C:\Windows\system32\RMActivate_isv.exe
2013-01-18 18:50:40 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-01-18 18:50:17 ----A---- C:\Windows\system32\wintrust.dll
2013-01-18 18:50:02 ----A---- C:\Windows\system32\xmllite.dll
2013-01-18 18:49:59 ----A---- C:\Windows\system32\dpnet.dll
2013-01-18 18:49:55 ----A---- C:\Windows\system32\prevhost.exe
2013-01-18 18:48:40 ----A---- C:\Windows\system32\win32spl.dll
2013-01-18 18:45:23 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-18 18:44:20 ----A---- C:\Windows\system32\d3d10warp.dll
2013-01-18 18:44:20 ----A---- C:\Windows\system32\d2d1.dll
2013-01-18 18:44:18 ----A---- C:\Windows\system32\DWrite.dll
2013-01-18 18:44:18 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-01-18 18:44:17 ----A---- C:\Windows\system32\d3d10_1.dll
2013-01-18 18:44:10 ----A---- C:\Windows\system32\drivers\volsnap.sys
2013-01-18 18:41:51 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2013-01-18 18:09:46 ----D---- C:\Program Files\bitComposer Games
2013-01-18 14:16:24 ----A---- C:\Windows\system32\tzres.dll
2013-01-18 14:14:18 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-01-18 14:14:17 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-01-18 14:14:17 ----A---- C:\Windows\system32\cdd.dll
2013-01-18 14:07:31 ----A---- C:\Windows\system32\rdpcore.dll
2013-01-18 14:07:30 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2013-01-18 13:21:35 ----A---- C:\Windows\system32\wups2.dll
2013-01-18 13:21:35 ----A---- C:\Windows\system32\wuauclt.exe
2013-01-18 13:21:33 ----A---- C:\Windows\system32\wucltux.dll
2013-01-18 13:21:32 ----A---- C:\Windows\system32\wuaueng.dll
2013-01-18 13:21:06 ----A---- C:\Windows\system32\wups.dll
2013-01-18 13:21:06 ----A---- C:\Windows\system32\wudriver.dll
2013-01-18 13:21:06 ----A---- C:\Windows\system32\wuapi.dll
2013-01-18 13:20:38 ----A---- C:\Windows\system32\wuwebv.dll
2013-01-18 13:20:38 ----A---- C:\Windows\system32\wuapp.exe
2013-01-16 15:37:37 ----D---- C:\Program Files\Common Files\Nero
2013-01-16 15:00:21 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-01-16 14:59:39 ----A---- C:\Windows\system32\sdnclean.exe
2013-01-16 14:59:21 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2013-01-16 14:38:25 ----D---- C:\Windows\system32\appmgmt
2013-01-16 14:29:36 ----D---- C:\Program Files\Common Files\Java
2013-01-16 14:29:17 ----A---- C:\Windows\system32\npDeployJava1.dll
2013-01-16 14:29:17 ----A---- C:\Windows\system32\javaws.exe
2013-01-16 14:28:36 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-01-16 14:28:36 ----A---- C:\Windows\system32\javaw.exe
2013-01-16 14:28:36 ----A---- C:\Windows\system32\java.exe
2013-01-16 14:28:09 ----D---- C:\Program Files\Java
2013-01-16 14:15:28 ----D---- C:\ProgramData\Sony
2013-01-16 14:15:27 ----D---- C:\Program Files\Sony
2013-01-16 10:50:46 ----D---- C:\Program Files\CCleaner
2013-01-16 10:28:45 ----D---- C:\Users\doma\AppData\Roaming\Avira
2013-01-16 10:22:22 ----A---- C:\Windows\system32\drivers\ssmdrv.sys
2013-01-16 10:22:21 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2013-01-16 10:22:21 ----A---- C:\Windows\system32\drivers\avipbb.sys
2013-01-16 10:22:20 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2013-01-16 10:22:17 ----D---- C:\ProgramData\Avira
2013-01-16 10:22:17 ----D---- C:\Program Files\Avira
2013-01-07 13:55:22 ----D---- C:\Program Files\Data Design Interactive

======List of files/folders modified in the last 1 month======

2013-01-24 21:35:52 ----D---- C:\Windows\Prefetch
2013-01-24 21:35:48 ----D---- C:\Program Files
2013-01-24 20:40:35 ----D---- C:\Windows\Temp
2013-01-24 19:42:52 ----SHD---- C:\System Volume Information
2013-01-24 15:03:30 ----D---- C:\Windows\System32
2013-01-24 15:03:30 ----D---- C:\Windows\inf
2013-01-24 15:03:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-24 15:00:48 ----D---- C:\Windows\system32\config
2013-01-24 14:33:50 ----D---- C:\Windows\system32\Tasks
2013-01-24 14:18:24 ----D---- C:\Windows\system32\NDF
2013-01-24 14:10:46 ----D---- C:\Windows\tracing
2013-01-24 14:01:37 ----SD---- C:\ProgramData\Microsoft
2013-01-24 11:57:54 ----SHD---- C:\Windows\Installer
2013-01-24 11:57:53 ----SHD---- C:\Config.Msi
2013-01-24 11:56:48 ----D---- C:\Windows\system32\drivers
2013-01-24 11:24:17 ----D---- C:\Windows
2013-01-24 11:18:07 ----D---- C:\Windows\Panther
2013-01-24 11:18:03 ----D---- C:\Windows\Minidump
2013-01-24 11:18:03 ----D---- C:\Windows\Logs
2013-01-24 11:10:19 ----D---- C:\Windows\system32\catroot
2013-01-24 11:10:18 ----D---- C:\Windows\system32\DriverStore
2013-01-23 21:37:18 ----RSD---- C:\Windows\assembly
2013-01-23 21:16:06 ----D---- C:\Windows\Microsoft.NET
2013-01-23 19:20:25 ----D---- C:\Program Files\Mozilla Firefox
2013-01-23 19:12:07 ----HD---- C:\ProgramData
2013-01-23 18:43:00 ----D---- C:\Windows\system32\catroot2
2013-01-23 13:55:24 ----D---- C:\Windows\winsxs
2013-01-23 13:44:04 ----D---- C:\Windows\system32\cs-CZ
2013-01-23 08:40:37 ----D---- C:\Windows\system32\en-US
2013-01-22 23:29:54 ----D---- C:\Windows\AppPatch
2013-01-22 23:29:51 ----D---- C:\Windows\ehome
2013-01-22 19:35:23 ----D---- C:\Program Files\Common Files
2013-01-22 19:06:41 ----D---- C:\Windows\system32\drivers\UMDF
2013-01-20 10:10:55 ----RSD---- C:\Windows\Fonts
2013-01-20 10:10:50 ----D---- C:\Program Files\Windows Journal
2013-01-19 11:42:50 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-01-19 11:42:49 ----D---- C:\Windows\system32\wbem
2013-01-19 11:42:42 ----D---- C:\Program Files\Internet Explorer
2013-01-19 11:42:35 ----D---- C:\Windows\PolicyDefinitions
2013-01-19 11:42:34 ----D---- C:\Windows\system32\migration
2013-01-18 19:14:36 ----HD---- C:\Program Files\InstallShield Installation Information
2013-01-18 19:14:36 ----D---- C:\Program Files\Rockstar Games
2013-01-18 19:10:38 ----D---- C:\Program Files\EA SPORTS
2013-01-18 19:09:31 ----D---- C:\Program Files\OpenOffice.org 3
2013-01-17 22:29:45 ----SHD---- C:\Recovery
2013-01-16 16:49:17 ----D---- C:\Windows\system32\drivers\etc
2013-01-16 15:38:48 ----D---- C:\ProgramData\Nero
2013-01-16 15:38:29 ----D---- C:\Program Files\Nero
2013-01-16 14:36:07 ----A---- C:\Windows\system32\MsiExec.exe.log
2013-01-16 14:28:15 ----A---- C:\Windows\system32\deployJava1.dll
2013-01-16 12:37:44 ----D---- C:\Windows\Tasks
2013-01-16 11:31:45 ----D---- C:\Windows\ModemLogs
2013-01-16 11:31:43 ----D---- C:\Windows\debug
2013-01-07 13:55:22 ----D---- C:\ProgramData\Tarma Installer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2012-12-04 26984]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-11-22 134336]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2012-11-22 36552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2012-08-27 28520]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2012-11-27 83944]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-13 1035776]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 BCM43XX;Broadcom 802.11 – ovladač síťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-13 1131008]
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2011-07-26 15544]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-09-20 73984]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2012-09-20 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2012-09-20 11136]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-09-20 89856]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-09-20 26624]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2012-09-20 190976]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2012-09-20 195200]
S3 mbr;mbr; \??\C:\Users\doma\AppData\Local\Temp\mbr.sys []
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 TF1D091010;TF1D091010; C:\Windows\system32\DRIVERS\TF1D091010.sys [2008-02-01 99968]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-02-15 43520]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2012-12-04 109344]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2012-12-04 85280]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 BrowserProtect;BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-01-16 2550224]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 26168]
R2 HWDeviceService.exe;HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [2011-03-14 271712]
R2 KMService;KMService; C:\Windows\system32\srvany.exe [2012-10-15 8192]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
R2 vToolbarUpdater13.3.0;vToolbarUpdater13.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.3.0\ToolbarUpdater.exe [2012-12-04 894920]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-24 136176]
S2 Mobile Partner. RunOuc;Mobile Partner. OUC; C:\Program Files\Mobile Partner\UpdateDog\ouc.exe [2012-09-20 655712]
S2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2012-07-13 769432]
S2 Sony Ericsson PC Companion download service;Sony Ericsson PC Companion download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\supserv.exe []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-24 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-09-24 194032]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-28 1343400]

-----------------EOF-----------------

[Márty84]

V tom pripade je mi lito. Pravidla fora hovori jasne http://forum.viry.cz/viewtopic.php?f=12&t=115512

Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.), je nutné navést uživatele k nápravě, např. skrze neplacený software,
a začít řešit, až v době kdy je PC "v pořádku". V případě že uživatel nechce na pravidla přistoupit,
je nutné jej vyzvat ať fórum opustí, a vrátí se až je splní.

Jen tak mimochodem, jen blazen muze dat takovy windows na pc s ramkou 765 MB

[martinleso]

No, ja viem...

[Márty84]

Ale on asi ne, tak mu to vysvetlete