prosim o kontrolu

Zpráva

Rhonwyn · #1 Příspěvek od **Rhonwyn** » 11 dub 2013 13:32

Dobry den, dnes se mi objevil nejaky vyhledavac "delta" ve vsech prohlizecich. Snad se mi podarilo ho vymazat ale pro jistotu prosim o kontrolu. A taky jestli tam nejsou jine problemy. Dekuji

Logfile of random's system information tool 1.09 (written by random/random)
Run by Scarlett at 2013-04-11 14:28:49
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 1597 GB (84%) free of 1908 GB
Total RAM: 8175 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:28:56, on 11.4.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Scarlett.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: CurseClientStartup.ccip
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~3\browse~1\261125~1.80\{c16c1~1\browse~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
O23 - Service: DES2 Service for Energy Saving. (DES2 Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - Unknown owner - C:\Windows\SysWOW64\ssins.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10584 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe"
C:\Windows\SysWOW64\ssins.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1904
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
atieclxx
"taskhost.exe"
RPMDaemon.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe"
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe" -hide
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe" /hide
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
"C:\Windows\system32\schtasks.exe" /create /tn "BrowserProtect" /ru "SYSTEM" /sc minute /mo 1 /tr "C:\Windows\system32\sc.exe start BrowserProtect" /st 00:00:00
"C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe" /PROTECT
\??\C:\Windows\system32\conhost.exe "-281386571191076709-3406689323064332012385726448181541987604051751090248142
taskeng.exe {176C1CDB-28D7-41C1-ACC4-560C9DB59C4F}
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe"
taskeng.exe {05FB2833-93F4-486A-802A-9835AF6102C8}
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2248.0.443553729\1965796410" --supports-dual-gpus=false --gpu-vendor-id=0x1002 --gpu-device-id=0x6719 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=9.12.0.0 --ignored=" --type=renderer " /prefetch:12
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/BookmarkPrompt/Disabled/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/HQPUseCursorPosition/OmniboxSearchSuggestTrialStarted2013Q1/12/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/SideloadWipeout/Enabled/SpdyCwnd/cwnd10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_65/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="2248.2.877580517\561433137" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2248.3.1153173476\1422892201" --lang=cs --ignored=" --type=renderer " /prefetch:13
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe16_ Global\UsGthrCtrlFltPipeMssGthrPipe16 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\Scarlett\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
GBHO.BHO - C:\Windows\system32\mscoree.dll [2010-11-21 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-03-19 6305912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-03-19 4529272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1d09c093-f71e-43c3-b948-19316cbd695e} - Smart Recovery 2 - C:\Windows\system32\mscoree.dll [2010-11-21 444752]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-02-11 11776104]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RPMKickstart"=C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe [2010-08-23 2552320]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2005-02-17 221184]
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2013-03-29 1631144]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2013-03-29 3497552]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-02-17 81920]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [2012-09-13 204136]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"xfinder"= []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe

C:\Users\Scarlett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CurseClientStartup.ccip

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"MSVideo"=vfwwdm32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-04-11 14:28:50 ----D---- C:\Program Files\trend micro
2013-04-11 14:28:49 ----D---- C:\rsit
2013-04-11 14:16:36 ----D---- C:\Program Files\CCleaner
2013-04-11 10:02:01 ----D---- C:\Windows\SYSWOW64\searchplugins
2013-04-11 10:02:01 ----D---- C:\Windows\SYSWOW64\Extensions
2013-04-11 10:01:57 ----D---- C:\ProgramData\BrowserProtect
2013-04-11 10:01:52 ----D---- C:\Users\Scarlett\AppData\Roaming\BabSolution
2013-04-11 10:01:26 ----D---- C:\Users\Scarlett\AppData\Roaming\Babylon
2013-04-11 10:01:26 ----D---- C:\ProgramData\Babylon
2013-04-11 00:32:49 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-04-11 00:32:49 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-04-11 00:32:49 ----A---- C:\Windows\system32\mshtmled.dll
2013-04-11 00:32:48 ----A---- C:\Windows\SYSWOW64\url.dll
2013-04-11 00:32:48 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-04-11 00:32:48 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-04-11 00:32:48 ----A---- C:\Windows\system32\url.dll
2013-04-11 00:32:48 ----A---- C:\Windows\system32\ieUnatt.exe
2013-04-11 00:32:48 ----A---- C:\Windows\system32\ieui.dll
2013-04-11 00:32:47 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-04-11 00:32:47 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-04-11 00:32:47 ----A---- C:\Windows\system32\urlmon.dll
2013-04-11 00:32:47 ----A---- C:\Windows\system32\msfeeds.dll
2013-04-11 00:32:47 ----A---- C:\Windows\system32\jscript9.dll
2013-04-11 00:32:46 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-04-11 00:32:46 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-04-11 00:32:46 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-04-11 00:32:46 ----A---- C:\Windows\system32\wininet.dll
2013-04-11 00:32:46 ----A---- C:\Windows\system32\vbscript.dll
2013-04-11 00:32:46 ----A---- C:\Windows\system32\jsproxy.dll
2013-04-11 00:32:46 ----A---- C:\Windows\system32\jscript.dll
2013-04-11 00:32:45 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-04-11 00:32:45 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-04-11 00:32:45 ----A---- C:\Windows\system32\iertutil.dll
2013-04-11 00:32:43 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-04-11 00:32:43 ----A---- C:\Windows\system32\mshtml.dll
2013-04-11 00:32:42 ----A---- C:\Windows\system32\ieframe.dll
2013-04-11 00:32:41 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-04-10 10:26:39 ----A---- C:\Windows\system32\win32k.sys
2013-04-10 10:26:38 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-04-10 10:26:35 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-04-10 10:26:34 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-04-10 10:26:34 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-04-10 10:26:34 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-04-10 10:26:34 ----A---- C:\Windows\system32\smss.exe
2013-04-10 10:26:34 ----A---- C:\Windows\system32\csrsrv.dll
2013-04-09 17:48:45 ----HD---- C:\Windows\msdownld.tmp
2013-04-09 17:48:45 ----D---- C:\Windows\SYSWOW64\directx
2013-04-07 00:06:28 ----D---- C:\ProgramData\Solidshield
2013-04-06 23:58:57 ----D---- C:\Users\Scarlett\AppData\Roaming\Ubisoft
2013-04-06 23:50:46 ----D---- C:\Program Files (x86)\Ubisoft
2013-04-06 22:57:28 ----D---- C:\downloads
2013-04-06 22:57:13 ----D---- C:\Users\Scarlett\AppData\Roaming\GetRightToGo
2013-04-05 21:01:20 ----D---- C:\Program Files (x86)\Microsoft Chart Controls
2013-04-04 19:23:20 ----D---- C:\Users\Scarlett\AppData\Roaming\Curse Advertising
2013-04-02 20:45:29 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2013-03-29 15:51:15 ----D---- C:\Program Files (x86)\coolpro2
2013-03-26 02:19:54 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-25 11:51:23 ----D---- C:\Users\Scarlett\AppData\Roaming\Bioshock2
2013-03-25 11:50:21 ----RHD---- C:\Users\Scarlett\AppData\Roaming\SecuROM
2013-03-22 13:59:33 ----D---- C:\Users\Scarlett\AppData\Roaming\vlc
2013-03-22 13:56:56 ----D---- C:\Program Files (x86)\VideoLAN
2013-03-22 13:56:40 ----A---- C:\Windows\SYSWOW64\ssinstall-uninstall.bat
2013-03-22 13:56:40 ----A---- C:\Windows\SYSWOW64\ssins.exe
2013-03-22 10:49:47 ----D---- C:\ProgramData\LogiShrd
2013-03-22 10:49:14 ----D---- C:\Users\Scarlett\AppData\Roaming\Leadertech
2013-03-22 10:48:38 ----D---- C:\Program Files\Common Files\logishrd
2013-03-22 10:48:23 ----D---- C:\Program Files (x86)\Logitech
2013-03-19 23:13:15 ----D---- C:\Users\Scarlett\AppData\Roaming\Macromedia
2013-03-17 22:27:07 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-17 22:27:06 ----D---- C:\Windows\SYSWOW64\Macromed
2013-03-17 22:27:06 ----D---- C:\Windows\system32\Macromed
2013-03-16 16:28:12 ----D---- C:\Windows\en
2013-03-16 16:27:40 ----D---- C:\Windows\cs
2013-03-16 16:26:17 ----D---- C:\Program Files (x86)\Windows Live
2013-03-16 15:55:45 ----D---- C:\Program Files (x86)\DsNET Corp
2013-03-16 15:53:20 ----D---- C:\Users\Scarlett\AppData\Roaming\Audacity
2013-03-16 15:53:03 ----D---- C:\Program Files (x86)\Audacity
2013-03-14 21:00:31 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2013-03-14 21:00:18 ----D---- C:\Program Files\Microsoft Synchronization Services
2013-03-14 21:00:18 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2013-03-14 21:00:13 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2013-03-14 21:00:13 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-03-14 20:59:27 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 10.0
2013-03-14 20:59:04 ----D---- C:\Windows\symbols
2013-03-14 20:59:04 ----D---- C:\Program Files\Microsoft Visual Studio 10.0
2013-03-14 20:59:04 ----D---- C:\Program Files\Microsoft Help Viewer
2013-03-14 20:59:04 ----D---- C:\Program Files (x86)\Microsoft SDKs
2013-03-14 20:58:41 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-03-14 20:57:07 ----D---- C:\Windows\PCHEALTH

======List of files/folders modified in the last 1 month======

2013-04-11 14:28:52 ----D---- C:\Windows\Temp
2013-04-11 14:28:50 ----RD---- C:\Program Files
2013-04-11 14:18:04 ----SHD---- C:\Windows\Installer
2013-04-11 14:17:45 ----D---- C:\Users\Scarlett\AppData\Roaming\TS3Client
2013-04-11 14:17:45 ----D---- C:\Program Files (x86)\Steam
2013-04-11 14:17:43 ----D---- C:\Windows\Panther
2013-04-11 14:17:43 ----D---- C:\Windows\Logs
2013-04-11 14:17:43 ----D---- C:\Windows\inf
2013-04-11 14:17:43 ----D---- C:\Windows\debug
2013-04-11 14:17:43 ----D---- C:\Windows
2013-04-11 14:16:38 ----D---- C:\Windows\system32\Tasks
2013-04-11 14:14:07 ----RD---- C:\Program Files (x86)
2013-04-11 14:13:59 ----D---- C:\Program Files (x86)\Google
2013-04-11 14:13:45 ----D---- C:\Windows\Tasks
2013-04-11 10:02:01 ----D---- C:\Windows\SysWOW64
2013-04-11 10:01:57 ----HD---- C:\ProgramData
2013-04-11 10:01:36 ----D---- C:\Windows\Prefetch
2013-04-11 09:17:46 ----D---- C:\Windows\system32\config
2013-04-11 07:43:37 ----D---- C:\Windows\System32
2013-04-11 07:43:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-11 07:37:08 ----D---- C:\Windows\winsxs
2013-04-11 07:35:46 ----D---- C:\Windows\system32\drivers
2013-04-11 07:35:46 ----D---- C:\Program Files (x86)\Internet Explorer
2013-04-11 07:35:45 ----D---- C:\Windows\SYSWOW64\migration
2013-04-11 07:35:45 ----D---- C:\Windows\system32\migration
2013-04-11 07:35:45 ----D---- C:\Program Files\Internet Explorer
2013-04-11 00:33:38 ----A---- C:\Windows\system32\MRT.exe
2013-04-11 00:33:03 ----D---- C:\Windows\system32\catroot
2013-04-11 00:33:00 ----D---- C:\Windows\system32\catroot2
2013-04-11 00:32:12 ----SHD---- C:\System Volume Information
2013-04-10 10:41:47 ----D---- C:\Program Files (x86)\World of Warcraft
2013-04-09 11:22:03 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-04-07 02:03:51 ----RSD---- C:\Windows\assembly
2013-04-06 23:55:30 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-04-05 21:01:21 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-04-05 20:59:02 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2013-04-03 13:08:56 ----D---- C:\Users\Scarlett\AppData\Roaming\Skype
2013-04-02 20:12:44 ----RD---- C:\Program Files (x86)\Skype
2013-03-30 11:25:36 ----D---- C:\Program Files (x86)\Origin
2013-03-29 15:55:08 ----SD---- C:\Users\Scarlett\AppData\Roaming\Microsoft
2013-03-29 15:55:08 ----SD---- C:\ProgramData\Microsoft
2013-03-29 15:54:50 ----A---- C:\Windows\win.ini
2013-03-29 15:54:50 ----A---- C:\Windows\system.ini
2013-03-26 11:13:29 ----D---- C:\Windows\system32\DriverStore
2013-03-24 22:07:46 ----D---- C:\Users\Scarlett\AppData\Roaming\Mumble
2013-03-23 20:24:46 ----RSD---- C:\Windows\Fonts
2013-03-22 10:48:38 ----D---- C:\Program Files\Common Files
2013-03-22 10:48:23 ----D---- C:\Program Files (x86)\Common Files
2013-03-22 00:59:52 ----D---- C:\Program Files (x86)\Diablo III
2013-03-17 22:27:32 ----D---- C:\ProgramData\Adobe
2013-03-16 17:15:21 ----D---- C:\Windows\Microsoft.NET
2013-03-16 16:26:37 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-03-16 04:31:46 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-16 04:31:46 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-14 21:04:29 ----D---- C:\Windows\system32\drivers\UMDF
2013-03-14 20:59:27 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-03-12 19:14:25 ----D---- C:\Program Files (x86)\McAfee Security Scan
2013-03-12 01:10:56 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-03-07 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-07 178624]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-03-07 70992]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-07 1025808]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-07 377920]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-07 68920]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-07 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-07 80816]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 11278336]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 552960]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2011-03-07 40832]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2011-03-07 65280]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2013-04-11 25640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-02-11 2739176]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-01-13 413800]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2011-03-18 74376]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2011-03-18 85384]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2013-03-16 30528]
S3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-09-21 351520]
S3 LVUVC64;Logitech HD Pro Webcam C920(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-09-21 4763680]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 240640]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 BrowserProtect;BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-04-08 2569168]
R2 DES2 Service;DES2 Service for Energy Saving.; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [2009-06-17 68136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-04-05 76888]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-03-19 3289208]
R2 Smart TimeLock;Smart TimeLock Service; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
R2 ssinstall;SInstalátor; C:\Windows\SysWOW64\ssins.exe [2013-03-22 2317848]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-02-26 3560800]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-11 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-07 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-17 253656]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-11 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-02 116120]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-03-29 543656]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-03 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **Mc_Murphy** » 11 dub 2013 14:03

Zdravím.

Vydrž minutku, na logu se intenzivně pracuje. Obrázek

#3 Příspěvek od **Mc_Murphy** » 11 dub 2013 14:07

Aktualizuj MS Internet Explorer na poslední verzi. I když používáš prohlížeč Google Chrome, aktualizace řeší spoustu problémů i v systému samotném.

Odinstaluj McAfee Security Scan Plus, bude se Ti tlouct s Avastem, který máš nainstalovaný. Po odinstalaci ještě spusť tento jejich odinstalátor (klik) - odebere případné nechtěné zbytky.

Až to všechno provedeš, tak stáhni AdwCleaner - http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulož jej nejlépe na Plochu.
Ukonči všechny programy!!
Spusť AdwCleaner.
Pokud používáš operační systém Windows Vista či Windows 7, klikni na AdwCleaner pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Klikni na [Delete].
Proběhne scan a pak se objeví log, který bude případně uložen na systémovém disku jako C:\AdwCleaner [S1].txt - jeho obsah mi sem vlož.

Rhonwyn · #4 Příspěvek od **Rhonwyn** » 11 dub 2013 14:40

# AdwCleaner v2.200 - Log vytvooen 11/04/2013 v 15:36:10
# Aktualizováno 02/04/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Scarlett - SCARLETT-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Scarlett\Downloads\adwcleaner.exe
# Volba [Vymazat]

***** [Služby] *****

Zastaveno & vymazáno : BrowserProtect

***** [Soubory / Složky] *****

Složka Vymazáno : C:\ProgramData\Babylon
Složka Vymazáno : C:\Users\Scarlett\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Složka Vymazáno : C:\Users\Scarlett\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Složka Vymazáno : C:\Users\Scarlett\AppData\Roaming\BabSolution
Složka Vymazáno : C:\Users\Scarlett\AppData\Roaming\Babylon
Složka Vymazáno : C:\Users\Scarlett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
Soubor Vymazáno : C:\Users\Scarlett\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Soubor Vymazáno : C:\Users\Scarlett\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Vymazáno poi restartu : C:\ProgramData\BrowserProtect

***** [Registry] *****

Data Vymazáno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\261125~1.80\{c16c1~1\browse~1.dll
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Hodnota Vymazáno : HKCU\Software\Mozilla\Firefox\Extensions [{0F827075-B026-42F3-885D-98981EE7B1AE}]
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\BabylonToolbar
Klíe Vymazáno : HKCU\Software\DataMngr
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Klíe Vymazáno : HKCU\Software\Softonic
Klíe Vymazáno : HKCU\Software\5357da8bbd3fe848
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Vymazáno : HKLM\Software\Babylon
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Vymazáno : HKLM\Software\DataMngr
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\5357da8bbd3fe848
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Klíe Vymazáno : HKU\S-1-5-21-1571891557-798081717-1029897310-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Registry jsou eisté.

-\\ Google Chrome v26.0.1410.64

Soubor : C:\Users\Scarlett\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[S1].txt - [3225 octets] - [11/04/2013 15:36:10]

########## EOF - C:\AdwCleaner[S1].txt - [3285 octets] ##########

#5 Příspěvek od **Mc_Murphy** » 11 dub 2013 15:15

Teď stáhni RogueKiller - http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Ulož jej nejlépe na Plochu.
Ukonči všechny programy!
Spusť RogueKiller. Pokud používáš operační systém Windows Vista či Windows 7, klikni na jeho ikonu pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Počkej, než program dokončí Prescan.
Potom klikni na tlačítko [Prohledat] a počkej, až prohlídka proběhne.
Klikni na tlačítko [Zpráva] - otevře se log, ten mi sem vlož.
Detailní postup včetně obrázků najdeš zde: http://forum.viry.cz/viewtopic.php?f=24&t=120452

Rhonwyn · #6 Příspěvek od **Rhonwyn** » 11 dub 2013 15:20

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Scarlett [Práva správce]
Mód : Kontrola -- Datum : 04/11/2013 16:20:04
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] CurseClient.exe -- C:\Users\Scarlett\AppData\Local\Apps\2.0\62JKL7J5.8KC\8V5PJGJL.M05\curs..tion_9e9e83ddf3ed3ead_0005.0001_35ab96b41397406c\CurseClient.exe [-] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[TASK][SUSP PATH] EPUpdater : C:\Users\Scarlett\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [x] -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD20EFRX-68AX9N0 ATA Device +++++
--- User ---
[MBR] ff02b6e658a534ce2dc4d62dbe9d9c13
[BSP] c8f97f7579e7850969aad1e1e37cb113 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 1907627 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_04112013_02d1620.txt >>
RKreport[1]_S_04112013_02d1620.txt

#7 Příspěvek od **Mc_Murphy** » 11 dub 2013 15:28

Takže provedeme opravy.

Ukonči všechny programy!
Spusť RogueKiller. Pokud používáš operační systém Windows Vista či Windows 7, klikni na jeho ikonu pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Počkej, než program dokončí Prescan.
Zvol možnost [Prohledat] a počkej, až prohlídka proběhne.
V záložce Registry nech všechny nálezy označeny.
Klikni na tlačítko [Smazat] a následně na [Zpráva] - otevře se log, ten mi sem vlož.
Pak ještě klikni na tlačítko [Oprava Hosts] a potom opět na [Zpráva] - otevře se další log, který mi sem také vlož.

Rhonwyn · #8 Příspěvek od **Rhonwyn** » 11 dub 2013 15:40

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Scarlett [Práva správce]
Mód : Odebrat -- Datum : 04/11/2013 16:33:56
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[TASK][SUSP PATH] EPUpdater : C:\Users\Scarlett\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [x] -> VYMAZÁNO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD20EFRX-68AX9N0 ATA Device +++++
--- User ---
[MBR] ff02b6e658a534ce2dc4d62dbe9d9c13
[BSP] c8f97f7579e7850969aad1e1e37cb113 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 1907627 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[3]_D_04112013_02d1633.txt >>
RKreport[1]_S_04112013_02d1620.txt ; RKreport[2]_S_04112013_02d1633.txt ; RKreport[3]_D_04112013_02d1633.txt

Rhonwyn · #9 Příspěvek od **Rhonwyn** » 11 dub 2013 15:41

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Scarlett [Práva správce]
Mód : Oprava HOSTS -- Datum : 04/11/2013 16:40:40
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[4]_H_04112013_02d1640.txt >>
RKreport[1]_S_04112013_02d1620.txt ; RKreport[2]_S_04112013_02d1633.txt ; RKreport[3]_D_04112013_02d1633.txt ; RKreport[4]_H_04112013_02d1640.txt

#10 Příspěvek od **Mc_Murphy** » 11 dub 2013 15:42

Delta Search se objevuje stále?

Vlož mi sem prosím nový aktuální log ze RSITu, ať se podívám, co se povedlo a co zatím ne.

Rhonwyn · #11 Příspěvek od **Rhonwyn** » 11 dub 2013 15:46

delta se neukazuje

Logfile of random's system information tool 1.09 (written by random/random)
Run by Scarlett at 2013-04-11 16:46:00
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 1596 GB (84%) free of 1908 GB
Total RAM: 8175 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:46:02, on 11.4.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\notepad.exe
C:\Windows\SysWOW64\notepad.exe
C:\Windows\SysWOW64\notepad.exe
C:\Program Files\trend micro\Scarlett.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: CurseClientStartup.ccip
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~3\browse~1\261125~1.80\{c16c1~1\browse~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: DES2 Service for Energy Saving. (DES2 Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - Unknown owner - C:\Windows\SysWOW64\ssins.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10004 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
atieclxx
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskeng.exe {F07B5BBB-304B-4059-8BAD-7481EFE2B45B}
"C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe"
C:\Windows\SysWOW64\ssins.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2388
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
RPMDaemon.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe" -hide
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe" /hide
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4384.0.286196672\87882756" --supports-dual-gpus=false --gpu-vendor-id=0x1002 --gpu-device-id=0x6719 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=9.12.0.0 --ignored=" --type=renderer " /prefetch:12
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/BookmarkPrompt/Disabled/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/HQPUseCursorPosition/OmniboxSearchSuggestTrialStarted2013Q1/12/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/SideloadWipeout/Enabled/SpdyCwnd/cwndDynamic/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_65/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="4384.2.1751696111\1949418938" /prefetch:3
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4384.5.634226285\1483853680" --lang=cs --ignored=" --type=renderer " /prefetch:13
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/BookmarkPrompt/Disabled/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/HQPUseCursorPosition/OmniboxSearchSuggestTrialStarted2013Q1/12/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/SideloadWipeout/Enabled/SpdyCwnd/cwndDynamic/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_65/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="4384.9.1383250931\1453297687" /prefetch:3
C:\Users\Scarlett\Desktop\RKreport[1]_S_04112013_02d1620.txt
C:\Users\Scarlett\Desktop\RKreport[3]_D_04112013_02d1633.txt
C:\Users\Scarlett\Desktop\RKreport[4]_H_04112013_02d1640.txt
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1571891557-798081717-1029897310-10006_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1571891557-798081717-1029897310-10006 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\Scarlett\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
GBHO.BHO - C:\Windows\system32\mscoree.dll [2010-11-21 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-03-19 6305912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-03-19 4529272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1d09c093-f71e-43c3-b948-19316cbd695e} - Smart Recovery 2 - C:\Windows\system32\mscoree.dll [2010-11-21 444752]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-02-11 11776104]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RPMKickstart"=C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe [2010-08-23 2552320]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2005-02-17 221184]
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2013-03-29 1631144]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2013-03-29 3497552]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-02-17 81920]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [2012-09-13 204136]

C:\Users\Scarlett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CurseClientStartup.ccip

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"MSVideo"=vfwwdm32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-04-11 15:36:17 ----A---- C:\Windows\DeleteOnReboot.bat
2013-04-11 15:36:10 ----A---- C:\AdwCleaner[S1].txt
2013-04-11 15:29:33 ----SD---- C:\Windows\SYSWOW64\Microsoft
2013-04-11 15:21:41 ----A---- C:\Windows\system32\IEUDINIT.EXE
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\url.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-04-11 15:18:29 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\wininet.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\wextract.exe
2013-04-11 15:18:29 ----A---- C:\Windows\system32\webcheck.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\vbscript.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\urlmon.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\url.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-04-11 15:18:29 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-04-11 15:18:29 ----A---- C:\Windows\system32\pngfilt.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\occache.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-04-11 15:18:29 ----A---- C:\Windows\system32\msrating.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\msls31.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\mshtmler.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\mshtmled.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\mshtml.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\mshta.exe
2013-04-11 15:18:29 ----A---- C:\Windows\system32\msfeedssync.exe
2013-04-11 15:18:29 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\msfeeds.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\licmgr10.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\jsproxy.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\jscript9.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\jscript.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\inseng.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\imgutil.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\iexpress.exe
2013-04-11 15:18:29 ----A---- C:\Windows\system32\ieUnatt.exe
2013-04-11 15:18:29 ----A---- C:\Windows\system32\ieui.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\iesysprep.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\iesetup.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\iertutil.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\iernonce.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\iepeers.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\ieframe.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\iedkcs32.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\ieapfltr.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\ieapfltr.dat
2013-04-11 15:18:29 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\ie4uinit.exe
2013-04-11 15:18:29 ----A---- C:\Windows\system32\icardie.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\elshyph.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\dxtrans.dll
2013-04-11 15:18:29 ----A---- C:\Windows\system32\dxtmsft.dll
2013-04-11 14:28:50 ----D---- C:\Program Files\trend micro
2013-04-11 14:28:49 ----D---- C:\rsit
2013-04-11 14:16:36 ----D---- C:\Program Files\CCleaner
2013-04-11 10:02:01 ----D---- C:\Windows\SYSWOW64\searchplugins
2013-04-11 10:02:01 ----D---- C:\Windows\SYSWOW64\Extensions
2013-04-11 10:01:57 ----D---- C:\ProgramData\BrowserProtect
2013-04-10 10:26:39 ----A---- C:\Windows\system32\win32k.sys
2013-04-10 10:26:38 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-04-10 10:26:35 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-04-10 10:26:34 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-04-10 10:26:34 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-04-10 10:26:34 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-04-10 10:26:34 ----A---- C:\Windows\system32\smss.exe
2013-04-10 10:26:34 ----A---- C:\Windows\system32\csrsrv.dll
2013-04-09 17:48:45 ----HD---- C:\Windows\msdownld.tmp
2013-04-09 17:48:45 ----D---- C:\Windows\SYSWOW64\directx
2013-04-07 00:06:28 ----D---- C:\ProgramData\Solidshield
2013-04-06 23:58:57 ----D---- C:\Users\Scarlett\AppData\Roaming\Ubisoft
2013-04-06 23:50:46 ----D---- C:\Program Files (x86)\Ubisoft
2013-04-06 22:57:28 ----D---- C:\downloads
2013-04-06 22:57:13 ----D---- C:\Users\Scarlett\AppData\Roaming\GetRightToGo
2013-04-05 21:01:20 ----D---- C:\Program Files (x86)\Microsoft Chart Controls
2013-04-04 19:23:20 ----D---- C:\Users\Scarlett\AppData\Roaming\Curse Advertising
2013-04-02 20:45:29 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2013-03-29 15:51:15 ----D---- C:\Program Files (x86)\coolpro2
2013-03-26 02:19:54 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-25 11:51:23 ----D---- C:\Users\Scarlett\AppData\Roaming\Bioshock2
2013-03-25 11:50:21 ----RHD---- C:\Users\Scarlett\AppData\Roaming\SecuROM
2013-03-22 13:59:33 ----D---- C:\Users\Scarlett\AppData\Roaming\vlc
2013-03-22 13:56:56 ----D---- C:\Program Files (x86)\VideoLAN
2013-03-22 13:56:40 ----A---- C:\Windows\SYSWOW64\ssinstall-uninstall.bat
2013-03-22 13:56:40 ----A---- C:\Windows\SYSWOW64\ssins.exe
2013-03-22 10:49:47 ----D---- C:\ProgramData\LogiShrd
2013-03-22 10:49:14 ----D---- C:\Users\Scarlett\AppData\Roaming\Leadertech
2013-03-22 10:48:38 ----D---- C:\Program Files\Common Files\logishrd
2013-03-22 10:48:23 ----D---- C:\Program Files (x86)\Logitech
2013-03-19 23:13:15 ----D---- C:\Users\Scarlett\AppData\Roaming\Macromedia
2013-03-17 22:27:07 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-17 22:27:06 ----D---- C:\Windows\SYSWOW64\Macromed
2013-03-17 22:27:06 ----D---- C:\Windows\system32\Macromed
2013-03-16 16:28:12 ----D---- C:\Windows\en
2013-03-16 16:27:40 ----D---- C:\Windows\cs
2013-03-16 16:26:17 ----D---- C:\Program Files (x86)\Windows Live
2013-03-16 15:55:45 ----D---- C:\Program Files (x86)\DsNET Corp
2013-03-16 15:53:20 ----D---- C:\Users\Scarlett\AppData\Roaming\Audacity
2013-03-16 15:53:03 ----D---- C:\Program Files (x86)\Audacity
2013-03-14 21:00:31 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2013-03-14 21:00:18 ----D---- C:\Program Files\Microsoft Synchronization Services
2013-03-14 21:00:18 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2013-03-14 21:00:13 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2013-03-14 21:00:13 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-03-14 20:59:27 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 10.0
2013-03-14 20:59:04 ----D---- C:\Windows\symbols
2013-03-14 20:59:04 ----D---- C:\Program Files\Microsoft Visual Studio 10.0
2013-03-14 20:59:04 ----D---- C:\Program Files\Microsoft Help Viewer
2013-03-14 20:59:04 ----D---- C:\Program Files (x86)\Microsoft SDKs
2013-03-14 20:58:41 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-03-14 20:57:07 ----D---- C:\Windows\PCHEALTH

======List of files/folders modified in the last 1 month======

2013-04-11 16:46:01 ----D---- C:\Windows\Temp
2013-04-11 15:51:02 ----D---- C:\Windows\system32\config
2013-04-11 15:42:14 ----D---- C:\Windows\System32
2013-04-11 15:42:14 ----D---- C:\Windows\inf
2013-04-11 15:42:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-11 15:39:03 ----D---- C:\Program Files (x86)\Steam
2013-04-11 15:36:17 ----D---- C:\Windows
2013-04-11 15:36:16 ----HD---- C:\ProgramData
2013-04-11 15:31:58 ----D---- C:\Windows\system32\Tasks
2013-04-11 15:30:23 ----D---- C:\Windows\Tasks
2013-04-11 15:29:33 ----D---- C:\Windows\SysWOW64
2013-04-11 15:27:31 ----RD---- C:\Program Files (x86)
2013-04-11 15:25:03 ----D---- C:\Windows\winsxs
2013-04-11 15:24:13 ----D---- C:\Windows\Panther
2013-04-11 15:23:38 ----D---- C:\Program Files\Internet Explorer
2013-04-11 15:22:26 ----D---- C:\Windows\SYSWOW64\migration
2013-04-11 15:22:26 ----D---- C:\Windows\SYSWOW64\en-US
2013-04-11 15:22:26 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-04-11 15:22:26 ----D---- C:\Windows\system32\cs-CZ
2013-04-11 15:22:26 ----D---- C:\Program Files (x86)\Internet Explorer
2013-04-11 15:22:25 ----D---- C:\Windows\system32\migration
2013-04-11 15:22:25 ----D---- C:\Windows\system32\en-US
2013-04-11 15:22:25 ----D---- C:\Windows\PolicyDefinitions
2013-04-11 15:21:22 ----D---- C:\Windows\Logs
2013-04-11 15:21:21 ----D---- C:\Windows\servicing
2013-04-11 15:21:08 ----D---- C:\Windows\system32\catroot
2013-04-11 15:19:32 ----D---- C:\Windows\system32\catroot2
2013-04-11 15:17:13 ----SHD---- C:\System Volume Information
2013-04-11 14:28:50 ----RD---- C:\Program Files
2013-04-11 14:18:04 ----SHD---- C:\Windows\Installer
2013-04-11 14:17:45 ----D---- C:\Users\Scarlett\AppData\Roaming\TS3Client
2013-04-11 14:17:43 ----D---- C:\Windows\debug
2013-04-11 14:13:59 ----D---- C:\Program Files (x86)\Google
2013-04-11 10:01:36 ----D---- C:\Windows\Prefetch
2013-04-11 07:35:46 ----D---- C:\Windows\system32\drivers
2013-04-11 00:33:38 ----A---- C:\Windows\system32\MRT.exe
2013-04-10 10:41:47 ----D---- C:\Program Files (x86)\World of Warcraft
2013-04-09 11:22:03 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-04-07 02:03:51 ----RSD---- C:\Windows\assembly
2013-04-06 23:55:30 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-04-05 21:01:21 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-04-05 20:59:02 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2013-04-03 13:08:56 ----D---- C:\Users\Scarlett\AppData\Roaming\Skype
2013-04-02 20:12:44 ----RD---- C:\Program Files (x86)\Skype
2013-03-30 11:25:36 ----D---- C:\Program Files (x86)\Origin
2013-03-29 15:55:08 ----SD---- C:\Users\Scarlett\AppData\Roaming\Microsoft
2013-03-29 15:55:08 ----SD---- C:\ProgramData\Microsoft
2013-03-29 15:54:50 ----A---- C:\Windows\win.ini
2013-03-29 15:54:50 ----A---- C:\Windows\system.ini
2013-03-26 11:13:29 ----D---- C:\Windows\system32\DriverStore
2013-03-24 22:07:46 ----D---- C:\Users\Scarlett\AppData\Roaming\Mumble
2013-03-23 20:24:46 ----RSD---- C:\Windows\Fonts
2013-03-22 10:48:38 ----D---- C:\Program Files\Common Files
2013-03-22 10:48:23 ----D---- C:\Program Files (x86)\Common Files
2013-03-22 00:59:52 ----D---- C:\Program Files (x86)\Diablo III
2013-03-17 22:27:32 ----D---- C:\ProgramData\Adobe
2013-03-16 17:15:21 ----D---- C:\Windows\Microsoft.NET
2013-03-16 16:26:37 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-03-16 04:31:46 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-16 04:31:46 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-14 21:04:29 ----D---- C:\Windows\system32\drivers\UMDF
2013-03-14 20:59:27 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-03-12 01:10:56 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-03-07 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-07 178624]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-03-07 70992]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-07 1025808]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-07 377920]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-07 68920]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-07 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-07 80816]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 11278336]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 552960]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2011-03-07 40832]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2011-03-07 65280]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2013-04-11 25640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-02-11 2739176]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-01-13 413800]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2011-03-18 74376]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2011-03-18 85384]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2013-03-16 30528]
S3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-09-21 351520]
S3 LVUVC64;Logitech HD Pro Webcam C920(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-09-21 4763680]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 240640]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 DES2 Service;DES2 Service for Energy Saving.; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [2009-06-17 68136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-04-05 76888]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-03-19 3289208]
R2 Smart TimeLock;Smart TimeLock Service; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
R2 ssinstall;SInstalátor; C:\Windows\SysWOW64\ssins.exe [2013-03-22 2317848]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-02-26 3560800]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-11 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-07 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-17 253656]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-11 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-02 116120]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-03-29 543656]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-03 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#12 Příspěvek od **Mc_Murphy** » 11 dub 2013 16:07

Tak to je dobře.

Fixni v HJT níže uvedené položky.

Fixnout znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek.
Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
Položky, které v seznamu nenajdeš, prostě přeskoč.
HJT najdeš zde: C:\Program Files\trend micro\Scarlett.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Potom stáhni OTL z tohoto odkazu a ulož jej na Plochu.

Pokud používáš operační systém Windows Vista či Windows 7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli, včetně té dvojtečky před Commands!):

Kód: Vybrat vše

:Commands
[clearallrestorepoints]
[resethosts]
[purity]
[emptytemp]
[emptyflash]
[emptyjava]

:Services
AdobeARMservice
AdobeFlashPlayerUpdateSvc
gupdate
gupdatem
Skype C2C Service
SkypeUpdate

:Files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\AdwCleaner[S1].txt

:Reg
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=-
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=-
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"=-
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1d09c093-f71e-43c3-b948-19316cbd695e}"=-
"{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
"{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=-
"Steam"=-
"EADM"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ISUSScheduler"=-
"StartCCC"=-
"Adobe ARM"=-

Klikni na tlačítko [Opravit].
Po dokončení skenu se objeví log, ten mi sem vlož.
Pokud se log nevejde do jednoho příspěvku, rozděl jej na více částí.

Rhonwyn · #13 Příspěvek od **Rhonwyn** » 11 dub 2013 16:20

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Scarlett
->Temp folder emptied: 31960729 bytes
->Temporary Internet Files folder emptied: 51205991 bytes
->Google Chrome cache emptied: 59238454 bytes
->Flash cache emptied: 506 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 921217 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36124059 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 171,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Scarlett
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: Scarlett

Total Java Files Cleaned = 0,00 mb

========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service Skype C2C Service stopped successfully!
Service Skype C2C Service deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3301.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6103.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA0C1.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\AdwCleaner[S1].txt moved successfully.
========== REGISTRY ==========
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\Sidebar deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\Sidebar deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{45d30484-7ded-43d9-957a-d2fd1f046511}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{1d09c093-f71e-43c3-b948-19316cbd695e} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d09c093-f71e-43c3-b948-19316cbd695e}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSPM Startup deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Steam deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\EADM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ISUSScheduler deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\StartCCC deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 04112013_171525

Files\Folders moved on Reboot...
C:\Users\Scarlett\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Scarlett\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#14 Příspěvek od **Mc_Murphy** » 11 dub 2013 16:22

OK, OTL provedlo, co mělo, takže po sobě už jen uklidím a máme hotovo.

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stáhni a spusť.
Pro potvrzení volby mačkej A, Enter.
Po použití utilitu smaž ručně.
Antiviry mohou tuto utilitu chybně označit jako vir - jedná se o falešný poplach - takže v pohodě stáhni (případně vypni při stahování antivir)!

OTC http://oldtimer.geekstogo.com/OTC.exe

Stáhni a spusť.
Klikni na CleanUp a potvrď YES.
Program uklidí a může (nemusí) restartovat PC.

TFC http://oldtimer.geekstogo.com/TFC.exe

Stáhni a spusť.
Klikni na Start a potvrď OK.
Program uklidí a může (nemusí) restartovat PC.
Po použití utilitu smaž ručně.

Pokud nemáš, stáhni CCleaner z tohoto odkazu.

Panel čistič
Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.

Panel registry
Klikni na Hledej problémy.
Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
Postup opakuj, dokud nebude bez problémů - většinou cca 3x.

Panel nástroje
Zde můžeš odinstalovat nepotřebné programy.

CCleaner doporučuji používat cca jednou za týden.

... a pokud nejsou žádné dotazy, bylo by to z mé strany vše.

Rhonwyn · #15 Příspěvek od **Rhonwyn** » 11 dub 2013 16:48

moc dekuji za pomoc. Muzete se jeste mrknout na notebook?

Logfile of random's system information tool 1.09 (written by random/random)
Run by Ladinek at 2013-04-11 17:44:46
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 31 GB (7%) free of 461 GB
Total RAM: 4044 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:44:48, on 11.4.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\trend micro\Ladinek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Expat Shield Class - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Desura] C:\Program Files (x86)\Desura\desura.exe -autostart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: CurseClientStartup.ccip
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Desura Install Service - Desura Pty Ltd - C:\Program Files (x86)\Common Files\Desura\desura_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Expat Shield Service (ExpatShieldService) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
O23 - Service: Expat Shield Routing Service (ExpatSrv) - AnchorFree Inc. - C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
O23 - Service: Expat Shield Tray Service (ExpatTrayService) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.EXE
O23 - Service: Expat Shield Monitoring Service (ExpatWd) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\hsswd.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL55 - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10078 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
"C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe"
"C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe"
"C:\Program Files (x86)\Expat Shield\bin\hsswd.exe" -product Expat
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2248
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
atieclxx
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe" -hide
"C:\Users\Ladinek\AppData\Local\Apps\2.0\B3RRRN08.935\KPTLG9ZP.LVY\curs..tion_9e9e83ddf3ed3ead_0005.0001_35ab96b41397406c\CurseClient.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe" /hide
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe" -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\servicing\TrustedInstaller.exe
"C:\Users\Ladinek\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Ladinek\AppData\Roaming\Mozilla\Firefox\Profiles\5j5lec61.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.122.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
afurladvisor@anchorfree.com
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Ladinek\AppData\Roaming\Mozilla\Firefox\Profiles\5j5lec61.default\searchplugins\
askcom.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}]
Expat Shield Class - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE_64.dll [2012-01-05 287048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-03-19 6305912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}]
Expat Shield Class - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll [2012-01-05 233288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-27 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-03-19 4529272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-27 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-06-02 1128448]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-08-09 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-08-09 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-08-09 416024]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-06-09 2799912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
"Desura"=C:\Program Files (x86)\Desura\desura.exe [2012-11-02 2529096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
C:\Program Files (x86)\Ask.com\Updater\Updater.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desura]
C:\Program Files (x86)\Desura\desura.exe [2012-11-02 2529096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Program Files (x86)\Origin\Origin.exe [2012-12-15 3492504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2013-03-29 1631144]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [2011-11-11 205336]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-04 642728]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

C:\Users\Ladinek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CurseClientStartup.ccip

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-08-09 390144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-04-11 17:36:30 ----D---- C:\rsit
2013-04-11 03:01:54 ----A---- C:\Windows\system32\mshtmled.dll
2013-04-11 03:01:53 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-04-11 03:01:53 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-04-11 03:01:51 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-04-11 03:01:51 ----A---- C:\Windows\system32\ieUnatt.exe
2013-04-11 03:01:51 ----A---- C:\Windows\system32\ieui.dll
2013-04-11 03:01:50 ----A---- C:\Windows\SYSWOW64\url.dll
2013-04-11 03:01:50 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-04-11 03:01:50 ----A---- C:\Windows\system32\url.dll
2013-04-11 03:01:49 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-04-11 03:01:49 ----A---- C:\Windows\system32\urlmon.dll
2013-04-11 03:01:48 ----A---- C:\Windows\system32\jscript9.dll
2013-04-11 03:01:47 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-04-11 03:01:47 ----A---- C:\Windows\system32\msfeeds.dll
2013-04-11 03:01:46 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-04-11 03:01:46 ----A---- C:\Windows\system32\wininet.dll
2013-04-11 03:01:45 ----A---- C:\Windows\system32\jsproxy.dll
2013-04-11 03:01:44 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-04-11 03:01:44 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-04-11 03:01:44 ----A---- C:\Windows\system32\vbscript.dll
2013-04-11 03:01:44 ----A---- C:\Windows\system32\jscript.dll
2013-04-11 03:01:43 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-04-11 03:01:43 ----A---- C:\Windows\system32\iertutil.dll
2013-04-11 03:01:42 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-04-11 03:01:39 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-04-11 03:01:38 ----A---- C:\Windows\system32\mshtml.dll
2013-04-11 03:01:36 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-04-11 03:01:36 ----A---- C:\Windows\system32\ieframe.dll
2013-04-10 14:09:58 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-04-10 14:09:58 ----A---- C:\Windows\system32\mstscax.dll
2013-04-10 14:09:57 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-04-10 14:09:56 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-04-10 14:09:56 ----A---- C:\Windows\system32\tsgqec.dll
2013-04-10 14:09:56 ----A---- C:\Windows\system32\aaclient.dll
2013-04-10 14:09:52 ----A---- C:\Windows\system32\win32k.sys
2013-04-10 14:09:51 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-04-10 14:09:50 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-04-10 14:09:45 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-04-10 14:09:44 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-04-10 14:09:44 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-04-10 14:09:43 ----A---- C:\Windows\system32\smss.exe
2013-04-10 14:09:43 ----A---- C:\Windows\system32\csrsrv.dll
2013-04-10 14:09:42 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-04-04 19:18:35 ----D---- C:\Users\Ladinek\AppData\Roaming\Curse Advertising
2013-04-04 12:55:16 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2013-03-27 00:03:51 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-03-27 00:03:41 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-03-26 23:58:04 ----A---- C:\Windows\system32\drivers\aswNdis2.sys
2013-03-26 23:58:03 ----A---- C:\Windows\system32\drivers\aswFW.sys
2013-03-26 23:57:57 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2013-03-26 23:57:56 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-03-26 23:57:54 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-03-26 23:57:52 ----A---- C:\Windows\system32\drivers\aswNdis.sys
2013-03-22 14:53:07 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-13 14:06:09 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe

======List of files/folders modified in the last 1 month======

2013-04-11 17:44:48 ----D---- C:\Windows\Temp
2013-04-11 17:44:48 ----D---- C:\Program Files\trend micro
2013-04-11 17:44:19 ----D---- C:\Windows\Prefetch
2013-04-11 17:44:04 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-04-11 17:43:46 ----D---- C:\ProgramData\Adobe
2013-04-11 17:36:28 ----D---- C:\Windows\system32\config
2013-04-11 16:34:37 ----SHD---- C:\System Volume Information
2013-04-11 13:44:05 ----D---- C:\Windows\winsxs
2013-04-11 13:42:25 ----D---- C:\Windows\SYSWOW64\migration
2013-04-11 13:42:25 ----D---- C:\Windows\SysWOW64
2013-04-11 13:42:25 ----D---- C:\Windows\system32\migration
2013-04-11 13:42:25 ----D---- C:\Windows\system32\drivers
2013-04-11 13:42:25 ----D---- C:\Windows\System32
2013-04-11 13:42:25 ----D---- C:\Program Files (x86)\Internet Explorer
2013-04-11 13:42:24 ----D---- C:\Program Files\Internet Explorer
2013-04-11 03:03:08 ----A---- C:\Windows\system32\MRT.exe
2013-04-11 03:02:16 ----D---- C:\Windows\system32\catroot
2013-04-11 03:02:15 ----D---- C:\Windows\system32\catroot2
2013-04-10 11:12:25 ----D---- C:\Windows\inf
2013-04-10 11:12:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-10 11:09:37 ----D---- C:\Program Files (x86)\Steam
2013-04-09 20:59:59 ----D---- C:\Users\Ladinek\AppData\Roaming\vlc
2013-04-09 00:13:48 ----SHD---- C:\Windows\Installer
2013-04-07 21:19:27 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-04-07 00:13:50 ----D---- C:\ProgramData\Skype
2013-04-07 00:13:47 ----RD---- C:\Program Files (x86)\Skype
2013-04-05 18:11:42 ----A---- C:\Windows\win.ini
2013-04-05 18:11:42 ----A---- C:\Windows\system.ini
2013-04-05 10:59:53 ----RD---- C:\Program Files (x86)
2013-03-27 00:03:37 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-03-27 00:03:36 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-03-27 00:03:36 ----A---- C:\Windows\SYSWOW64\java.exe
2013-03-27 00:03:36 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-03-27 00:03:34 ----D---- C:\Program Files (x86)\Java
2013-03-26 23:58:06 ----D---- C:\Windows\system32\DriverStore
2013-03-26 23:57:59 ----D---- C:\Windows\system32\Tasks
2013-03-26 23:57:50 ----D---- C:\Windows
2013-03-25 21:58:30 ----D---- C:\Users\Ladinek\AppData\Roaming\Skype
2013-03-23 11:18:50 ----A---- C:\Windows\c_28_pmon.ini
2013-03-22 19:00:30 ----RSD---- C:\Windows\assembly
2013-03-22 16:16:35 ----D---- C:\Windows\Logs
2013-03-14 17:01:10 ----D---- C:\Windows\rescache
2013-03-13 21:04:29 ----D---- C:\Windows\AppPatch
2013-03-12 01:10:56 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2013-03-07 12368]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\Windows\system32\drivers\aswNdis2.sys [2013-03-07 263096]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-03-07 65336]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R1 aswFW;avast! TDI Firewall Driver; \??\C:\Windows\system32\drivers\aswFW.sys [2013-03-07 127136]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-03-07 22600]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-03-07 70992]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-07 1025808]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-07 377920]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-07 68920]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-29 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-07 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-07 80816]
R2 Sentinel64;Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [2009-09-17 145448]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-09-05 10692096]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-09-05 459264]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 HssDrv;Expat Shield Routing Miniport; C:\Windows\system32\DRIVERS\HssDrv.sys [2012-01-05 56832]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-08-09 12289472]
R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]
R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2011-12-15 351392]
R3 LVUVC64;Logitech QuickCam Pro 9000(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2011-12-15 4862368]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2011-08-11 1582144]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-01-12 333928]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-16 428136]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-06-02 528384]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-06-09 1451056]
R3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2012-01-05 37888]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2011-11-22 78208]
S3 aksusb;SafeNet Inc. USB Key; C:\Windows\system32\DRIVERS\aksusb.sys [2012-06-15 296576]
S3 ALSysIO;ALSysIO; \??\C:\Users\Ladinek\AppData\Local\Temp\ALSysIO64.sys []
S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-07 178624]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 cpudrv64;cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-06-02 17864]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2011-03-18 74376]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2011-03-18 85384]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2007-05-14 27520]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys [2008-11-19 17920]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys [2008-11-19 27136]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys [2008-11-19 33792]
S3 usbser;ITL USB Serial; C:\Windows\system32\DRIVERS\usbser.sys [2010-11-21 32768]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-09-05 239616]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2013-03-07 136912]
R2 ExpatShieldService;Expat Shield Service; C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe [2012-01-17 331608]
R2 ExpatSrv;Expat Shield Routing Service; C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe [2012-01-05 363336]
R2 ExpatWd;Expat Shield Monitoring Service; C:\Program Files (x86)\Expat Shield\bin\hsswd.exe [2012-01-05 329544]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-07-06 76888]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-03-19 3289208]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2011-06-02 301568]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
R2 UMVPFSrv;UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-12-15 450848]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-09 116648]
S2 MySQL55;MySQL55; C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld --defaults-file=C:\ProgramData\MySQL\MySQL Server 5.5\my.ini MySQL55 []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-11 256904]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Desura Install Service;Desura Install Service; C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2012-11-02 131912]
S3 ExpatTrayService;Expat Shield Tray Service; C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.EXE [2012-01-17 77520]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-09 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-02-25 543144]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-07-20 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

VIRY.CZ

prosim o kontrolu

prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu

Re: prosim o kontrolu