prosím o kontrolu,pc nešlape na 100%

[Vaco]

ComboFix 13-07-07.01 - Volt 07.07.2013 14:32:29.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4094.2476 [GMT 2:00]
Spuštěný z: c:\users\Volt\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Volt\Desktop\CFScript.txt
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AdobeARMservice
-------\Service_AdobeFlashPlayerUpdateSvc
-------\Service_BBSvc
-------\Service_BBUpdate
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-06-07 do 2013-07-07 )))))))))))))))))))))))))))))))
.
.
2013-07-07 12:49 . 2013-07-07 12:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-07 11:10 . 2013-07-07 11:50 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-07-07 08:10 . 2013-07-07 08:10 -------- d-----w- c:\users\Volt\AppData\Roaming\Malwarebytes
2013-07-07 08:10 . 2013-07-07 08:10 -------- d-----w- c:\programdata\Malwarebytes
2013-07-07 07:24 . 2013-07-07 07:24 512 ----a-w- C:\PhysicalMBR.bin
2013-07-06 19:46 . 2013-07-06 19:46 -------- d-----w- C:\rsit
2013-07-06 18:49 . 2013-06-17 00:10 9552976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C4F8FC4A-FED5-4D79-A341-EF2D73B44FE0}\mpengine.dll
2013-07-06 18:37 . 2013-05-31 13:46 -------- d-----w- c:\users\Volt\AppData\Roaming\Portable
2013-07-06 18:37 . 2013-05-18 10:20 -------- d-----w- c:\users\Volt\AppData\Roaming\.purple
2013-07-05 15:50 . 2013-07-05 15:50 -------- d-----w- C:\Games
2013-07-02 16:19 . 2013-07-02 16:19 -------- d-----w- c:\programdata\Steam
2013-07-02 15:49 . 2013-07-02 16:17 -------- d-----w- c:\program files (x86)\GRID 2
2013-07-02 15:38 . 2013-07-02 15:38 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2013-06-28 18:13 . 2013-06-28 18:13 -------- d-----w- c:\program files (x86)\rFactor2
2013-06-25 17:55 . 2013-06-25 17:55 -------- d-----w- c:\program files (x86)\DsNET Corp
2013-06-25 17:54 . 2013-06-25 17:54 -------- d-----w- c:\windows\Downloaded Installations
2013-06-19 16:19 . 2013-05-28 13:05 163328 ----a-w- c:\windows\SysWow64\FlashPlayerUpdateService.exe
2013-06-19 16:19 . 2013-06-19 16:19 -------- d-----w- c:\users\Volt\AppData\Roaming\File Scout
2013-06-15 13:40 . 2012-06-09 17:21 178688 ----a-w- c:\windows\SysWow64\unrar.dll
2013-06-12 16:54 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-23 17:47 . 2013-03-31 15:20 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-06-23 17:47 . 2013-03-01 17:37 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-06-12 21:15 . 2012-11-28 16:50 75825640 ----a-w- c:\windows\system32\MRT.exe
2013-06-12 16:57 . 2012-11-29 10:21 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 16:57 . 2012-11-29 10:21 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-08 04:36 . 2012-07-17 13:37 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 00:06 . 2012-11-28 16:42 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-05-01 16:49 . 2013-05-01 16:49 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-05-01 16:48 . 2013-05-01 16:49 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-05-01 16:48 . 2013-05-01 16:49 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-04-30 18:27 . 2013-04-30 18:27 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-04-30 18:27 . 2013-04-30 18:27 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-04-30 18:27 . 2013-04-30 18:27 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-04-30 18:27 . 2013-04-30 18:27 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-04-30 18:27 . 2013-04-30 18:27 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-04-30 18:27 . 2013-04-30 18:27 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-04-30 18:27 . 2013-04-30 18:27 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-04-30 18:27 . 2013-04-30 18:27 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-30 18:27 . 2013-04-30 18:27 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-04-30 18:27 . 2013-04-30 18:27 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-04-30 18:27 . 2013-04-30 18:27 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-04-30 18:27 . 2013-04-30 18:27 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-04-30 18:27 . 2013-04-30 18:27 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-04-30 18:27 . 2013-04-30 18:27 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-04-30 18:27 . 2013-04-30 18:27 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-04-30 18:27 . 2013-04-30 18:27 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-04-30 18:27 . 2013-04-30 18:27 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-04-30 18:27 . 2013-04-30 18:27 216064 ----a-w- c:\windows\system32\msls31.dll
2013-04-30 18:27 . 2013-04-30 18:27 197120 ----a-w- c:\windows\system32\msrating.dll
2013-04-30 18:27 . 2013-04-30 18:27 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-04-30 18:27 . 2013-04-30 18:27 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-04-30 18:27 . 2013-04-30 18:27 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-04-30 18:27 . 2013-04-30 18:27 81408 ----a-w- c:\windows\system32\icardie.dll
2013-04-30 18:27 . 2013-04-30 18:27 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-04-30 18:27 . 2013-04-30 18:27 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-04-30 18:27 . 2013-04-30 18:27 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-04-30 18:27 . 2013-04-30 18:27 441856 ----a-w- c:\windows\system32\html.iec
2013-04-30 18:27 . 2013-04-30 18:27 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-04-30 18:27 . 2013-04-30 18:27 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-30 18:27 . 2013-04-30 18:27 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-04-30 18:27 . 2013-04-30 18:27 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-04-30 18:27 . 2013-04-30 18:27 235008 ----a-w- c:\windows\system32\url.dll
2013-04-30 18:27 . 2013-04-30 18:27 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-04-30 18:27 . 2013-04-30 18:27 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-04-30 18:27 . 2013-04-30 18:27 144896 ----a-w- c:\windows\system32\wextract.exe
2013-04-30 18:27 . 2013-04-30 18:27 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-04-30 18:27 . 2013-04-30 18:27 102912 ----a-w- c:\windows\system32\inseng.dll
2013-04-30 18:27 . 2013-04-30 18:27 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-04-30 18:27 . 2013-04-30 18:27 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-04-30 18:27 . 2013-04-30 18:27 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-04-30 18:27 . 2013-04-30 18:27 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-04-30 18:27 . 2013-04-30 18:27 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-04-30 18:27 . 2013-04-30 18:27 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-04-30 18:27 . 2013-04-30 18:27 149504 ----a-w- c:\windows\system32\occache.dll
2013-04-30 18:27 . 2013-04-30 18:27 13824 ----a-w- c:\windows\system32\mshta.exe
2013-04-30 18:27 . 2013-04-30 18:27 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-04-30 18:27 . 2013-04-30 18:27 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-04-30 18:27 . 2013-04-30 18:27 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-04-30 18:27 . 2013-04-30 18:27 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-04-21 14:57 . 2013-04-21 14:57 5632 ----a-r- c:\users\Volt\AppData\Roaming\Microsoft\Installer\{FEF198EE-DF2E-47B3-A556-B195706E667D}\IconFEF198EE3.exe
2013-04-21 14:57 . 2013-04-21 14:57 5632 ----a-r- c:\users\Volt\AppData\Roaming\Microsoft\Installer\{FEF198EE-DF2E-47B3-A556-B195706E667D}\IconFEF198EE.exe
2013-04-21 14:57 . 2013-04-21 14:57 4608 ----a-r- c:\users\Volt\AppData\Roaming\Microsoft\Installer\{FEF198EE-DF2E-47B3-A556-B195706E667D}\IconFEF198EE4.exe
2013-04-21 14:57 . 2013-04-21 14:57 4608 ----a-r- c:\users\Volt\AppData\Roaming\Microsoft\Installer\{FEF198EE-DF2E-47B3-A556-B195706E667D}\IconFEF198EE1.exe
2013-04-13 05:49 . 2013-05-15 15:52 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 15:52 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 15:52 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 15:52 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 15:52 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 15:52 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 15:38 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-15 15:52 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-15 15:52 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-15 15:52 3153920 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
2013-04-02 01:01 1467528 ----a-w- c:\program files (x86)\Microsoft\BingBar\7.2.233.0\BingExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2013-05-29 449248]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-12-11 3147384]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-06-28 2255184]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GamePark klient 2.lnk - c:\program files\GamePark2\gpcl.exe [2013-3-31 442880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 NSHE;Guardant Emulator Driver;c:\windows\system32\Drivers\NSHE.SYS;c:\windows\SYSNATIVE\Drivers\NSHE.SYS [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aksdf;aksdf;c:\windows\system32\DRIVERS\aksdf.sys;c:\windows\SYSNATIVE\DRIVERS\aksdf.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.gamepark.cz/hra/call-of-duty-2
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
FF - ProfilePath - c:\users\Volt\AppData\Roaming\Mozilla\Firefox\Profiles\lzku3pmh.default\
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Hardlock Device Drivers - c:\windows\system32\UNWISE.EXE
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
.
**************************************************************************
.
Celkový čas: 2013-07-07 15:02:58 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-07-07 13:02
ComboFix2.txt 2013-07-07 10:37
.
Před spuštěním: Volných bajtů: 55 985 709 056
Po spuštění: Volných bajtů: 55 502 696 448
.
- - End Of File - - 27D1BF145716DCB72B269867799418E6
A36C5E4F47E84449FF07ED3517B43A31

[Márty84]

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Prohledat a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

[Vaco]

# AdwCleaner v2.304 - Log vytvooen 07/07/2013 v 15:48:59
# Aktualizováno 03/07/2013 Xplode
# Operaení systém : Windows 7 Ultimate Service Pack 1 (64 bits)
# Uživatel : Volt - VOLT-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Volt\Desktop\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Program Files (x86)\PutLockerDownloader
Složka Nalezeno : C:\Program Files (x86)\TornTV.com
Složka Nalezeno : C:\ProgramData\Babylon
Složka Nalezeno : C:\ProgramData\BrowserProtect
Složka Nalezeno : C:\ProgramData\Tarma Installer
Složka Nalezeno : C:\Users\Volt\AppData\Local\PutLockerDownloader
Složka Nalezeno : C:\Users\Volt\AppData\Roaming\Babylon
Složka Nalezeno : C:\Users\Volt\AppData\Roaming\file scout
Složka Nalezeno : C:\Users\Volt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PutLockerDownloader.com
Složka Nalezeno : C:\Users\Volt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Soubor Nalezeno : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Soubor Nalezeno : C:\Users\Volt\AppData\Roaming\Mozilla\Firefox\Profiles\lzku3pmh.default\bprotector_extensions.sqlite
Soubor Nalezeno : C:\Users\Volt\AppData\Roaming\Mozilla\Firefox\Profiles\lzku3pmh.default\bprotector_prefs.js
Soubor Nalezeno : C:\Users\Volt\AppData\Roaming\Mozilla\Firefox\Profiles\lzku3pmh.default\searchplugins\Babylon.xml
Soubor Nalezeno : C:\Users\Volt\AppData\Roaming\Mozilla\Firefox\Profiles\lzku3pmh.default\searchplugins\BrowserProtect.xml

***** [Registry] *****

Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Klíe Nalezeno : HKCU\Software\1ClickDownload
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\BabSolution
Klíe Nalezeno : HKCU\Software\BabylonToolbar
Klíe Nalezeno : HKCU\Software\filescout
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Klíe Nalezeno : HKCU\Software\5957dbdcb26eb815
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKLM\Software\AVG Secure Search
Klíe Nalezeno : HKLM\Software\Babylon
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\SOFTWARE\Classes\PutLockerDownloader
Klíe Nalezeno : HKLM\Software\DataMngr
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\PutlockerDownloader_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\PutlockerDownloader_RASMANCS
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\5957dbdcb26eb815
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dnnajmlhehgnkclpdlggknanmcplloej
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Klíe Nalezeno : HKU\S-1-5-21-2226736138-1397900802-714468208-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16611

[HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://www.delta-search.com/?affID=119776&tt=0 ... F049010C92

-\\ Mozilla Firefox v22.0 (cs)

Soubor : C:\Users\Volt\AppData\Roaming\Mozilla\Firefox\Profiles\lzku3pmh.default\prefs.js

Nalezeno : user_pref("avg.install.userHPSettings", "hxxp://www.delta-search.com/?affID=119776&tt=070312_w3&babs[...]
Nalezeno : user_pref("avg.install.userSPSettings", "Delta Search");
Nalezeno : user_pref("browser.search.order.1", "Delta Search");

*************************

AdwCleaner[R1].txt - [4167 octets] - [07/07/2013 15:48:59]

########## EOF - C:\AdwCleaner[R1].txt - [4227 octets] ##########

[Márty84]

Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.
Tentokrat kliknete na Smazat
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner [S1].txt ). Ten mi sem zase zkopirujte.

[Vaco]

# AdwCleaner v2.304 - Log vytvooen 07/07/2013 v 16:07:44
# Aktualizováno 03/07/2013 Xplode
# Operaení systém : Windows 7 Ultimate Service Pack 1 (64 bits)
# Uživatel : Volt - VOLT-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Volt\Desktop\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Vymazáno : C:\Program Files (x86)\PutLockerDownloader
Složka Vymazáno : C:\Program Files (x86)\TornTV.com
Složka Vymazáno : C:\ProgramData\Babylon
Složka Vymazáno : C:\ProgramData\BrowserProtect
Složka Vymazáno : C:\ProgramData\Tarma Installer
Složka Vymazáno : C:\Users\Volt\AppData\Local\PutLockerDownloader
Složka Vymazáno : C:\Users\Volt\AppData\Roaming\Babylon
Složka Vymazáno : C:\Users\Volt\AppData\Roaming\file scout
Složka Vymazáno : C:\Users\Volt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PutLockerDownloader.com
Složka Vymazáno : C:\Users\Volt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Soubor Vymazáno : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Soubor Vymazáno : C:\Users\Volt\AppData\Roaming\Mozilla\Firefox\Profiles\lzku3pmh.default\bprotector_extensions.sqlite
Soubor Vymazáno : C:\Users\Volt\AppData\Roaming\Mozilla\Firefox\Profiles\lzku3pmh.default\bprotector_prefs.js
Soubor Vymazáno : C:\Users\Volt\AppData\Roaming\Mozilla\Firefox\Profiles\lzku3pmh.default\searchplugins\Babylon.xml
Soubor Vymazáno : C:\Users\Volt\AppData\Roaming\Mozilla\Firefox\Profiles\lzku3pmh.default\searchplugins\BrowserProtect.xml

***** [Registry] *****

Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Klíe Vymazáno : HKCU\Software\1ClickDownload
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\BabSolution
Klíe Vymazáno : HKCU\Software\BabylonToolbar
Klíe Vymazáno : HKCU\Software\filescout
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Klíe Vymazáno : HKCU\Software\5957dbdcb26eb815
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Vymazáno : HKLM\Software\AVG Secure Search
Klíe Vymazáno : HKLM\Software\Babylon
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Vymazáno : HKLM\SOFTWARE\Classes\PutLockerDownloader
Klíe Vymazáno : HKLM\Software\DataMngr
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\PutlockerDownloader_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\PutlockerDownloader_RASMANCS
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\5957dbdcb26eb815
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dnnajmlhehgnkclpdlggknanmcplloej
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v22.0 (cs)

Soubor : C:\Users\Volt\AppData\Roaming\Mozilla\Firefox\Profiles\lzku3pmh.default\prefs.js

C:\Users\Volt\AppData\Roaming\Mozilla\Firefox\Profiles\lzku3pmh.default\user.js ... Vymazáno !

Vymazáno : user_pref("avg.install.userHPSettings", "hxxp://www.delta-search.com/?affID=119776&tt=070312_w3&babs[...]
Vymazáno : user_pref("avg.install.userSPSettings", "Delta Search");
Vymazáno : user_pref("browser.search.order.1", "Delta Search");

*************************

AdwCleaner[R1].txt - [4292 octets] - [07/07/2013 15:48:59]
AdwCleaner[S1].txt - [4026 octets] - [07/07/2013 16:07:44]

########## EOF - C:\AdwCleaner[S1].txt - [4086 octets] ##########

[Márty84]

Dejte log z RSIT http://forum.viry.cz/viewtopic.php?f=24&t=130784

[Vaco]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Volt at 2013-07-07 16:14:50
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 53 GB (20%) free of 272 GB
Total RAM: 4094 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:14:54, on 7.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16611)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Program Files\trend micro\Volt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gamepark.cz/hra/call-of-duty-2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\BingExt.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\BingExt.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9281 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=c722854a-9d0c-4446-b05f-0133c89d0d37 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\b9f5ac13-4276-4061-816d-d36312a7521f-188-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
taskeng.exe {D04EF41B-42C4-4EE9-B8FA-EE90EDCA31E0}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2148
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgemca.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe" silentrun
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\schtasks.exe" /create /tn "AdobeFlashPlayerUpdate" /ru "SYSTEM" /sc hourly /mo 1 /tr "C:\Windows\SysWOW64\FlashPlayerUpdateService.exe /w" /st 00:00:00
\??\C:\Windows\system32\conhost.exe "1754922771-17669217542087388532-1273965222-23711764-20287416101710247231644724894
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4872.112a6500.1417162663 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4872 "\\.\pipe\gecko-crash-server-pipe.4872" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe" --proxy-stub-channel=Flash4680.6B21D910.12296 --host-broker-channel=Flash4680.6B21D910.20222 --host-pid=4680 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe" --channel=668.003AF4B8.101817372 --proxy-stub-channel=Flash4680.6B21D910.12296 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll" --host-npapi-version=27 --type=renderer
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Volt\Desktop\RSITx64(1).exe"
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Volt\AppData\Roaming\Mozilla\Firefox\Profiles\lzku3pmh.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.21.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\BingExt.dll [2013-04-02 1467528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-05-01 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-05-01 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\BingExt.dll [2013-04-02 1467528]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-09-30 825184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2013-05-29 449248]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ7.7\ICQ.exe [2012-11-29 127040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2012-12-11 3147384]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2013-06-28 2255184]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-07-07 16:14:50 ----D---- C:\Program Files\trend micro
2013-07-07 16:07:44 ----A---- C:\AdwCleaner[S1].txt
2013-07-07 15:48:59 ----A---- C:\AdwCleaner[R1].txt
2013-07-07 15:03:06 ----A---- C:\ComboFix.txt
2013-07-07 14:53:18 ----D---- C:\$RECYCLE.BIN
2013-07-07 13:10:17 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-07 12:24:48 ----A---- C:\Windows\zip.exe
2013-07-07 12:24:48 ----A---- C:\Windows\SWSC.exe
2013-07-07 12:24:48 ----A---- C:\Windows\SWREG.exe
2013-07-07 12:24:48 ----A---- C:\Windows\sed.exe
2013-07-07 12:24:48 ----A---- C:\Windows\PEV.exe
2013-07-07 12:24:48 ----A---- C:\Windows\NIRCMD.exe
2013-07-07 12:24:48 ----A---- C:\Windows\MBR.exe
2013-07-07 12:24:48 ----A---- C:\Windows\grep.exe
2013-07-07 12:23:03 ----D---- C:\Qoobox
2013-07-07 12:22:45 ----D---- C:\Windows\erdnt
2013-07-07 10:10:43 ----D---- C:\Users\Volt\AppData\Roaming\Malwarebytes
2013-07-07 10:10:30 ----D---- C:\ProgramData\Malwarebytes
2013-07-06 22:19:24 ----A---- C:\Windows\ntbtlog.txt
2013-07-06 21:46:17 ----D---- C:\rsit
2013-07-06 20:37:55 ----D---- C:\Users\Volt\AppData\Roaming\WinRAR
2013-07-06 20:37:55 ----D---- C:\Users\Volt\AppData\Roaming\Portable
2013-07-06 20:37:55 ----D---- C:\Users\Volt\AppData\Roaming\.purple
2013-07-05 17:50:12 ----D---- C:\Games
2013-07-02 18:19:36 ----D---- C:\ProgramData\Steam
2013-07-02 17:49:37 ----D---- C:\Program Files (x86)\GRID 2
2013-07-02 17:38:22 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2013-06-28 20:13:30 ----D---- C:\Program Files (x86)\rFactor2
2013-06-25 19:55:32 ----D---- C:\Program Files (x86)\DsNET Corp
2013-06-25 19:54:28 ----D---- C:\Windows\Downloaded Installations
2013-06-19 18:19:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerUpdateService.exe
2013-06-16 03:05:40 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-06-16 03:05:40 ----A---- C:\Windows\system32\urlmon.dll
2013-06-16 03:05:39 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-06-16 03:05:39 ----A---- C:\Windows\system32\iertutil.dll
2013-06-16 03:05:38 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-06-16 03:05:38 ----A---- C:\Windows\system32\ieui.dll
2013-06-16 03:05:37 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-06-16 03:05:37 ----A---- C:\Windows\system32\ieframe.dll
2013-06-16 03:05:35 ----A---- C:\Windows\system32\mshtml.dll
2013-06-16 03:05:33 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-06-15 15:40:16 ----A---- C:\Windows\SYSWOW64\unrar.dll
2013-06-12 23:15:21 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-06-12 23:15:21 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-06-12 23:15:21 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-06-12 23:15:21 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-06-12 23:15:21 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-06-12 23:15:21 ----A---- C:\Windows\system32\iesysprep.dll
2013-06-12 23:15:21 ----A---- C:\Windows\system32\iesetup.dll
2013-06-12 23:15:21 ----A---- C:\Windows\system32\iernonce.dll
2013-06-12 23:15:21 ----A---- C:\Windows\system32\ie4uinit.exe
2013-06-12 23:15:20 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-06-12 23:15:20 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-06-12 23:15:20 ----A---- C:\Windows\system32\msfeeds.dll
2013-06-12 23:15:20 ----A---- C:\Windows\system32\jscript.dll
2013-06-12 23:15:19 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-06-12 23:15:19 ----A---- C:\Windows\system32\jscript9.dll
2013-06-12 23:15:17 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-06-12 23:15:17 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-06-12 23:15:17 ----A---- C:\Windows\system32\wininet.dll
2013-06-12 23:15:17 ----A---- C:\Windows\system32\jsproxy.dll
2013-06-12 18:54:37 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-06-12 18:54:36 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-06-12 18:54:36 ----A---- C:\Windows\system32\win32spl.dll
2013-06-12 18:54:31 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2013-06-12 18:54:31 ----A---- C:\Windows\system32\cryptdlg.dll
2013-06-12 18:54:28 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-06-12 18:54:28 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-06-12 18:54:26 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-06-12 18:54:26 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-06-12 18:54:26 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-06-12 18:54:26 ----A---- C:\Windows\SYSWOW64\certutil.exe
2013-06-12 18:54:26 ----A---- C:\Windows\SYSWOW64\certenc.dll
2013-06-12 18:54:26 ----A---- C:\Windows\system32\cryptsvc.dll
2013-06-12 18:54:26 ----A---- C:\Windows\system32\cryptnet.dll
2013-06-12 18:54:26 ----A---- C:\Windows\system32\crypt32.dll
2013-06-12 18:54:26 ----A---- C:\Windows\system32\certutil.exe
2013-06-12 18:54:26 ----A---- C:\Windows\system32\certenc.dll
2013-06-12 18:54:19 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-06-12 18:54:19 ----A---- C:\Windows\system32\d3d11.dll

======List of files/folders modified in the last 1 month======

2013-07-07 16:14:50 ----RD---- C:\Program Files
2013-07-07 16:14:13 ----D---- C:\Windows\System32
2013-07-07 16:14:13 ----D---- C:\Windows\inf
2013-07-07 16:14:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-07 16:09:58 ----D---- C:\Windows\Prefetch
2013-07-07 16:09:11 ----D---- C:\Windows\SYSWOW64\drivers
2013-07-07 16:08:17 ----D---- C:\Windows\system32\config
2013-07-07 16:07:49 ----RD---- C:\Program Files (x86)
2013-07-07 16:07:49 ----D---- C:\ProgramData
2013-07-07 15:57:01 ----D---- C:\Windows\Temp
2013-07-07 15:36:49 ----SHD---- C:\System Volume Information
2013-07-07 15:03:28 ----D---- C:\Windows\system32\drivers
2013-07-07 14:53:28 ----D---- C:\Windows
2013-07-07 14:53:28 ----A---- C:\Windows\system.ini
2013-07-07 14:53:16 ----D---- C:\Windows\system32\drivers\etc
2013-07-07 14:40:39 ----D---- C:\Windows\Tasks
2013-07-07 14:35:35 ----D---- C:\Windows\SysWOW64
2013-07-07 14:35:35 ----D---- C:\Windows\AppPatch
2013-07-07 14:35:34 ----D---- C:\Program Files (x86)\Common Files
2013-07-07 12:34:15 ----SD---- C:\Users\Volt\AppData\Roaming\Microsoft
2013-07-07 12:17:52 ----D---- C:\Windows\system32\Tasks
2013-07-07 12:17:17 ----AD---- C:\ADCDA2
2013-07-07 08:43:45 ----D---- C:\ProgramData\MFAData
2013-07-06 22:18:39 ----D---- C:\Windows\system32\catroot2
2013-07-06 21:19:57 ----D---- C:\Users\Volt\AppData\Roaming\DAEMON Tools Lite
2013-07-06 21:19:39 ----D---- C:\Users\Volt\AppData\Roaming\uTorrent
2013-07-06 21:19:39 ----D---- C:\Users\Volt\AppData\Roaming\TS3Client
2013-07-06 21:19:34 ----D---- C:\Windows\Panther
2013-07-06 21:19:34 ----D---- C:\Windows\Logs
2013-07-06 21:19:34 ----D---- C:\Windows\debug
2013-07-06 20:51:19 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2013-07-06 16:36:22 ----D---- C:\Users\Volt\AppData\Roaming\vlc
2013-07-05 19:53:05 ----D---- C:\Users\Volt\AppData\Roaming\Wargaming.net
2013-07-05 17:50:26 ----SHD---- C:\Windows\Installer
2013-07-05 17:50:21 ----D---- C:\Windows\SYSWOW64\directx
2013-07-04 21:14:46 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-03 22:30:45 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-07-02 18:19:37 ----D---- C:\ProgramData\Codemasters
2013-07-02 18:10:35 ----RSD---- C:\Windows\assembly
2013-06-29 22:39:12 ----D---- C:\Users\Volt\AppData\Roaming\ICQ
2013-06-24 16:07:34 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-06-23 20:35:35 ----A---- C:\Windows\NeroDigital.ini
2013-06-23 19:47:48 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-06-16 19:43:00 ----D---- C:\Program Files (x86)\Czech Soccer Manager 2002 FE
2013-06-16 03:22:40 ----D---- C:\Windows\winsxs
2013-06-16 03:21:14 ----D---- C:\Program Files\Internet Explorer
2013-06-16 03:21:14 ----D---- C:\Program Files (x86)\Internet Explorer
2013-06-16 03:05:53 ----D---- C:\Windows\system32\catroot
2013-06-14 22:54:07 ----D---- C:\Windows\rescache
2013-06-13 19:32:07 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-06-13 19:32:06 ----D---- C:\Windows\system32\cs-CZ
2013-06-12 23:18:25 ----D---- C:\ProgramData\Microsoft Help
2013-06-12 23:15:57 ----A---- C:\Windows\system32\MRT.exe
2013-06-12 18:57:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2012-11-16 111968]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-01 283200]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 aksdf;aksdf; C:\Windows\system32\DRIVERS\aksdf.sys [2006-12-13 65024]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2006-12-04 314368]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 11278336]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 552960]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-27 26440]
R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-27 16200]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 77512]
S2 NSHE;Guardant Emulator Driver; \??\C:\Windows\system32\Drivers\NSHE.SYS []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 43976]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2010-04-27 36936]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-28 163328]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 240640]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-16 5814904]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-06-28 2470736]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-03-31 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2013-06-23 214520]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-13 116648]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-02-09 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-02-09 655624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-13 116648]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-07-03 117144]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2007-11-15 382248]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-29 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[Márty84]

Vypnete antivir, at nebrani programu v praci!
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[ClearAllRestorePoints]

:services
AdobeFlashPlayerUpdateSvc
Nero BackItUp Scheduler 3
gupdate
gupdatem
NMIndexingService

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2226736138-1397900802-714468208-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?affID=1197 ... F049010C92
IE - HKU\S-1-5-21-2226736138-1397900802-714468208-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.gamepark.cz/space/?$SPA [Binary data over 200 bytes]
IE - HKU\S-1-5-21-2226736138-1397900802-714468208-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gamepark.cz/hra/call-of-duty-2
IE - HKU\S-1-5-21-2226736138-1397900802-714468208-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2226736138-1397900802-714468208-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2226736138-1397900802-714468208-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-2226736138-1397900802-714468208-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchTerms}&affID=119776&tt=070312_w3&babsrc=SP_ss&mntrId=2A556CF049010C92
FF - prefs.js..browser.search.order.1: "Delta Search"
[2013.05.01 19:37:39 | 000,006,510 | ---- | M] () -- C:\Users\Volt\AppData\Roaming\Mozilla\Firefox\Profiles\lzku3pmh.default\searchplugins\babylon.xml
[2013.05.01 19:37:39 | 000,006,510 | ---- | M] () -- C:\Users\Volt\AppData\Roaming\Mozilla\Firefox\Profiles\lzku3pmh.default\searchplugins\BrowserProtect.xml
[2013.03.13 18:38:46 | 000,006,507 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
O4 - HKU\S-1-5-21-2226736138-1397900802-714468208-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2013.03.13 18:38:37 | 000,000,000 | ---D | M] -- C:\Users\Volt\AppData\Roaming\Babylon
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
"{eec0f710-38b5-4aba-99bf-ec87564a4e13}"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] /64

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

[Vaco]

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Volt
->Temp folder emptied: 467398 bytes
->Temporary Internet Files folder emptied: 1366908 bytes
->Java cache emptied: 147043 bytes
->FireFox cache emptied: 412521963 bytes
->Flash cache emptied: 2813 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8405015 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42287620 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 444,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Volt
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service Nero BackItUp Scheduler 3 stopped successfully!
Service Nero BackItUp Scheduler 3 deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service NMIndexingService stopped successfully!
Service NMIndexingService deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-2226736138-1397900802-714468208-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\bProtector Start Page| /E : value set successfully!
HKU\S-1-5-21-2226736138-1397900802-714468208-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKU\S-1-5-21-2226736138-1397900802-714468208-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-2226736138-1397900802-714468208-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-21-2226736138-1397900802-714468208-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2226736138-1397900802-714468208-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2226736138-1397900802-714468208-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Prefs.js: "Delta Search" removed from browser.search.order.1
File C:\Users\Volt\AppData\Roaming\Mozilla\Firefox\Profiles\lzku3pmh.default\searchplugins\babylon.xml not found.
File C:\Users\Volt\AppData\Roaming\Mozilla\Firefox\Profiles\lzku3pmh.default\searchplugins\BrowserProtect.xml not found.
File C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml not found.
Registry value HKEY_USERS\S-1-5-21-2226736138-1397900802-714468208-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge not found.
Registry key HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce not found.
Registry key HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
File/Folder C:\Windows\*.tmp not found.
Folder C:\Users\Volt\AppData\Roaming\Babylon\ not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7A4D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP952D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPABB9.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP434.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP9F6A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPAC9.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{eec0f710-38b5-4aba-99bf-ec87564a4e13} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eec0f710-38b5-4aba-99bf-ec87564a4e13}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype\ deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 07072013_164340

Files\Folders moved on Reboot...
C:\Users\Volt\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Volt\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\TmpFile1 scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Márty84]

Zopakujte postup s OTL, tentokrat s timto skriptem.

Kód: Vybrat vše

:commands
[EMPTYTEMP]

:otl
@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak dejte novy log z RSIT a napiste, jak je na tom pc.

[Vaco]

log z OTL a pokračuju dál podle instrukcí

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Volt
->Temp folder emptied: 434347 bytes
->Temporary Internet Files folder emptied: 96282 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 17011149 bytes
->Flash cache emptied: 492 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8405015 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 25,00 mb

========== OTL ==========
ADS C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 07072013_170152

Files\Folders moved on Reboot...
C:\Users\Volt\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Volt\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\TmpFile1 scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Márty84]

Fajn

[Vaco]

vše hotovo,zdá se mi,že pc je o něco rychlejší a taky už neblbne AVG(problikávalo okno programu)

zde je log

Logfile of random's system information tool 1.09 (written by random/random)
Run by Volt at 2013-07-08 17:05:16
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 56 GB (21%) free of 272 GB
Total RAM: 4094 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:05:19, on 8.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16611)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files\trend micro\Volt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7927 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=59c14501-37fa-465e-813a-5b106f795656 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\d5393768-acc2-4f54-ab99-fc4960eeaf66-188-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
taskeng.exe {A355C3FE-DD28-4FFB-A4AC-E9E4F4473870}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2096
"taskhost.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe" silentrun
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgemca.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\schtasks.exe" /create /tn "AdobeFlashPlayerUpdate" /ru "SYSTEM" /sc hourly /mo 1 /tr "C:\Windows\SysWOW64\FlashPlayerUpdateService.exe /w" /st 00:00:00
\??\C:\Windows\system32\conhost.exe "1013731088-379517103-266721831-820180710-50733505729961775311435808082071122354
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe" /AppMode=UPDATE /pri=4 /sched=3 /source=inet /path=""
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Volt\Desktop\RSITx64(1).exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Volt\AppData\Roaming\Mozilla\Firefox\Profiles\lzku3pmh.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.21.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-05-01 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-05-01 171424]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-09-30 825184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2013-05-29 449248]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2012-12-11 3147384]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2013-06-28 2255184]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-07-08 17:05:16 ----D---- C:\rsit
2013-07-07 17:22:53 ----D---- C:\Program Files\Defraggler
2013-07-07 17:18:51 ----D---- C:\Program Files\CCleaner
2013-07-07 17:13:58 ----SHD---- C:\$RECYCLE.BIN
2013-07-07 16:14:50 ----D---- C:\Program Files\trend micro
2013-07-07 13:10:17 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-07 10:10:43 ----D---- C:\Users\Volt\AppData\Roaming\Malwarebytes
2013-07-07 10:10:30 ----D---- C:\ProgramData\Malwarebytes
2013-07-06 20:37:55 ----D---- C:\Users\Volt\AppData\Roaming\WinRAR
2013-07-06 20:37:55 ----D---- C:\Users\Volt\AppData\Roaming\Portable
2013-07-06 20:37:55 ----D---- C:\Users\Volt\AppData\Roaming\.purple
2013-07-05 17:50:12 ----D---- C:\Games
2013-07-02 18:19:36 ----D---- C:\ProgramData\Steam
2013-07-02 17:49:37 ----D---- C:\Program Files (x86)\GRID 2
2013-07-02 17:38:22 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2013-06-28 20:13:30 ----D---- C:\Program Files (x86)\rFactor2
2013-06-25 19:55:32 ----D---- C:\Program Files (x86)\DsNET Corp
2013-06-25 19:54:28 ----D---- C:\Windows\Downloaded Installations
2013-06-19 18:19:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerUpdateService.exe
2013-06-16 03:05:40 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-06-16 03:05:40 ----A---- C:\Windows\system32\urlmon.dll
2013-06-16 03:05:39 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-06-16 03:05:39 ----A---- C:\Windows\system32\iertutil.dll
2013-06-16 03:05:38 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-06-16 03:05:38 ----A---- C:\Windows\system32\ieui.dll
2013-06-16 03:05:37 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-06-16 03:05:37 ----A---- C:\Windows\system32\ieframe.dll
2013-06-16 03:05:35 ----A---- C:\Windows\system32\mshtml.dll
2013-06-16 03:05:33 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-06-15 15:40:16 ----A---- C:\Windows\SYSWOW64\unrar.dll
2013-06-12 23:15:21 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-06-12 23:15:21 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-06-12 23:15:21 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-06-12 23:15:21 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-06-12 23:15:21 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-06-12 23:15:21 ----A---- C:\Windows\system32\iesysprep.dll
2013-06-12 23:15:21 ----A---- C:\Windows\system32\iesetup.dll
2013-06-12 23:15:21 ----A---- C:\Windows\system32\iernonce.dll
2013-06-12 23:15:21 ----A---- C:\Windows\system32\ie4uinit.exe
2013-06-12 23:15:20 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-06-12 23:15:20 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-06-12 23:15:20 ----A---- C:\Windows\system32\msfeeds.dll
2013-06-12 23:15:20 ----A---- C:\Windows\system32\jscript.dll
2013-06-12 23:15:19 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-06-12 23:15:19 ----A---- C:\Windows\system32\jscript9.dll
2013-06-12 23:15:17 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-06-12 23:15:17 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-06-12 23:15:17 ----A---- C:\Windows\system32\wininet.dll
2013-06-12 23:15:17 ----A---- C:\Windows\system32\jsproxy.dll
2013-06-12 18:54:37 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-06-12 18:54:36 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-06-12 18:54:36 ----A---- C:\Windows\system32\win32spl.dll
2013-06-12 18:54:31 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2013-06-12 18:54:31 ----A---- C:\Windows\system32\cryptdlg.dll
2013-06-12 18:54:28 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-06-12 18:54:28 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-06-12 18:54:26 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-06-12 18:54:26 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-06-12 18:54:26 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-06-12 18:54:26 ----A---- C:\Windows\SYSWOW64\certutil.exe
2013-06-12 18:54:26 ----A---- C:\Windows\SYSWOW64\certenc.dll
2013-06-12 18:54:26 ----A---- C:\Windows\system32\cryptsvc.dll
2013-06-12 18:54:26 ----A---- C:\Windows\system32\cryptnet.dll
2013-06-12 18:54:26 ----A---- C:\Windows\system32\crypt32.dll
2013-06-12 18:54:26 ----A---- C:\Windows\system32\certutil.exe
2013-06-12 18:54:26 ----A---- C:\Windows\system32\certenc.dll
2013-06-12 18:54:19 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-06-12 18:54:19 ----A---- C:\Windows\system32\d3d11.dll

======List of files/folders modified in the last 1 month======

2013-07-08 17:05:19 ----D---- C:\Windows\Prefetch
2013-07-08 17:05:09 ----D---- C:\ProgramData\MFAData
2013-07-08 17:04:16 ----D---- C:\Windows\System32
2013-07-08 17:04:16 ----D---- C:\Windows\inf
2013-07-08 17:04:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-08 17:03:23 ----D---- C:\Windows\system32\config
2013-07-08 17:00:01 ----D---- C:\Windows
2013-07-07 21:58:11 ----D---- C:\Windows\Temp
2013-07-07 21:58:07 ----SHD---- C:\System Volume Information
2013-07-07 17:22:53 ----RD---- C:\Program Files
2013-07-07 17:18:52 ----D---- C:\Windows\system32\Tasks
2013-07-07 17:16:54 ----D---- C:\Windows\SYSWOW64\drivers
2013-07-07 17:06:04 ----D---- C:\Windows\system32\drivers
2013-07-07 16:44:24 ----D---- C:\Windows\system32\drivers\etc
2013-07-07 16:07:49 ----RD---- C:\Program Files (x86)
2013-07-07 16:07:49 ----D---- C:\ProgramData
2013-07-07 14:53:28 ----A---- C:\Windows\system.ini
2013-07-07 14:40:39 ----D---- C:\Windows\Tasks
2013-07-07 14:35:35 ----D---- C:\Windows\SysWOW64
2013-07-07 14:35:35 ----D---- C:\Windows\AppPatch
2013-07-07 14:35:34 ----D---- C:\Program Files (x86)\Common Files
2013-07-07 12:34:15 ----SD---- C:\Users\Volt\AppData\Roaming\Microsoft
2013-07-07 12:17:17 ----AD---- C:\ADCDA2
2013-07-06 22:18:39 ----D---- C:\Windows\system32\catroot2
2013-07-06 21:19:57 ----D---- C:\Users\Volt\AppData\Roaming\DAEMON Tools Lite
2013-07-06 21:19:39 ----D---- C:\Users\Volt\AppData\Roaming\uTorrent
2013-07-06 21:19:39 ----D---- C:\Users\Volt\AppData\Roaming\TS3Client
2013-07-06 21:19:34 ----D---- C:\Windows\Panther
2013-07-06 21:19:34 ----D---- C:\Windows\Logs
2013-07-06 21:19:34 ----D---- C:\Windows\debug
2013-07-06 20:51:19 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2013-07-06 16:36:22 ----D---- C:\Users\Volt\AppData\Roaming\vlc
2013-07-05 19:53:05 ----D---- C:\Users\Volt\AppData\Roaming\Wargaming.net
2013-07-05 17:50:26 ----SHD---- C:\Windows\Installer
2013-07-05 17:50:21 ----D---- C:\Windows\SYSWOW64\directx
2013-07-04 21:14:46 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-03 22:30:45 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-07-02 18:19:37 ----D---- C:\ProgramData\Codemasters
2013-07-02 18:10:35 ----RSD---- C:\Windows\assembly
2013-06-29 22:39:12 ----D---- C:\Users\Volt\AppData\Roaming\ICQ
2013-06-24 16:07:34 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-06-23 20:35:35 ----A---- C:\Windows\NeroDigital.ini
2013-06-23 19:47:48 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-06-16 19:43:00 ----D---- C:\Program Files (x86)\Czech Soccer Manager 2002 FE
2013-06-16 03:22:40 ----D---- C:\Windows\winsxs
2013-06-16 03:21:14 ----D---- C:\Program Files\Internet Explorer
2013-06-16 03:21:14 ----D---- C:\Program Files (x86)\Internet Explorer
2013-06-16 03:05:53 ----D---- C:\Windows\system32\catroot
2013-06-14 22:54:07 ----D---- C:\Windows\rescache
2013-06-13 19:32:07 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-06-13 19:32:06 ----D---- C:\Windows\system32\cs-CZ
2013-06-12 23:18:25 ----D---- C:\ProgramData\Microsoft Help
2013-06-12 23:15:57 ----A---- C:\Windows\system32\MRT.exe
2013-06-12 18:57:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2012-11-16 111968]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-01 283200]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 aksdf;aksdf; C:\Windows\system32\DRIVERS\aksdf.sys [2006-12-13 65024]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2006-12-04 314368]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 11278336]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 552960]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-27 26440]
R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-27 16200]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 77512]
S2 NSHE;Guardant Emulator Driver; \??\C:\Windows\system32\Drivers\NSHE.SYS []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 43976]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2010-04-27 36936]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-28 163328]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 240640]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-16 5814904]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-06-28 2470736]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-03-31 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2013-06-23 214520]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-02-09 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-02-09 655624]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-07-03 117144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-29 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[Márty84]

Log vypada cisty. Pokud nemate AVG koupene, doporucuji ho vymenit. Nemame ho tu moc radi.

Je tedy momentalne s pc nejaky problem? Nebo to muzem uzavrit?

[Vaco]

Nevím už o žádném problému,tak to můžeme ukončit.

Děkuji moc za ochotné a rychlé vyřešení.