prosím o kontrolu

[LLUCIE]

Dobrý den. Můj počítač mne neustále odkazuje na adresu : hxxp://www.google.com/sorry/?continue=http://w ... ie%3DUTF-8
Projela jsem ho antivirem i AdvancedSystem care, nic. Tudíž prosím o kontrolu. Moc děkuji.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Lucka at 2013-07-26 16:24:22
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 2 GB (5%) free of 40 GB
Total RAM: 3033 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:24:26, on 26.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\ProgramData\Search Protection\SearchProtection.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASC.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Lucka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: W2PBrowser Browser Helper - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
O4 - HKLM\..\Run: [SearchProtection] C:\ProgramData\Search Protection\_run.bat
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Lucka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [EPSON Stylus Photo R340 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIAJA.EXE /FU "C:\Windows\TEMP\E_S3A9.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus Photo R340 Series (kopie 1)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIAJA.EXE /FU "C:\Windows\TEMP\E_SB607.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service - Unknown owner - C:\Windows\System32\SUPDSvc.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 12530 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 4432304
\??\C:\Windows\system32\conhost.exe "-222079257-3938799792045955345-909173128-1796117341110869631804197407-47650253
C:\Windows\System32\spoolsv.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
taskeng.exe {2788A993-B237-44E3-B3DC-09AB5E3CEE97}
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2420
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\hkcmd.exe
C:\Windows\system32\igfxtray.exe
C:\Windows\system32\igfxpers.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
SearchProtection.exe -n "Ad-Aware Search Protection" -hp "securesearch.lavasoft.com" -sp "lavasoft.blekko.com"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASC.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3712.0.1189323732\34333307" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,20 --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2302 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding1 channel:stable/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --disable-accelerated-2d-canvas --channel="3712.3.593706953\1336608597" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding1 channel:stable/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --disable-accelerated-2d-canvas --channel="3712.4.1184865091\1302555348" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3712.19.1940193572\579363580" --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding1 channel:stable/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --disable-accelerated-2d-canvas --channel="3712.21.1509472672\1332920508" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding1 channel:stable/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --disable-accelerated-2d-canvas --channel="3712.25.1238203162\401289797" /prefetch:673131151
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding1 channel:stable/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --disable-accelerated-2d-canvas --channel="3712.38.1152878864\1916632494" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe11_ Global\UsGthrCtrlFltPipeMssGthrPipe11 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Lucka\Downloads\RSITx64 (1).exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1815483257-3944322823-750039739-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1815483257-3944322823-750039739-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2013-06-13 205472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2013-03-09 877760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
Ad-Aware Security Add-on - C:\Program Files (x86)\adawaretb\adawareDx.dll [2013-02-11 87464]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA609D72-8482-4076-8991-8CDAE5B93BCB}]
W2PBrowser Class - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll [2010-08-23 1236992]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL [2013-03-09 704704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL [2013-06-03 1725128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
{6c97a91e-4524-4019-86af-2aa2d567bf5c} - Ad-Aware Security Add-on - C:\Program Files (x86)\adawaretb\adawareDx.dll [2013-02-11 87464]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-08-11 11369576]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2010-08-05 2586504]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 162328]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 417304]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Lucka\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-23 116648]
"Advanced SystemCare 6"=C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [2012-09-24 490880]
"EPSON Stylus Photo R340 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIAJA.EXE [2006-12-26 211456]
"EPSON Stylus Photo R340 Series (kopie 1)"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIAJA.EXE [2006-12-26 211456]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"Ad-Aware Browsing Protection"=C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [2013-01-31 542632]
"SearchProtection"=C:\ProgramData\Search Protection\_run.bat [2013-05-04 168]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2012-06-28 74752]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-05-31 152392]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-07-26 16:16:24 ----D---- C:\Program Files\trend micro
2013-07-26 16:16:23 ----D---- C:\rsit
2013-07-22 12:44:36 ----ASH---- C:\pagefile.sys
2013-07-12 22:59:41 ----D---- C:\Program Files (x86)\GUM266C.tmp
2013-07-12 22:59:41 ----A---- C:\Program Files (x86)\GUT266D.tmp
2013-07-11 11:32:45 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-07-11 11:32:44 ----A---- C:\Windows\system32\ieui.dll
2013-07-11 11:32:41 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-07-11 11:32:41 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-07-11 11:32:41 ----A---- C:\Windows\system32\iesetup.dll
2013-07-11 11:32:41 ----A---- C:\Windows\system32\iernonce.dll
2013-07-11 11:32:41 ----A---- C:\Windows\system32\ie4uinit.exe
2013-07-11 11:32:40 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-07-11 11:32:40 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-07-11 11:32:40 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-11 11:32:40 ----A---- C:\Windows\system32\iesysprep.dll
2013-07-11 11:32:39 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-07-11 11:32:39 ----A---- C:\Windows\system32\iertutil.dll
2013-07-11 11:32:37 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-07-11 11:32:36 ----A---- C:\Windows\system32\msfeeds.dll
2013-07-11 11:32:35 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-07-11 11:32:35 ----A---- C:\Windows\system32\jscript.dll
2013-07-11 11:32:32 ----A---- C:\Windows\system32\jscript9.dll
2013-07-11 11:32:30 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-07-11 11:32:29 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-07-11 11:32:27 ----A---- C:\Windows\system32\urlmon.dll
2013-07-11 11:32:24 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-07-11 11:32:24 ----A---- C:\Windows\system32\jsproxy.dll
2013-07-11 11:32:23 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-07-11 11:32:21 ----A---- C:\Windows\system32\wininet.dll
2013-07-11 11:32:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-07-11 11:32:13 ----A---- C:\Windows\system32\ieframe.dll
2013-07-11 11:32:11 ----A---- C:\Windows\system32\mshtml.dll
2013-07-11 11:32:05 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-07-11 11:28:02 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-07-10 10:23:27 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-07-10 10:23:26 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-07-10 10:23:25 ----A---- C:\Windows\system32\qedit.dll
2013-07-10 10:23:24 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-07-10 10:23:23 ----A---- C:\Windows\system32\win32k.sys
2013-07-10 10:22:52 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-07-10 10:22:52 ----A---- C:\Windows\system32\DWrite.dll

======List of files/folders modified in the last 1 month======

2013-07-26 16:24:24 ----D---- C:\Windows\Temp
2013-07-26 16:21:08 ----D---- C:\Windows\Prefetch
2013-07-26 16:16:24 ----RD---- C:\Program Files
2013-07-26 16:02:48 ----SHD---- C:\System Volume Information
2013-07-26 16:01:21 ----D---- C:\Windows\system32\config
2013-07-26 15:31:38 ----D---- C:\Program Files (x86)\Opera
2013-07-26 15:29:37 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-07-26 15:16:06 ----D---- C:\Windows
2013-07-26 15:16:04 ----D---- C:\Windows\debug
2013-07-26 15:15:59 ----HD---- C:\ProgramData
2013-07-26 11:28:08 ----D---- C:\Users\Lucka\AppData\Roaming\Winamp
2013-07-25 18:42:25 ----D---- C:\Program Files (x86)\The KMPlayer
2013-07-25 18:21:52 ----D---- C:\Windows\System32
2013-07-25 18:21:52 ----D---- C:\Windows\inf
2013-07-25 18:21:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-25 18:14:34 ----D---- C:\Windows\system32\drivers
2013-07-25 18:14:28 ----D---- C:\Windows\system32\pt-PT
2013-07-25 18:14:28 ----D---- C:\Windows\system32\pt-BR
2013-07-25 18:14:27 ----D---- C:\Windows\system32\nl-NL
2013-07-25 18:14:27 ----D---- C:\Windows\system32\it-IT
2013-07-25 18:14:27 ----D---- C:\Windows\system32\fr-FR
2013-07-25 18:14:27 ----D---- C:\Windows\system32\es-ES
2013-07-25 18:14:27 ----D---- C:\Windows\system32\en-US
2013-07-25 18:14:27 ----D---- C:\Windows\system32\drivers\UMDF
2013-07-25 18:14:27 ----D---- C:\Windows\system32\de-DE
2013-07-25 18:14:24 ----D---- C:\Windows\system32\catroot
2013-07-25 18:14:21 ----D---- C:\Windows\system32\DriverStore
2013-07-21 23:47:52 ----D---- C:\Users\Lucka\AppData\Roaming\Skype
2013-07-14 10:21:05 ----SHD---- C:\Windows\Installer
2013-07-14 10:21:05 ----SHD---- C:\Config.Msi
2013-07-14 01:23:48 ----D---- C:\Windows\Microsoft.NET
2013-07-14 01:08:19 ----RSD---- C:\Windows\assembly
2013-07-12 23:14:03 ----D---- C:\Program Files (x86)
2013-07-12 23:03:18 ----D---- C:\Windows\winsxs
2013-07-12 23:02:05 ----D---- C:\Program Files\Microsoft Silverlight
2013-07-12 23:02:04 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-07-12 23:00:54 ----D---- C:\Program Files\Windows Defender
2013-07-12 23:00:54 ----D---- C:\Program Files (x86)\Windows Defender
2013-07-12 23:00:53 ----D---- C:\Windows\SysWOW64
2013-07-12 23:00:53 ----D---- C:\Program Files\Internet Explorer
2013-07-12 23:00:53 ----D---- C:\Program Files (x86)\Internet Explorer
2013-07-12 23:00:51 ----D---- C:\Program Files\Windows Journal
2013-07-11 16:07:04 ----D---- C:\ProgramData\Microsoft Help
2013-07-11 16:02:09 ----D---- C:\Users\Lucka\AppData\Roaming\Mozilla
2013-07-11 11:42:32 ----A---- C:\Windows\system32\MRT.exe
2013-07-11 11:33:16 ----D---- C:\Windows\system32\catroot2
2013-07-11 11:19:26 ----A---- C:\Windows\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-06-28 189936]
R0 gfibto;gfibto; C:\Windows\system32\drivers\gfibto.sys [2013-05-04 14456]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-10-13 409624]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-06-28 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-06-28 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\Windows\system32\Drivers\SABI.sys [2009-05-28 13824]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-07-05 4745280]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2010-07-20 135720]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-08-10 111616]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-08-11 2454760]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-04-29 19456]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-04-29 57856]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 WinUsb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-31 464256]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-21 951584]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2006-12-15 126464]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-31 641352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-09 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-23 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-03 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-26 257416]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-23 116648]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 Samsung UPD Service;Samsung UPD Service; C:\Windows\System32\SUPDSvc.exe [2010-08-09 166704]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-02-23 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-09 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte na Search (hledat)
Proběhne skenováni a pak se objeví log, který sem vložte.

[LLUCIE]

# AdwCleaner v2.306 - Log vytvooen 26/07/2013 v 18:19:53
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Lucka - LUCKA-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Lucka\Desktop\AdwCleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Program Files (x86)\adawaretb
Složka Nalezeno : C:\Program Files (x86)\Conduit
Složka Nalezeno : C:\ProgramData\adawaretb
Složka Nalezeno : C:\ProgramData\Babylon
Složka Nalezeno : C:\ProgramData\blekko toolbars
Složka Nalezeno : C:\ProgramData\search protection
Složka Nalezeno : C:\ProgramData\Tarma Installer
Složka Nalezeno : C:\Users\Lucka\AppData\Local\APN
Složka Nalezeno : C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpcidiiiodpbjdkbhldlebfbnidpgaih
Složka Nalezeno : C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpcidiiiodpbjdkbhldlebfbnidpgaih
Složka Nalezeno : C:\Users\Lucka\AppData\Local\Temp\AskSearch
Složka Nalezeno : C:\Users\Lucka\AppData\LocalLow\adawaretb
Složka Nalezeno : C:\Users\Lucka\AppData\LocalLow\Conduit
Složka Nalezeno : C:\Users\Lucka\AppData\Roaming\BabSolution
Složka Nalezeno : C:\Users\Lucka\AppData\Roaming\Babylon
Složka Nalezeno : C:\Users\Lucka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com

***** [Registry] *****

Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Klíe Nalezeno : HKCU\Software\1ClickDownload
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\adawaretb
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\Conduit
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Nalezeno : HKCU\Software\BabylonToolbar
Klíe Nalezeno : HKCU\Software\DataMngr
Klíe Nalezeno : HKCU\Software\DataMngr_Toolbar
Klíe Nalezeno : HKCU\Software\Google\Chrome\Extensions\cpcidiiiodpbjdkbhldlebfbnidpgaih
Klíe Nalezeno : HKCU\Software\Google\Chrome\Extensions\cpcidiiiodpbjdkbhldlebfbnidpgaih
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Klíe Nalezeno : HKCU\Software\Softonic
Klíe Nalezeno : HKCU\Software\5d4dadbb03eb842
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Klíe Nalezeno : HKLM\Software\adawaretb
Klíe Nalezeno : HKLM\Software\Babylon
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\Software\DataMngr
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\5d4dadbb03eb842
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cpcidiiiodpbjdkbhldlebfbnidpgaih
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cpcidiiiodpbjdkbhldlebfbnidpgaih
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Klíe Nalezeno : HKLM\SOFTWARE\Tarma Installer
Klíe Nalezeno : HKU\S-1-5-21-1815483257-3944322823-750039739-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKU\S-1-5-21-1815483257-3944322823-750039739-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Registry jsou eisté.

-\\ Google Chrome v28.0.1500.72

Soubor : C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Preferences

Nalezeno [l.2478] : homepage = "hxxp://search.conduit.com/?ctid=CT3297947&SearchSource=48&CUI=UN39064036964300272&UM=1",
Nalezeno [l.2693] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3297947&SearchSource=48&CUI=UN39064036964300272&UM=1" ]

-\\ Opera v12.16.1860.0

Soubor : C:\Users\Lucka\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [5198 octets] - [26/07/2013 18:19:53]

########## EOF - C:\AdwCleaner[R1].txt - [5258 octets] ##########

[Rudy]

Spusťte znovu ADWCleaner a klikněte na >Delete< (smazat). Vložte nový log.

[LLUCIE]

# AdwCleaner v2.306 - Log vytvooen 26/07/2013 v 19:02:40
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Lucka - LUCKA-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Lucka\Desktop\AdwCleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Vymazáno : C:\Program Files (x86)\adawaretb
Složka Vymazáno : C:\ProgramData\adawaretb
Složka Vymazáno : C:\ProgramData\Babylon
Složka Vymazáno : C:\ProgramData\blekko toolbars
Složka Vymazáno : C:\ProgramData\search protection
Složka Vymazáno : C:\ProgramData\Tarma Installer
Složka Vymazáno : C:\Users\Lucka\AppData\Local\APN
Složka Vymazáno : C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpcidiiiodpbjdkbhldlebfbnidpgaih
Složka Vymazáno : C:\Users\Lucka\AppData\Local\Temp\AskSearch
Složka Vymazáno : C:\Users\Lucka\AppData\LocalLow\adawaretb
Složka Vymazáno : C:\Users\Lucka\AppData\LocalLow\Conduit
Složka Vymazáno : C:\Users\Lucka\AppData\Roaming\BabSolution
Složka Vymazáno : C:\Users\Lucka\AppData\Roaming\Babylon
Složka Vymazáno : C:\Users\Lucka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com
Vymazáno poi restartu : C:\Program Files (x86)\Conduit
Vymazáno poi restartu : C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpcidiiiodpbjdkbhldlebfbnidpgaih

***** [Registry] *****

Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Hodnota Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Klíe Vymazáno : HKCU\Software\1ClickDownload
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\adawaretb
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\Conduit
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Vymazáno : HKCU\Software\BabylonToolbar
Klíe Vymazáno : HKCU\Software\DataMngr
Klíe Vymazáno : HKCU\Software\DataMngr_Toolbar
Klíe Vymazáno : HKCU\Software\Google\Chrome\Extensions\cpcidiiiodpbjdkbhldlebfbnidpgaih
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Klíe Vymazáno : HKCU\Software\Softonic
Klíe Vymazáno : HKCU\Software\5d4dadbb03eb842
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Klíe Vymazáno : HKLM\Software\adawaretb
Klíe Vymazáno : HKLM\Software\Babylon
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Vymazáno : HKLM\Software\DataMngr
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\5d4dadbb03eb842
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cpcidiiiodpbjdkbhldlebfbnidpgaih
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Klíe Vymazáno : HKLM\SOFTWARE\Tarma Installer

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Registry jsou eisté.

-\\ Google Chrome v28.0.1500.72

Soubor : C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Preferences

Vymazáno [l.2482] : homepage = "hxxp://search.conduit.com/?ctid=CT3297947&SearchSource=48&CUI=UN39064036964300272&UM[...]
Vymazáno [l.2699] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3297947&SearchSource=48&CUI[...]

-\\ Opera v12.16.1860.0

Soubor : C:\Users\Lucka\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [5319 octets] - [26/07/2013 18:19:53]
AdwCleaner[S1].txt - [4744 octets] - [26/07/2013 19:02:40]

########## EOF - C:\AdwCleaner[S1].txt - [4804 octets] ##########

[Rudy]

Dejte nový log RSIT.

[LLUCIE]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Lucka at 2013-07-26 19:48:22
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 2 GB (4%) free of 40 GB
Total RAM: 3033 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:48:27, on 26.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
C:\Program Files\trend micro\Lucka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: W2PBrowser Browser Helper - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
O4 - HKLM\..\Run: [SearchProtection] C:\ProgramData\Search Protection\_run.bat
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Lucka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [EPSON Stylus Photo R340 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIAJA.EXE /FU "C:\Windows\TEMP\E_S3A9.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus Photo R340 Series (kopie 1)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIAJA.EXE /FU "C:\Windows\TEMP\E_SB607.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [ConduitFloatingPlugin_cpcidiiiodpbjdkbhldlebfbnidpgaih] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Conduit\CT3297947\plugins\TBVerifier.dll",RunConduitFloatingPlugin cpcidiiiodpbjdkbhldlebfbnidpgaih
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service - Unknown owner - C:\Windows\System32\SUPDSvc.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 11905 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 4834256
\??\C:\Windows\system32\conhost.exe "833335374-363576427-417679898-36796359-1665707774-26853899-2126511406-244628299
C:\Windows\System32\spoolsv.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
taskeng.exe {6D55D1E2-8175-4B4D-9C98-198FC1D5F69F}
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2444
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\igfxtray.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\igfxext.exe -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
"C:\Windows\SysWOW64\rundll32.exe" "C:\Program Files (x86)\Conduit\CT3297947\plugins\TBVerifier.dll",RunConduitFloatingPlugin cpcidiiiodpbjdkbhldlebfbnidpgaih
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Opera\opera.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe"
"C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe"
"C:\Users\Lucka\Downloads\RSITx64 (1).exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1815483257-3944322823-750039739-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1815483257-3944322823-750039739-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2013-06-13 205472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2013-03-09 877760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA609D72-8482-4076-8991-8CDAE5B93BCB}]
W2PBrowser Class - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll [2010-08-23 1236992]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL [2013-03-09 704704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL [2013-06-03 1725128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-08-11 11369576]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2010-08-05 2586504]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 162328]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 417304]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Lucka\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-23 116648]
"Advanced SystemCare 6"=C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [2012-09-24 490880]
"EPSON Stylus Photo R340 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIAJA.EXE [2006-12-26 211456]
"EPSON Stylus Photo R340 Series (kopie 1)"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIAJA.EXE [2006-12-26 211456]
"ConduitFloatingPlugin_cpcidiiiodpbjdkbhldlebfbnidpgaih"=C:\Windows\SysWOW64\Rundll32.exe [2009-07-14 44544]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"Ad-Aware Browsing Protection"=C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [2013-01-31 542632]
"SearchProtection"=C:\ProgramData\Search Protection\_run.bat []
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2012-06-28 74752]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-05-31 152392]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-07-26 19:02:40 ----A---- C:\AdwCleaner[S1].txt
2013-07-26 18:19:53 ----A---- C:\AdwCleaner[R1].txt
2013-07-26 18:16:36 ----D---- C:\Program Files (x86)\Conduit
2013-07-26 16:16:24 ----D---- C:\Program Files\trend micro
2013-07-26 16:16:23 ----D---- C:\rsit
2013-07-22 12:44:36 ----ASH---- C:\pagefile.sys
2013-07-12 22:59:41 ----D---- C:\Program Files (x86)\GUM266C.tmp
2013-07-12 22:59:41 ----A---- C:\Program Files (x86)\GUT266D.tmp
2013-07-11 11:32:45 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-07-11 11:32:44 ----A---- C:\Windows\system32\ieui.dll
2013-07-11 11:32:41 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-07-11 11:32:41 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-07-11 11:32:41 ----A---- C:\Windows\system32\iesetup.dll
2013-07-11 11:32:41 ----A---- C:\Windows\system32\iernonce.dll
2013-07-11 11:32:41 ----A---- C:\Windows\system32\ie4uinit.exe
2013-07-11 11:32:40 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-07-11 11:32:40 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-07-11 11:32:40 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-11 11:32:40 ----A---- C:\Windows\system32\iesysprep.dll
2013-07-11 11:32:39 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-07-11 11:32:39 ----A---- C:\Windows\system32\iertutil.dll
2013-07-11 11:32:37 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-07-11 11:32:36 ----A---- C:\Windows\system32\msfeeds.dll
2013-07-11 11:32:35 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-07-11 11:32:35 ----A---- C:\Windows\system32\jscript.dll
2013-07-11 11:32:32 ----A---- C:\Windows\system32\jscript9.dll
2013-07-11 11:32:30 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-07-11 11:32:29 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-07-11 11:32:27 ----A---- C:\Windows\system32\urlmon.dll
2013-07-11 11:32:24 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-07-11 11:32:24 ----A---- C:\Windows\system32\jsproxy.dll
2013-07-11 11:32:23 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-07-11 11:32:21 ----A---- C:\Windows\system32\wininet.dll
2013-07-11 11:32:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-07-11 11:32:13 ----A---- C:\Windows\system32\ieframe.dll
2013-07-11 11:32:11 ----A---- C:\Windows\system32\mshtml.dll
2013-07-11 11:32:05 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-07-11 11:28:02 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-07-10 10:23:27 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-07-10 10:23:26 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-07-10 10:23:25 ----A---- C:\Windows\system32\qedit.dll
2013-07-10 10:23:24 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-07-10 10:23:23 ----A---- C:\Windows\system32\win32k.sys
2013-07-10 10:22:52 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-07-10 10:22:52 ----A---- C:\Windows\system32\DWrite.dll

======List of files/folders modified in the last 1 month======

2013-07-26 19:48:25 ----D---- C:\Windows\Temp
2013-07-26 19:19:49 ----D---- C:\Windows\Prefetch
2013-07-26 19:18:25 ----D---- C:\Windows
2013-07-26 19:17:53 ----D---- C:\Windows\system32\config
2013-07-26 19:15:40 ----D---- C:\Program Files (x86)
2013-07-26 19:15:39 ----HD---- C:\ProgramData
2013-07-26 16:16:24 ----RD---- C:\Program Files
2013-07-26 16:02:48 ----SHD---- C:\System Volume Information
2013-07-26 15:31:38 ----D---- C:\Program Files (x86)\Opera
2013-07-26 15:29:37 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-07-26 15:16:04 ----D---- C:\Windows\debug
2013-07-26 11:28:08 ----D---- C:\Users\Lucka\AppData\Roaming\Winamp
2013-07-25 18:42:25 ----D---- C:\Program Files (x86)\The KMPlayer
2013-07-25 18:21:52 ----D---- C:\Windows\System32
2013-07-25 18:21:52 ----D---- C:\Windows\inf
2013-07-25 18:21:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-25 18:14:34 ----D---- C:\Windows\system32\drivers
2013-07-25 18:14:28 ----D---- C:\Windows\system32\pt-PT
2013-07-25 18:14:28 ----D---- C:\Windows\system32\pt-BR
2013-07-25 18:14:27 ----D---- C:\Windows\system32\nl-NL
2013-07-25 18:14:27 ----D---- C:\Windows\system32\it-IT
2013-07-25 18:14:27 ----D---- C:\Windows\system32\fr-FR
2013-07-25 18:14:27 ----D---- C:\Windows\system32\es-ES
2013-07-25 18:14:27 ----D---- C:\Windows\system32\en-US
2013-07-25 18:14:27 ----D---- C:\Windows\system32\drivers\UMDF
2013-07-25 18:14:27 ----D---- C:\Windows\system32\de-DE
2013-07-25 18:14:24 ----D---- C:\Windows\system32\catroot
2013-07-25 18:14:21 ----D---- C:\Windows\system32\DriverStore
2013-07-21 23:47:52 ----D---- C:\Users\Lucka\AppData\Roaming\Skype
2013-07-14 10:21:05 ----SHD---- C:\Windows\Installer
2013-07-14 10:21:05 ----SHD---- C:\Config.Msi
2013-07-14 01:23:48 ----D---- C:\Windows\Microsoft.NET
2013-07-14 01:08:19 ----RSD---- C:\Windows\assembly
2013-07-12 23:03:18 ----D---- C:\Windows\winsxs
2013-07-12 23:02:05 ----D---- C:\Program Files\Microsoft Silverlight
2013-07-12 23:02:04 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-07-12 23:00:54 ----D---- C:\Program Files\Windows Defender
2013-07-12 23:00:54 ----D---- C:\Program Files (x86)\Windows Defender
2013-07-12 23:00:53 ----D---- C:\Windows\SysWOW64
2013-07-12 23:00:53 ----D---- C:\Program Files\Internet Explorer
2013-07-12 23:00:53 ----D---- C:\Program Files (x86)\Internet Explorer
2013-07-12 23:00:51 ----D---- C:\Program Files\Windows Journal
2013-07-11 16:07:04 ----D---- C:\ProgramData\Microsoft Help
2013-07-11 16:02:09 ----D---- C:\Users\Lucka\AppData\Roaming\Mozilla
2013-07-11 11:42:32 ----A---- C:\Windows\system32\MRT.exe
2013-07-11 11:33:16 ----D---- C:\Windows\system32\catroot2
2013-07-11 11:19:26 ----A---- C:\Windows\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-06-28 189936]
R0 gfibto;gfibto; C:\Windows\system32\drivers\gfibto.sys [2013-05-04 14456]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-10-13 409624]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-06-28 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-06-28 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\Windows\system32\Drivers\SABI.sys [2009-05-28 13824]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-07-05 4745280]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2010-07-20 135720]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-08-10 111616]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-08-11 2454760]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-04-29 19456]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-04-29 57856]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 WinUsb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-31 464256]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-21 951584]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2006-12-15 126464]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-31 641352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-09 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-23 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-03 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-26 257416]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-23 116648]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 Samsung UPD Service;Samsung UPD Service; C:\Windows\System32\SUPDSvc.exe [2010-08-09 166704]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-02-23 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-09 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1815483257-3944322823-750039739-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1815483257-3944322823-750039739-1000UA.job
C:\Program Files (x86)\GUM266C.tmp
C:\Program Files (x86)\GUT266D.tmp

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ConduitFloatingPlugin_cpcidiiiodpbjdkbhldlebfbnidpgaih"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

[LLUCIE]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Lucka at 2013-07-26 20:56:13
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 1 GB (3%) free of 40 GB
Total RAM: 3033 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:56:30, on 26.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\AutoSweep.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
C:\Users\Lucka\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files\trend micro\Lucka.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: W2PBrowser Browser Helper - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
O4 - HKLM\..\Run: [SearchProtection] C:\ProgramData\Search Protection\_run.bat
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Lucka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [EPSON Stylus Photo R340 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIAJA.EXE /FU "C:\Windows\TEMP\E_S3A9.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus Photo R340 Series (kopie 1)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIAJA.EXE /FU "C:\Windows\TEMP\E_SB607.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service - Unknown owner - C:\Windows\System32\SUPDSvc.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 11685 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 3131728
\??\C:\Windows\system32\conhost.exe "-379482406-463305308-1761663468-6963501781811633373-953065520-2104566285-465774268
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
taskeng.exe {D3B4B766-B52E-4761-8638-774BA50D95C4}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
taskeng.exe {31CCC16D-7730-4306-B6BC-22E89AA04778}
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\AutoSweep.exe" /autorun
WLIDSvcM.exe 2432
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Users\Lucka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
"C:\Program Files (x86)\Winamp\winampa.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe"
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Lucka\Desktop\Nový textový dokument.txt
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
cmd /cpowercfg -changename 09cae270-974c-404c-a9d3-fe8255932291 "Optimalizováno pro značku Samsung" "Maximalizuje výkon u střídavého napájení a minimalizuje spotřebu energie při napájení z baterie."
"C:\Program Files\AVAST Software\Avast\setup\avast.setup" /downloadpkgs /noreboot /updatevps /verysilent /session "0" /limitcpu
"C:\Users\Lucka\Downloads\RSITx64 (1).exe"
\??\C:\Windows\system32\conhost.exe "819821099-204896924-54498656088358971148849578385173420528225346-1490095631
C:\Windows\System32\svchost.exe -k WerSvcGroup
powercfg -changename 09cae270-974c-404c-a9d3-fe8255932291 "Optimalizováno pro značku Samsung" "Maximalizuje výkon u střídavého napájení a minimalizuje spotřebu energie při napájení z baterie."
"C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2013-06-13 205472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2013-03-09 877760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA609D72-8482-4076-8991-8CDAE5B93BCB}]
W2PBrowser Class - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll [2010-08-23 1236992]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL [2013-03-09 704704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL [2013-06-03 1725128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-08-11 11369576]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2010-08-05 2586504]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 162328]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 417304]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Lucka\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-23 116648]
"Advanced SystemCare 6"=C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [2012-09-24 490880]
"EPSON Stylus Photo R340 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIAJA.EXE [2006-12-26 211456]
"EPSON Stylus Photo R340 Series (kopie 1)"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIAJA.EXE [2006-12-26 211456]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"Ad-Aware Browsing Protection"=C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [2013-01-31 542632]
"SearchProtection"=C:\ProgramData\Search Protection\_run.bat []
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2012-06-28 74752]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-05-31 152392]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-07-26 20:48:28 ----D---- C:\_OTM
2013-07-26 20:21:24 ----D---- C:\Users\Lucka\AppData\Roaming\MPMAN
2013-07-26 19:02:40 ----A---- C:\AdwCleaner[S1].txt
2013-07-26 18:19:53 ----A---- C:\AdwCleaner[R1].txt
2013-07-26 18:16:36 ----D---- C:\Program Files (x86)\Conduit
2013-07-26 16:16:24 ----D---- C:\Program Files\trend micro
2013-07-26 16:16:23 ----D---- C:\rsit
2013-07-22 12:44:36 ----ASH---- C:\pagefile.sys
2013-07-11 11:32:45 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-07-11 11:32:44 ----A---- C:\Windows\system32\ieui.dll
2013-07-11 11:32:41 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-07-11 11:32:41 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-07-11 11:32:41 ----A---- C:\Windows\system32\iesetup.dll
2013-07-11 11:32:41 ----A---- C:\Windows\system32\iernonce.dll
2013-07-11 11:32:41 ----A---- C:\Windows\system32\ie4uinit.exe
2013-07-11 11:32:40 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-07-11 11:32:40 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-07-11 11:32:40 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-11 11:32:40 ----A---- C:\Windows\system32\iesysprep.dll
2013-07-11 11:32:39 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-07-11 11:32:39 ----A---- C:\Windows\system32\iertutil.dll
2013-07-11 11:32:37 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-07-11 11:32:36 ----A---- C:\Windows\system32\msfeeds.dll
2013-07-11 11:32:35 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-07-11 11:32:35 ----A---- C:\Windows\system32\jscript.dll
2013-07-11 11:32:32 ----A---- C:\Windows\system32\jscript9.dll
2013-07-11 11:32:30 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-07-11 11:32:29 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-07-11 11:32:27 ----A---- C:\Windows\system32\urlmon.dll
2013-07-11 11:32:24 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-07-11 11:32:24 ----A---- C:\Windows\system32\jsproxy.dll
2013-07-11 11:32:23 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-07-11 11:32:21 ----A---- C:\Windows\system32\wininet.dll
2013-07-11 11:32:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-07-11 11:32:13 ----A---- C:\Windows\system32\ieframe.dll
2013-07-11 11:32:11 ----A---- C:\Windows\system32\mshtml.dll
2013-07-11 11:32:05 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-07-11 11:28:02 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-07-10 10:23:27 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-07-10 10:23:26 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-07-10 10:23:25 ----A---- C:\Windows\system32\qedit.dll
2013-07-10 10:23:24 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-07-10 10:23:23 ----A---- C:\Windows\system32\win32k.sys
2013-07-10 10:22:52 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-07-10 10:22:52 ----A---- C:\Windows\system32\DWrite.dll

======List of files/folders modified in the last 1 month======

2013-07-26 20:56:07 ----D---- C:\Windows\Temp
2013-07-26 20:55:21 ----D---- C:\Windows\Prefetch
2013-07-26 20:54:51 ----D---- C:\Windows\system32\config
2013-07-26 20:48:30 ----D---- C:\Program Files (x86)
2013-07-26 20:48:29 ----D---- C:\Windows\Tasks
2013-07-26 20:40:00 ----SHD---- C:\System Volume Information
2013-07-26 20:27:24 ----D---- C:\Windows\System32
2013-07-26 20:27:24 ----D---- C:\Windows\inf
2013-07-26 20:27:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-26 20:23:11 ----SHD---- C:\Windows\Installer
2013-07-26 20:23:10 ----SHD---- C:\Config.Msi
2013-07-26 20:23:09 ----SD---- C:\Users\Lucka\AppData\Roaming\Microsoft
2013-07-26 19:18:25 ----D---- C:\Windows
2013-07-26 19:15:39 ----HD---- C:\ProgramData
2013-07-26 16:16:24 ----RD---- C:\Program Files
2013-07-26 15:31:38 ----D---- C:\Program Files (x86)\Opera
2013-07-26 15:29:37 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-07-26 15:16:04 ----D---- C:\Windows\debug
2013-07-26 11:28:08 ----D---- C:\Users\Lucka\AppData\Roaming\Winamp
2013-07-25 18:42:25 ----D---- C:\Program Files (x86)\The KMPlayer
2013-07-25 18:14:34 ----D---- C:\Windows\system32\drivers
2013-07-25 18:14:28 ----D---- C:\Windows\system32\pt-PT
2013-07-25 18:14:28 ----D---- C:\Windows\system32\pt-BR
2013-07-25 18:14:27 ----D---- C:\Windows\system32\nl-NL
2013-07-25 18:14:27 ----D---- C:\Windows\system32\it-IT
2013-07-25 18:14:27 ----D---- C:\Windows\system32\fr-FR
2013-07-25 18:14:27 ----D---- C:\Windows\system32\es-ES
2013-07-25 18:14:27 ----D---- C:\Windows\system32\en-US
2013-07-25 18:14:27 ----D---- C:\Windows\system32\drivers\UMDF
2013-07-25 18:14:27 ----D---- C:\Windows\system32\de-DE
2013-07-25 18:14:24 ----D---- C:\Windows\system32\catroot
2013-07-25 18:14:21 ----D---- C:\Windows\system32\DriverStore
2013-07-21 23:47:52 ----D---- C:\Users\Lucka\AppData\Roaming\Skype
2013-07-14 01:23:48 ----D---- C:\Windows\Microsoft.NET
2013-07-14 01:08:19 ----RSD---- C:\Windows\assembly
2013-07-12 23:03:18 ----D---- C:\Windows\winsxs
2013-07-12 23:02:05 ----D---- C:\Program Files\Microsoft Silverlight
2013-07-12 23:02:04 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-07-12 23:00:54 ----D---- C:\Program Files\Windows Defender
2013-07-12 23:00:54 ----D---- C:\Program Files (x86)\Windows Defender
2013-07-12 23:00:53 ----D---- C:\Windows\SysWOW64
2013-07-12 23:00:53 ----D---- C:\Program Files\Internet Explorer
2013-07-12 23:00:53 ----D---- C:\Program Files (x86)\Internet Explorer
2013-07-12 23:00:51 ----D---- C:\Program Files\Windows Journal
2013-07-11 16:07:04 ----D---- C:\ProgramData\Microsoft Help
2013-07-11 16:02:09 ----D---- C:\Users\Lucka\AppData\Roaming\Mozilla
2013-07-11 11:42:32 ----A---- C:\Windows\system32\MRT.exe
2013-07-11 11:33:16 ----D---- C:\Windows\system32\catroot2
2013-07-11 11:19:26 ----A---- C:\Windows\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-06-28 189936]
R0 gfibto;gfibto; C:\Windows\system32\drivers\gfibto.sys [2013-05-04 14456]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-10-13 409624]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-06-28 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-06-28 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\Windows\system32\Drivers\SABI.sys [2009-05-28 13824]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-07-05 4745280]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2010-07-20 135720]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-08-10 111616]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-08-11 2454760]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-04-29 19456]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-04-29 57856]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 WinUsb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-31 464256]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-21 951584]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2006-12-15 126464]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-31 641352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-09 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-23 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-03 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-26 257416]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-23 116648]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 Samsung UPD Service;Samsung UPD Service; C:\Windows\System32\SUPDSvc.exe [2010-08-09 166704]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-02-23 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-09 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

[Rudy]

Dvouklikem na soubor C:\Program Files\trend micro\Lucka.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Doporučil bych odinstalovat AdvancedSystemCare. Tento čínský šmejd dokáže v rukou laika poškodit systém. Další problém je přeplněný disk. Bude třeba buď přesunout některá data na jiné úložiště, nebo odinstalovat nepoužívané programy.

[LLUCIE]

Dobře. Děkuju.

[Rudy]

Jinak je vše v pořádku?

[LLUCIE]

Víceméně ano.

[Rudy]

OK a nemáte zač!