Mywebsearch

Zpráva

Petulka90 · #1 Příspěvek od **Petulka90** » 02 říj 2013 17:38

Ahoj, potřebovala bych pomoc s odstraněním vyhledávač mywebsearch, měla jsem trošku probém s iternetem ajak jsem se dočetla na netu může být mywebsearch spojen s napadením počítače, či tak něco.

Už dva dny se to snažím pomocí různých programu zrušit ale pořád to nejde...Tak prosím nějakou radu

#2 Příspěvek od **vyosek** » 02 říj 2013 18:05

Zdravim Petko, pekny vecer preji a vitam Vas u nas na foru

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Petulka90 · #3 Příspěvek od **Petulka90** » 02 říj 2013 18:16

Ok, super, děkuji, jdu na to a pak to sem všechno vložím.. koukala jsem na podobnou otázku, ale tam jste psali, aby se nic nemazalo dokud sem nepošle dotyčný ten log, tak jsem si říkala, radši sem napíšu... jdu teda na to:D

#4 Příspěvek od **vyosek** » 02 říj 2013 19:10

Ano, neni dobre aplikovat ruzne nastroje atd bez doporuceni, jednak nam tim mazete stopy a jednak to muze mit spatny vliv na celkovy chod systemu...

Pockam si tedy na logy a pak pujdeme dale...

Petulka90 · #5 Příspěvek od **Petulka90** » 02 říj 2013 19:32

tak tady je log z JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.3 (09.27.2013:1)
OS: Windows 7 Home Premium x64
Ran by Petulka on st 02.10.2013 at 19:37:13,09
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sweetim
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sweetpacks communicator
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\yontoo desktop
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3207855735-3629935672-955468021-1001\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440}

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sim-packages
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetim_urlsearchhook.toolbarurlsearchhook
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\genericasktoolbar.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\viprotocol.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{13119113-0854-469D-807A-171568457991}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{33119133-0854-469D-807A-171568457991}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{23119123-0854-469D-807A-171568457991}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{03119103-0854-469D-807A-171568457991}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wnlt
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3207855735-3629935672-955468021-1001\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\esafeseccontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\qvo6software
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\alxssb.alxtbssb
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\alxssb.alxtbssb.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dttoolbar.toolbandobj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dttoolbar.toolbandobj.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\3192aa38321c641458dbdaf83979d193
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\s
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\funmoodslatest_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\funmoodslatest_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\softwareupdater_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\softwareupdater_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\1clickdownload
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\softwareupdater
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\sweetim bundle by sweetpacks
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\wnlt
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\wsyscontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{83aa2913-c123-4146-85bd-ad8f93971d39}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86d4b82a-abed-442a-be86-96357b70f4fe}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{96e2e493-c484-43e3-9b95-d62ee7d40d3a}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{a0c9df2b-89b5-4483-8983-18a68200f1b4}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT1750559
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3283142
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\The Hanging Gardens of Babylon_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\The Hanging Gardens of Babylon_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_terraria_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_terraria_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\The Hanging Gardens of Babylon_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\The Hanging Gardens of Babylon_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_terraria_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_terraria_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{284E2A30-E19F-C725-D18F-1F3BFDEEE525}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3d29c02b-bf3e-4d3b-8a7a-e0e7d0f6dbab}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D2C50D8F-92B5-4760-BE51-F45AD5B0BB3E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F2B593D6-6CC0-46D9-A934-638C4F163633}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{3d29c02b-bf3e-4d3b-8a7a-e0e7d0f6dbab}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB5D199E-9659-47A2-930B-FC3B69061353}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68bd5917-377a-4c9d-b4d3-01dcbcb1e299}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{68bd5917-377a-4c9d-b4d3-01dcbcb1e299}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_current_user\software\ask.com"
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\appid\{9b0cb95c-933a-4b8c-b6d4-edcd19a43874}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\typelib\{2996f0e7-292b-4cae-893f-47b8b1c05b56}"

~~~ Files

Successfully deleted: [File] "C:\Users\Petulka\appdata\local\funmoods-speeddial.crx"
Successfully deleted: [File] "C:\Users\Petulka\appdata\local\funmoods.crx"
Successfully deleted: [File] "C:\end"
Successfully disinfected: [Shortcut] C:\Users\Petulka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Successfully disinfected: [Shortcut] C:\Users\Petulka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
Successfully disinfected: [Shortcut] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Successfully disinfected: [Shortcut] C:\Users\Petulka\AppData\Roaming\microsoft\windows\start menu\Programs\Internet Explorer (64-bit).lnk
Successfully disinfected: [Shortcut] C:\Users\Petulka\AppData\Roaming\microsoft\windows\start menu\Programs\Internet Explorer.lnk
Successfully disinfected: [Shortcut] C:\Users\Petulka\AppData\Roaming\microsoft\windows\start menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Successfully disinfected: [Shortcut] C:\Users\Public\Desktop\Mozilla Firefox.lnk

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\esafe"
Successfully deleted: [Folder] "C:\ProgramData\hotspot shield"
Successfully deleted: [Folder] "C:\ProgramData\ibupdaterservice"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\ProgramData\sweetim"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\Users\Petulka\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Petulka\AppData\Roaming\file scout"
Successfully deleted: [Folder] "C:\Users\Petulka\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Petulka\AppData\Roaming\performersoft"
Successfully deleted: [Folder] "C:\Users\Petulka\AppData\Roaming\yontoo"
Successfully deleted: [Folder] "C:\Users\Petulka\appdata\local\conduit"
Failed to delete: [Folder] "C:\Users\Petulka\appdata\local\gamingwonderland"
Successfully deleted: [Folder] "C:\Users\Petulka\appdata\local\torch"
Successfully deleted: [Folder] "C:\Users\Petulka\appdata\locallow\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\Petulka\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Petulka\appdata\locallow\gamingwonderland"
Successfully deleted: [Folder] "C:\Users\Petulka\appdata\locallow\ilividtoolbarguid"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\daemon tools toolbar"
Failed to delete: [Folder] "C:\Program Files (x86)\gamingwonderland"
Successfully deleted: [Folder] "C:\Program Files (x86)\hotspot shield"
Successfully deleted: [Folder] "C:\Program Files (x86)\search results toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\sweetim"
Successfully deleted: [Folder] "C:\Program Files (x86)\sweetpacks bundle uninstaller"
Successfully deleted: [Folder] "C:\Windows\syswow64\arfc"
Successfully deleted: [Folder] "C:\Windows\syswow64\jmdp"
Successfully deleted: [Folder] "C:\Windows\syswow64\wnlt"
Successfully deleted: [Empty Folder] C:\Users\Petulka\appdata\local\{2C92E320-0613-4719-A675-B56C19442596}
Successfully deleted: [Empty Folder] C:\Users\Petulka\appdata\local\{4992A55F-8AC9-432C-A99A-1EC21A264001}
Successfully deleted: [Empty Folder] C:\Users\Petulka\appdata\local\{49A505D9-3E16-496F-AAC0-6A2CC55E2BED}
Successfully deleted: [Empty Folder] C:\Users\Petulka\appdata\local\{6CB555B3-0066-42AA-AA29-19CD676A1D85}
Successfully deleted: [Empty Folder] C:\Users\Petulka\appdata\local\{6E0D7AAB-4110-4A56-87CC-EA192A0C2DB1}
Successfully deleted: [Empty Folder] C:\Users\Petulka\appdata\local\{71070BB0-D7C7-4B97-BB3C-C758740547D3}
Successfully deleted: [Empty Folder] C:\Users\Petulka\appdata\local\{7E107EA3-CB39-4D20-AEB9-701BFD482BA8}
Successfully deleted: [Empty Folder] C:\Users\Petulka\appdata\local\{854B18BE-BA03-4445-86B8-92E518F014BC}
Successfully deleted: [Empty Folder] C:\Users\Petulka\appdata\local\{8FFC9F8C-D8A0-460F-BAFD-4C1B4F7A9990}
Successfully deleted: [Empty Folder] C:\Users\Petulka\appdata\local\{9E300385-CDFD-4E08-82D7-A5B1DAB5DEB1}
Successfully deleted: [Empty Folder] C:\Users\Petulka\appdata\local\{B8D80F6E-817E-411A-8392-5F665ADFF4D4}
Successfully deleted: [Empty Folder] C:\Users\Petulka\appdata\local\{FD50D1B8-C123-4CDB-B899-EFD8A2D6E006}
Successfully deleted: [Folder] "C:\ProgramData\ask"
Successfully deleted: [Folder] "C:\Users\Petulka\appdata\locallow\asktoolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\ask.com"
Successfully deleted: [Folder] "C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}"

~~~ FireFox

Successfully deleted: [File] C:\user.js
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml"
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search_results.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search_results.xml"
Failed to delete: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}"
Failed to delete: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}"
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\gtffxtbr@gamingwonderland.com
Successfully deleted the following from C:\Users\Petulka\AppData\Roaming\mozilla\firefox\profiles\nls2mixc.default-1380380764702\prefs.js

user_pref("browser.search.defaultenginename", "qvo6");
user_pref("browser.search.selectedEngine", "qvo6");
user_pref("browser.startup.homepage", "hxxp://www.qvo6.com/?utm_source=b&utm_medium=w ... 1102&ts=13
user_pref("extensions.mywebsearch.prevDefaultEngine", "Google");
user_pref("extensions.mywebsearch.prevKwdEnabled", true);
user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=CA1500CD-891A-4C76-B9D9-0E29204DF100&n=77fd5bd1&ind=201309281
user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");
user_pref("extensions.toolbar.mindspark._gtMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=CA1500CD-891A-4C76-B9D9-0E29204DF100&n=77fd5bd1&p2=^Z7^xdm189^YY^cz
user_pref("extensions.toolbar.mindspark._gtMembers_.hp.enabled", false);
user_pref("extensions.toolbar.mindspark._gtMembers_.hp.user.defined", true);
user_pref("extensions.toolbar.mindspark._gtMembers_.initialized", true);
user_pref("extensions.toolbar.mindspark._gtMembers_.installation.contextKey", "");
user_pref("extensions.toolbar.mindspark._gtMembers_.installation.installDate", "2013092817");
user_pref("extensions.toolbar.mindspark._gtMembers_.installation.partnerId", "^Z7^xdm189^YY^cz");
user_pref("extensions.toolbar.mindspark._gtMembers_.installation.partnerSubId", "jenya2");
user_pref("extensions.toolbar.mindspark._gtMembers_.installation.success", true);
user_pref("extensions.toolbar.mindspark._gtMembers_.installation.toolbarId", "CA1500CD-891A-4C76-B9D9-0E29204DF100");
user_pref("extensions.toolbar.mindspark._gtMembers_.lastActivePing", "1380727037632");
user_pref("extensions.toolbar.mindspark._gtMembers_.options.defaultSearch", true);
user_pref("extensions.toolbar.mindspark._gtMembers_.options.homePageEnabled", true);
user_pref("extensions.toolbar.mindspark._gtMembers_.options.keywordEnabled", false);
user_pref("extensions.toolbar.mindspark._gtMembers_.options.tabEnabled", true);
user_pref("extensions.toolbar.mindspark._gtMembers_.weather.location", "10001");
user_pref("extensions.toolbar.mindspark.hp.enabled", false);
user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
user_pref("extensions.toolbar.mindspark.lastInstalled", "gamingwonderland@mindspark.com");
user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=CA1500CD-891A-4C76-B9D9-0E29204DF100&n=77fd5bd1&ind=2013092817&p2=^Z7^xdm189^YY^cz&
Emptied folder: C:\Users\Petulka\AppData\Roaming\mozilla\firefox\profiles\nls2mixc.default-1380380764702\minidumps [7 files]

~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 02.10.2013 at 20:31:52,43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Petulka90 · #6 Příspěvek od **Petulka90** » 02 říj 2013 19:39

a tady je log z adwcleaner

# AdwCleaner v3.006 - Report created 02/10/2013 at 20:34:22
# Updated 01/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Petulka - PETULKA-PC
# Running from : C:\Users\Petulka\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : GamingWonderlandService
[#] Service Deleted : WsysSvc
[#] Service Deleted : Yontoo Desktop Updater

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Alawar
Folder Deleted : C:\ProgramData\Alawar Stargaze
Folder Deleted : C:\ProgramData\AlawarWrapper
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\GamingWonderland
Folder Deleted : C:\Program Files (x86)\SoftwareUpdater
Folder Deleted : C:\Program Files (x86)\Alawar
Folder Deleted : C:\Program Files (x86)\BS_Player
Folder Deleted : C:\Program Files (x86)\BS_Player_B2
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Petulka\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Petulka\AppData\Local\GamingWonderland
Folder Deleted : C:\Users\Petulka\AppData\Local\PackageAware
Folder Deleted : C:\Users\Petulka\AppData\Local\AlawarWrapper
Folder Deleted : C:\Users\Petulka\AppData\Local\Temp\eIntaller
Folder Deleted : C:\Users\Petulka\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Petulka\AppData\LocalLow\BS_Player
Folder Deleted : C:\Users\Petulka\AppData\LocalLow\BS_Player_B2
Folder Deleted : C:\Users\Petulka\AppData\Roaming\7go
Folder Deleted : C:\Users\Petulka\AppData\Roaming\EZDownloader
Folder Deleted : C:\Users\Petulka\AppData\Roaming\SeeSimilar02
Folder Deleted : C:\Users\Petulka\AppData\Roaming\Alawar
Folder Deleted : C:\Users\Petulka\AppData\Roaming\Alawar Stargaze
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
File Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
File Deleted : C:\Windows\System32\dmwu.exe
File Deleted : C:\Windows\System32\ImhxxpComm.dll
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Petulka\AppData\Roaming\speedanalysis.ico
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\user.js
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gjajpkikblccgefaibcafkfbanllpefi
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [GamingWonderland Search Scope Monitor]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [GamingWonderland Browser Plugin Loader]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A899079D-206F-43A6-BE6A-07E0FA648EA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{055DD326-956C-4827-9467-A172509E81B3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F952BC62-9D9C-4551-8AD9-3E4C072B748F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DA9FC525-41ED-4C00-B046-946DA7CDD305}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A899079D-206F-43A6-BE6A-07E0FA648EA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{68BD5917-377A-4C9D-B4D3-01DCBCB1E299}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A899079D-206F-43A6-BE6A-07E0FA648EA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{68BD5917-377A-4C9D-B4D3-01DCBCB1E299}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{055DD326-956C-4827-9467-A172509E81B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F952BC62-9D9C-4551-8AD9-3E4C072B748F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3232A9F8-A3CE-4F3A-A769-B9685B9039E6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BE7BB97-630E-47B5-BB7C-5EDC08593619}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D4C0A932-7898-4A9B-AB23-541CAB038AF6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4A74F41B-1ECE-4A5D-B9FF-3BCAB1C9EFC8}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A899079D-206F-43A6-BE6A-07E0FA648EA0}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{68BD5917-377A-4C9D-B4D3-01DCBCB1E299}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A899079D-206F-43A6-BE6A-07E0FA648EA0}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{68BD5917-377A-4C9D-B4D3-01DCBCB1E299}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{68BD5917-377A-4C9D-B4D3-01DCBCB1E299}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{68BD5917-377A-4C9D-B4D3-01DCBCB1E299}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Microsoft\Babylon
Key Deleted : HKCU\Software\BS_Player_B2
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player
Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player_B2
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SoftwareUpdater
Key Deleted : HKLM\Software\BS_Player
Key Deleted : HKLM\Software\BS_Player_B2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player_B2 Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\wnlt
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16506

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.Old.Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v24.0 (cs)

[ File : C:\Users\Petulka\AppData\Roaming\Mozilla\Firefox\Profiles\nls2mixc.default-1380380764702\prefs.js ]

*************************

AdwCleaner[R0].txt - [13733 octets] - [02/10/2013 20:33:42]
AdwCleaner[S0].txt - [12985 octets] - [02/10/2013 20:34:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13046 octets] ##########

#7 Příspěvek od **vyosek** » 02 říj 2013 19:43

Poprosim o log z FRSTL http://forum.viry.cz/viewtopic.php?f=13&t=133100

Petulka90 · #8 Příspěvek od **Petulka90** » 02 říj 2013 20:27

taaaak frstl:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Petulka (administrator) on PETULKA-PC on 02-10-2013 21:18:37
Running from C:\Users\Petulka\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
(Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
() c:\programdata\summersoft\ss u helper\ss u helper.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
( ) C:\Program Files (x86)\LockKey\LockKey.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331_STI.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [564352 2011-12-15] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2809856 2012-01-16] (ELAN Microelectronics Corp.)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6199128 2012-06-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] - c:\program files (x86)\lenovo\energy management\energy management.exe [8079408 2012-06-14] (Lenovo (Beijing) Limited)
HKLM\...\Run: [AthBtTray] - c:\program files (x86)\bluetooth suite\athbttray.exe [657568 2012-02-10] (Atheros Commnucations)
HKLM\...\Run: [Lenovo EE Boot Optimizer] - c:\program files (x86)\lenovo\boot optimizer\popwnd.exe [206176 2012-06-14] (Lenovo)
HKLM\...\Run: [AtherosBtStack] - c:\program files (x86)\bluetooth suite\btvstack.exe [792224 2012-02-10] (Atheros Communications)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [EPSON SX420W Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE /FU "C:\Windows\TEMP\E_S208A.tmp" /EF "HKCU"
HKCU\...\Run: [EPSON SX420W Series (kopie 1)] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE /FU "C:\Windows\TEMP\E_S8EE6.tmp" /EF "HKCU"
HKCU\...\Run: [Sony PC Companion] - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony)
MountPoints2: {be1cc7c9-023a-11e2-a7d5-74e543339aff} - E:\Startme.exe
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [LockKey] - C:\Program Files (x86)\LockKey\LockKey.exe [337776 2011-08-26] ( )
HKLM-x32\...\Run: [331BigDog] - C:\Program Files (x86)\USB Camera\VM331_STI.EXE [548864 2011-11-24] (Vimicro)
HKLM-x32\...\Run: [Lenovo Registration] - C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2012-01-26] (Lenovo, Inc.)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-14] (CyberLink Corp.)
HKLM-x32\...\Run: [AVG_TRAY] - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [YouCam Tray] - c:\program files (x86)\lenovo\youcam\youcam.exe [228448 2011-01-29] (CyberLink Corp.)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [IObit Malware Fighter] - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1515328 2013-06-14] (IObit)
HKU\Default\...\RunOnce: [Lenovo.ShowBand] - C:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe [156000 2012-05-16] (Lenovo)
HKU\Default User\...\RunOnce: [Lenovo.ShowBand] - C:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe [156000 2012-05-16] (Lenovo)
HKU\TEMP\...\RunOnce: [Lenovo.ShowBand] - C:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe [156000 2012-05-16] (Lenovo)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [260928 2012-02-23] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll [215360 2012-02-23] (NVIDIA Corporation)
BootExecute: autocheck autochk * SmartDefragBootTime.exe

==================== Internet (Whitelisted) ====================

URLSearchHook: (No Name) - {a8625cb7-85fe-4936-92a4-b2a7c925209e} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.funmoods.com/results.php?f ... r=49311142
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
SearchScopes: HKLM-x32 - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search
SearchScopes: HKCU - Backup.Old.DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Toolbar BHO - {7c8f8fe5-9785-4f74-bcf8-895ef9752d97} - C:\PROGRA~2\GAMING~2\bar\1.bin\gtbar.dll No File
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Petulka\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll No File
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Petulka\AppData\Roaming\Mozilla\Firefox\Profiles\nls2mixc.default-1380380764702
FF NewTab: hxxp://www.searchgol.com/?babsrc=NT_ss&mntrId= ... 0&tsp=5023
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @GamingWonderland.com/Plugin - C:\Program Files (x86)\GamingWonderland\bar\1.bin\NPgtStub.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2321560 2012-12-05] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [5174392 2012-11-02] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
S4 DamageGuardSvc; C:\Program Files\Lenovo\Instant Reset\DamageGuardSvc.exe [572976 2012-03-26] (Lenovo (Beijing) Limited)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [335168 2013-04-25] (IObit)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [625816 2012-06-22] (Pandora.TV)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-02-10] (Atheros)
S2 vToolbarUpdater17.0.12; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [x]

==================== Drivers (Whitelisted) ====================

R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [48992 2011-05-23] (AVG Technologies CZ, s.r.o.)
R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [127328 2012-12-10] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [28480 2012-04-19] (AVG Technologies CZ, s.r.o. )
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [307040 2012-11-08] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [384800 2013-04-11] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-10-01] (AVG Technologies)
R3 BthMtpEnum; C:\Windows\System32\DRIVERS\BthMtpEnum.sys [64512 2009-07-14] (Microsoft Corporation)
S4 DamageGuard; C:\Windows\System32\DRIVERS\DamageGuardX64.sys [217392 2012-02-11] (Lenovo)
S4 dgFltr; C:\Windows\System32\drivers\dgFltrX64.sys [23648 2011-12-13] (Lenovo)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34336 2013-03-26] (IObit.com)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34336 2013-03-26] (IObit.com)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2013-05-22] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2012-11-08] (Duplex Secure Ltd.)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-03-26] (IObit.com)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-03-26] (IObit.com)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [952832 2011-12-06] (Vimicro Corporation)
U3 AppMgmt;
U3 BcmSqlStartupSvc;
U2 CLKMSVC10_3A60B698;
U2 CLKMSVC10_C3B3B687;
S3 cpuz134; No ImagePath
U2 CscService;
U2 DriverService;
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
U2 iATAgentService;
U2 idealife Update Service;
U3 IGRS;
U2 IviRegMgr;
U2 Oasis2Service;
U2 PCCarerService;
U3 PeerDistSvc;
U2 ReadyComm.DirectRouter;
U2 RichVideo;
U2 RtLedService;
U2 SeaPort;
U2 SoftwareService;
U3 SQLWriter;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-10-02 21:18 - 2013-10-02 21:18 - 00000000 ____D C:\FRST
2013-10-02 21:16 - 2013-10-02 21:17 - 00000000 _____ C:\Users\Petulka\Desktop\FRSTLauncher.exe
2013-10-02 21:13 - 2013-10-02 21:16 - 01954124 _____ (Farbar) C:\Users\Petulka\Desktop\FRST64.exe
2013-10-02 20:33 - 2013-10-02 20:34 - 00000000 ____D C:\AdwCleaner
2013-10-02 20:31 - 2013-10-02 20:31 - 00031917 _____ C:\Users\Petulka\Desktop\JRT.txt
2013-10-02 19:37 - 2013-10-02 19:37 - 00000000 ____D C:\Windows\ERUNT
2013-10-02 19:36 - 2013-10-02 19:36 - 01045226 _____ C:\Users\Petulka\Desktop\adwcleaner.exe
2013-10-02 19:32 - 2013-10-02 19:36 - 01030305 _____ (Thisisu) C:\Users\Petulka\Desktop\JRT.exe
2013-10-02 12:27 - 2013-10-02 19:19 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-10-02 12:27 - 2013-10-02 12:27 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-10-02 12:27 - 2013-10-02 12:27 - 00000085 _____ C:\Windows\wininit.ini
2013-10-02 12:14 - 2013-10-02 12:19 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-02 12:14 - 2013-10-02 12:14 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-10-02 11:09 - 2013-10-02 20:36 - 00000464 ____H C:\Windows\Tasks\ss u helper-S-5429646244.job
2013-10-02 11:09 - 2013-10-02 11:15 - 00002710 _____ C:\Windows\System32\Tasks\ss u helper-S-5429646244
2013-10-02 10:57 - 2013-10-02 10:58 - 00000000 ____D C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ
2013-10-02 10:45 - 2013-10-02 10:46 - 00000000 ____D C:\Users\Petulka\AppData\Roaming\SimpleFiles
2013-10-02 09:33 - 2013-10-02 09:33 - 00000000 _____ C:\autoexec.bat
2013-10-02 09:32 - 2013-10-02 09:32 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-10-02 09:31 - 2013-10-02 11:17 - 00000000 ____D C:\Windows\037F8C0EE8E1408FABB4FC4ABF947E1B.TMP
2013-10-01 14:32 - 2013-10-01 14:32 - 00003154 _____ C:\Windows\System32\Tasks\{7F42DFDD-3BE3-496D-BB0C-69EC2817B960}
2013-10-01 13:56 - 2013-10-02 20:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-30 19:31 - 2013-09-30 19:34 - 00000000 ____D C:\Users\Petulka\AppData\Roaming\IrfanView
2013-09-30 15:15 - 2013-09-30 15:15 - 01855072 _____ (Irfan Skiljan) C:\Users\Petulka\Desktop\iview436_setup.exe
2013-09-30 11:48 - 2013-09-30 11:49 - 00287984 _____ C:\Windows\Minidump\093013-21013-01.dmp
2013-09-30 11:48 - 2013-09-30 11:48 - 455655883 _____ C:\Windows\MEMORY.DMP
2013-09-29 08:41 - 2013-10-02 20:36 - 00002472 _____ C:\Windows\setupact.log
2013-09-29 08:41 - 2013-10-02 12:30 - 00008308 _____ C:\Windows\PFRO.log
2013-09-29 08:41 - 2013-09-29 08:41 - 00000000 _____ C:\Windows\setuperr.log
2013-09-28 23:02 - 2013-09-28 23:02 - 00000000 ____D C:\Users\Petulka\Downloads\Rich Media Downloader
2013-09-28 18:52 - 2013-10-01 23:56 - 00003700 _____ C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2013-09-28 18:20 - 2013-09-28 23:03 - 00000000 ____D C:\Users\Petulka\AppData\Roaming\Radiocom
2013-09-28 18:20 - 2013-09-28 18:20 - 00000000 ____D C:\Users\Petulka\RichMedia
2013-09-28 18:19 - 2013-09-28 23:03 - 00000000 ____D C:\Users\Petulka\Radiocom
2013-09-28 18:19 - 2013-09-28 18:19 - 00002776 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-28 18:19 - 2013-09-28 18:19 - 00000833 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-28 18:19 - 2013-09-28 18:19 - 00000000 ____D C:\Program Files\CCleaner
2013-09-28 18:02 - 2013-10-02 20:42 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-28 18:02 - 2013-09-28 18:02 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-28 18:02 - 2013-09-28 18:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-28 18:02 - 2013-09-28 18:02 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-28 17:49 - 2013-09-28 17:49 - 00000000 ____D C:\Users\Petulka\AppData\Roaming\TuneUp Software
2013-09-27 21:05 - 2013-09-28 14:53 - 00006930 _____ C:\Users\Petulka\Documents\dětský pokoj.rap
2013-09-27 13:29 - 2013-09-27 13:29 - 00000000 __SHD C:\found.001
2013-09-27 13:18 - 2013-09-28 03:47 - 00000000 ___RD C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-27 13:18 - 2013-09-28 03:47 - 00000000 ___RD C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-27 13:18 - 2013-03-13 23:01 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\IObit
2013-09-27 13:18 - 2013-01-31 13:55 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\TuneUp Software
2013-09-27 13:18 - 2012-10-09 19:09 - 00000000 ____D C:\Users\TEMP\AppData\Local\Microsoft Help
2013-09-27 13:18 - 2012-06-14 23:25 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Macromedia
2013-09-27 13:18 - 2010-12-19 07:31 - 00000189 _____ C:\Users\TEMP\Desktop\Lenovo Telephony Start Now.url
2013-09-26 23:30 - 2013-09-30 15:04 - 00000000 ____D C:\Users\Petulka\Desktop\co vyrobí
2013-09-23 23:18 - 2013-09-29 18:33 - 00000000 ____D C:\Users\Petulka\AppData\Local\Room Arranger
2013-09-23 19:14 - 2013-09-23 23:18 - 00000000 ____D C:\Users\Petulka\Documents\Room Arranger
2013-09-23 19:14 - 2013-09-23 19:14 - 00001041 _____ C:\Users\Public\Desktop\Room Arranger.lnk
2013-09-23 19:14 - 2013-09-23 19:14 - 00000000 ____D C:\ProgramData\Room Arranger
2013-09-23 19:14 - 2013-09-23 19:14 - 00000000 ____D C:\Program Files (x86)\Room Arranger
2013-09-21 15:59 - 2013-09-21 16:00 - 00000000 ____D C:\Users\Petulka\AppData\Roaming\northern_tale_2
2013-09-21 15:59 - 2013-09-21 15:59 - 00000000 ____D C:\Users\Petulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Northern Tale 2
2013-09-21 15:15 - 2013-09-21 15:15 - 00003230 _____ C:\Windows\System32\Tasks\{241886BE-D3E7-40F2-95D3-97D7DB8DDD1B}
2013-09-21 14:58 - 2013-09-21 14:58 - 00003208 _____ C:\Windows\System32\Tasks\{7D923AF7-B176-4E1C-9C94-DB88DF87357F}
2013-09-21 14:55 - 2013-09-21 14:55 - 00000000 ____D C:\Windows\Ubisoft
2013-09-20 21:28 - 2013-09-20 21:28 - 00000000 ____D C:\Program Files (x86)\directx
2013-09-20 20:12 - 2013-09-21 15:30 - 00000000 ____D C:\Program Files (x86)\Ubi Soft
2013-09-20 14:29 - 2013-09-20 14:29 - 00000000 ____D C:\Users\Petulka\AppData\Roaming\Playrix Entertainment
2013-09-19 21:18 - 2013-09-19 21:18 - 03723656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-09-19 14:40 - 2013-10-02 11:10 - 00000000 ____D C:\ProgramData\SummerSoft
2013-09-18 21:02 - 2013-09-18 21:02 - 00000000 ____D C:\Users\Public\Documents\Seppia
2013-09-18 20:59 - 2013-10-02 11:15 - 00000000 ____D C:\ProgramData\InstallMate
2013-09-18 00:30 - 2013-09-18 00:30 - 00000000 ____D C:\Users\Petulka\AppData\Roaming\Artifex Mundi
2013-09-16 17:39 - 2013-09-16 17:39 - 82292736 _____ C:\Windows\system32\config\software.iobit
2013-09-16 17:39 - 2013-09-16 17:39 - 19857408 _____ C:\Windows\system32\config\system.iobit
2013-09-16 17:39 - 2013-09-16 17:39 - 00311296 _____ C:\Windows\system32\config\default.iobit
2013-09-16 17:39 - 2013-09-16 17:39 - 00061440 _____ C:\Windows\system32\config\sam.iobit
2013-09-16 17:39 - 2013-09-16 17:39 - 00032768 _____ C:\Windows\system32\config\security.iobit
2013-09-12 19:46 - 2013-09-22 23:02 - 00011656 _____ C:\Users\Petulka\Desktop\rozvhr.xlsx
2013-09-11 23:08 - 2013-07-31 16:17 - 17833472 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 23:08 - 2013-07-31 15:42 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 23:08 - 2013-07-31 15:29 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 23:08 - 2013-07-31 15:20 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 23:08 - 2013-07-31 15:19 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 23:08 - 2013-07-31 15:18 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-11 23:08 - 2013-07-31 15:17 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-11 23:08 - 2013-07-31 15:16 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 23:08 - 2013-07-31 15:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-11 23:08 - 2013-07-31 15:13 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 23:08 - 2013-07-31 15:13 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-11 23:08 - 2013-07-31 15:11 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 23:08 - 2013-07-31 15:11 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 23:08 - 2013-07-31 15:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-11 23:08 - 2013-07-31 15:08 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 23:08 - 2013-07-31 15:05 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-11 23:08 - 2013-07-31 12:30 - 12335104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-11 23:08 - 2013-07-31 12:05 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-11 23:08 - 2013-07-31 12:00 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-11 23:08 - 2013-07-31 11:53 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-11 23:08 - 2013-07-31 11:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-09-11 23:08 - 2013-07-31 11:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-11 23:08 - 2013-07-31 11:51 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-09-11 23:08 - 2013-07-31 11:49 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-11 23:08 - 2013-07-31 11:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-11 23:08 - 2013-07-31 11:48 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-09-11 23:08 - 2013-07-31 11:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-09-11 23:08 - 2013-07-31 11:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-11 23:08 - 2013-07-31 11:46 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-11 23:08 - 2013-07-31 11:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-11 23:08 - 2013-07-31 11:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-09-11 23:08 - 2013-07-31 11:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-11 21:57 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 21:57 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 21:57 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 21:57 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-11 21:43 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 21:39 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 21:39 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-11 21:39 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-11 21:39 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-11 21:39 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-11 21:39 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-11 21:39 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 21:39 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-11 21:39 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 21:39 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 21:39 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 21:39 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-11 21:39 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-11 21:39 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 21:39 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-11 21:39 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 21:39 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 21:39 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-11 21:39 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-11 21:39 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-11 21:39 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-11 21:39 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-11 21:39 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 21:39 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-09 16:50 - 2013-09-12 15:37 - 00000000 ____D C:\Users\Petulka\Documents\my farm life 2
2013-09-09 13:36 - 2013-09-09 13:39 - 00000000 ____D C:\ProgramData\OrganicCoffee
2013-09-09 11:54 - 2013-09-12 20:17 - 00003072 _____ C:\Users\Petulka\AppData\Local\file__0.localstorage
2013-09-09 11:54 - 2013-09-09 13:00 - 00003072 _____ C:\Users\Petulka\AppData\Local\https_drm.youdagames.com_0.localstorage
2013-09-09 11:54 - 2013-09-09 12:14 - 00000000 ____D C:\Program Files (x86)\Youdagames
2013-09-09 11:54 - 2013-09-09 11:54 - 00000000 ____D C:\ProgramData\Youdagames
2013-09-08 23:42 - 2013-09-21 16:17 - 00000000 ____D C:\Users\Petulka\Desktop\youda games
2013-09-06 22:59 - 2013-09-06 23:15 - 70565864 _____ C:\Users\Petulka\Downloads\Asijina-volba---serial-Turecko-2012---diel-01.avi
2013-09-04 02:20 - 2013-09-04 02:21 - 00000000 ____D C:\Users\Petulka\AppData\Roaming\SpeedAnalysis3

==================== One Month Modified Files and Folders =======

2013-10-02 21:18 - 2013-10-02 21:18 - 00000000 ____D C:\FRST
2013-10-02 21:18 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-02 21:18 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-02 21:17 - 2013-10-02 21:16 - 00000000 _____ C:\Users\Petulka\Desktop\FRSTLauncher.exe
2013-10-02 21:17 - 2012-06-14 22:35 - 01489079 _____ C:\Windows\WindowsUpdate.log
2013-10-02 21:16 - 2013-10-02 21:13 - 01954124 _____ (Farbar) C:\Users\Petulka\Desktop\FRST64.exe
2013-10-02 21:14 - 2013-01-12 14:28 - 00000000 ___RD C:\Users\Petulka\Desktop\systém
2013-10-02 20:55 - 2012-10-08 20:55 - 00000268 _____ C:\Windows\Tasks\AutoKMS.job
2013-10-02 20:42 - 2013-09-28 18:02 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-02 20:37 - 2013-01-13 14:35 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-10-02 20:37 - 2012-06-14 23:26 - 00329514 _____ C:\Windows\system32\fastboot.set
2013-10-02 20:36 - 2013-10-02 11:09 - 00000464 ____H C:\Windows\Tasks\ss u helper-S-5429646244.job
2013-10-02 20:36 - 2013-09-29 08:41 - 00002472 _____ C:\Windows\setupact.log
2013-10-02 20:36 - 2013-06-07 19:55 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
2013-10-02 20:36 - 2013-06-05 01:25 - 00248826 _____ C:\FaceProv.log
2013-10-02 20:36 - 2013-06-02 23:10 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2013-10-02 20:36 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-02 20:34 - 2013-10-02 20:33 - 00000000 ____D C:\AdwCleaner
2013-10-02 20:34 - 2013-10-01 13:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-02 20:31 - 2013-10-02 20:31 - 00031917 _____ C:\Users\Petulka\Desktop\JRT.txt
2013-10-02 20:31 - 2013-05-08 09:24 - 00001158 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-02 20:31 - 2012-08-27 17:31 - 00001400 _____ C:\Users\Petulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-10-02 20:31 - 2012-08-27 17:31 - 00001251 _____ C:\Users\Petulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-02 19:57 - 2012-11-06 09:23 - 00000000 ____D C:\Windows\system32\Drivers\AVG
2013-10-02 19:37 - 2013-10-02 19:37 - 00000000 ____D C:\Windows\ERUNT
2013-10-02 19:36 - 2013-10-02 19:36 - 01045226 _____ C:\Users\Petulka\Desktop\adwcleaner.exe
2013-10-02 19:36 - 2013-10-02 19:32 - 01030305 _____ (Thisisu) C:\Users\Petulka\Desktop\JRT.exe
2013-10-02 19:19 - 2013-10-02 12:27 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-10-02 17:17 - 2012-06-14 22:20 - 00666672 _____ C:\Windows\system32\perfh005.dat
2013-10-02 17:17 - 2012-06-14 22:20 - 00140336 _____ C:\Windows\system32\perfc005.dat
2013-10-02 17:17 - 2009-07-14 07:13 - 01577482 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-02 12:30 - 2013-09-29 08:41 - 00008308 _____ C:\Windows\PFRO.log
2013-10-02 12:27 - 2013-10-02 12:27 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-10-02 12:27 - 2013-10-02 12:27 - 00000085 _____ C:\Windows\wininit.ini
2013-10-02 12:19 - 2013-10-02 12:14 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-02 12:14 - 2013-10-02 12:14 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-10-02 11:17 - 2013-10-02 09:31 - 00000000 ____D C:\Windows\037F8C0EE8E1408FABB4FC4ABF947E1B.TMP
2013-10-02 11:15 - 2013-10-02 11:09 - 00002710 _____ C:\Windows\System32\Tasks\ss u helper-S-5429646244
2013-10-02 11:15 - 2013-09-18 20:59 - 00000000 ____D C:\ProgramData\InstallMate
2013-10-02 11:15 - 2012-08-27 21:47 - 00000000 ____D C:\Users\Petulka\AppData\Local\CrashDumps
2013-10-02 11:10 - 2013-09-19 14:40 - 00000000 ____D C:\ProgramData\SummerSoft
2013-10-02 10:58 - 2013-10-02 10:57 - 00000000 ____D C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ
2013-10-02 10:46 - 2013-10-02 10:45 - 00000000 ____D C:\Users\Petulka\AppData\Roaming\SimpleFiles
2013-10-02 09:33 - 2013-10-02 09:33 - 00000000 _____ C:\autoexec.bat
2013-10-02 09:32 - 2013-10-02 09:32 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-10-02 09:24 - 2013-05-08 09:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-01 23:56 - 2013-09-28 18:52 - 00003700 _____ C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2013-10-01 23:56 - 2012-11-06 09:25 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2013-10-01 14:32 - 2013-10-01 14:32 - 00003154 _____ C:\Windows\System32\Tasks\{7F42DFDD-3BE3-496D-BB0C-69EC2817B960}
2013-10-01 13:58 - 2012-11-06 22:02 - 00000000 ____D C:\Users\Petulka\AppData\Local\Mozilla
2013-10-01 09:30 - 2013-01-14 18:08 - 00000000 ____D C:\Users\Petulka\Desktop\zoo
2013-09-30 19:34 - 2013-09-30 19:31 - 00000000 ____D C:\Users\Petulka\AppData\Roaming\IrfanView
2013-09-30 19:07 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-09-30 15:24 - 2012-09-17 09:50 - 00000000 ____D C:\Users\Petulka\Desktop\škola
2013-09-30 15:15 - 2013-09-30 15:15 - 01855072 _____ (Irfan Skiljan) C:\Users\Petulka\Desktop\iview436_setup.exe
2013-09-30 15:04 - 2013-09-26 23:30 - 00000000 ____D C:\Users\Petulka\Desktop\co vyrobí
2013-09-30 11:49 - 2013-09-30 11:48 - 00287984 _____ C:\Windows\Minidump\093013-21013-01.dmp
2013-09-30 11:48 - 2013-09-30 11:48 - 455655883 _____ C:\Windows\MEMORY.DMP
2013-09-30 11:48 - 2012-11-12 15:08 - 00000000 ____D C:\Windows\Minidump
2013-09-29 21:34 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-29 18:33 - 2013-09-23 23:18 - 00000000 ____D C:\Users\Petulka\AppData\Local\Room Arranger
2013-09-29 08:41 - 2013-09-29 08:41 - 00000000 _____ C:\Windows\setuperr.log
2013-09-28 23:03 - 2013-09-28 18:20 - 00000000 ____D C:\Users\Petulka\AppData\Roaming\Radiocom
2013-09-28 23:03 - 2013-09-28 18:19 - 00000000 ____D C:\Users\Petulka\Radiocom
2013-09-28 23:02 - 2013-09-28 23:02 - 00000000 ____D C:\Users\Petulka\Downloads\Rich Media Downloader
2013-09-28 18:20 - 2013-09-28 18:20 - 00000000 ____D C:\Users\Petulka\RichMedia
2013-09-28 18:20 - 2012-08-27 17:25 - 00000000 ____D C:\Users\Petulka
2013-09-28 18:19 - 2013-09-28 18:19 - 00002776 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-28 18:19 - 2013-09-28 18:19 - 00000833 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-28 18:19 - 2013-09-28 18:19 - 00000000 ____D C:\Program Files\CCleaner
2013-09-28 18:11 - 2012-08-27 17:35 - 00000000 ____D C:\Users\Petulka\AppData\Local\Adobe
2013-09-28 18:02 - 2013-09-28 18:02 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-28 18:02 - 2013-09-28 18:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-28 18:02 - 2013-09-28 18:02 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-28 17:49 - 2013-09-28 17:49 - 00000000 ____D C:\Users\Petulka\AppData\Roaming\TuneUp Software
2013-09-28 14:53 - 2013-09-27 21:05 - 00006930 _____ C:\Users\Petulka\Documents\dětský pokoj.rap
2013-09-28 12:13 - 2012-06-14 23:23 - 00000000 ____D C:\ProgramData\VeriFace
2013-09-28 03:47 - 2013-09-27 13:18 - 00000000 ___RD C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-28 03:47 - 2013-09-27 13:18 - 00000000 ___RD C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-28 03:47 - 2012-08-27 17:25 - 00000000 ____D C:\Users\Petulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2013-09-28 03:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-09-27 13:29 - 2013-09-27 13:29 - 00000000 __SHD C:\found.001
2013-09-24 09:09 - 2012-08-27 19:58 - 00000000 ____D C:\Users\Petulka\Desktop\filmečky
2013-09-23 23:18 - 2013-09-23 19:14 - 00000000 ____D C:\Users\Petulka\Documents\Room Arranger
2013-09-23 19:14 - 2013-09-23 19:14 - 00001041 _____ C:\Users\Public\Desktop\Room Arranger.lnk
2013-09-23 19:14 - 2013-09-23 19:14 - 00000000 ____D C:\ProgramData\Room Arranger
2013-09-23 19:14 - 2013-09-23 19:14 - 00000000 ____D C:\Program Files (x86)\Room Arranger
2013-09-22 23:02 - 2013-09-12 19:46 - 00011656 _____ C:\Users\Petulka\Desktop\rozvhr.xlsx
2013-09-22 10:37 - 2012-08-27 18:08 - 00000000 ____D C:\Windows\System32\Tasks\Games
2013-09-21 16:17 - 2013-09-08 23:42 - 00000000 ____D C:\Users\Petulka\Desktop\youda games
2013-09-21 16:00 - 2013-09-21 15:59 - 00000000 ____D C:\Users\Petulka\AppData\Roaming\northern_tale_2
2013-09-21 15:59 - 2013-09-21 15:59 - 00000000 ____D C:\Users\Petulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Northern Tale 2
2013-09-21 15:55 - 2012-12-25 17:06 - 00000000 ____D C:\Program Files (x86)\LeeGT-Games
2013-09-21 15:30 - 2013-09-20 20:12 - 00000000 ____D C:\Program Files (x86)\Ubi Soft
2013-09-21 15:15 - 2013-09-21 15:15 - 00003230 _____ C:\Windows\System32\Tasks\{241886BE-D3E7-40F2-95D3-97D7DB8DDD1B}
2013-09-21 14:58 - 2013-09-21 14:58 - 00003208 _____ C:\Windows\System32\Tasks\{7D923AF7-B176-4E1C-9C94-DB88DF87357F}
2013-09-21 14:55 - 2013-09-21 14:55 - 00000000 ____D C:\Windows\Ubisoft
2013-09-21 14:51 - 2012-10-24 23:40 - 00000000 ____D C:\Users\Petulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-09-20 21:28 - 2013-09-20 21:28 - 00000000 ____D C:\Program Files (x86)\directx
2013-09-20 14:29 - 2013-09-20 14:29 - 00000000 ____D C:\Users\Petulka\AppData\Roaming\Playrix Entertainment
2013-09-20 10:09 - 2013-06-11 19:06 - 00000000 ____D C:\Users\Petulka\Desktop\Financování-podniku---cvičení
2013-09-20 10:09 - 2013-01-12 14:30 - 00000000 ____D C:\Users\Petulka\Desktop\fotky, obrázky
2013-09-19 21:18 - 2013-09-19 21:18 - 03723656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-09-19 09:38 - 2012-06-14 22:41 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-09-18 21:02 - 2013-09-18 21:02 - 00000000 ____D C:\Users\Public\Documents\Seppia
2013-09-18 21:02 - 2012-09-13 13:06 - 00000000 ____D C:\games
2013-09-18 00:30 - 2013-09-18 00:30 - 00000000 ____D C:\Users\Petulka\AppData\Roaming\Artifex Mundi
2013-09-17 19:59 - 2009-07-14 07:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-17 10:58 - 2012-08-29 21:26 - 00000000 ____D C:\Users\Petulka\Desktop\hudba
2013-09-16 17:39 - 2013-09-16 17:39 - 82292736 _____ C:\Windows\system32\config\software.iobit
2013-09-16 17:39 - 2013-09-16 17:39 - 19857408 _____ C:\Windows\system32\config\system.iobit
2013-09-16 17:39 - 2013-09-16 17:39 - 00311296 _____ C:\Windows\system32\config\default.iobit
2013-09-16 17:39 - 2013-09-16 17:39 - 00061440 _____ C:\Windows\system32\config\sam.iobit
2013-09-16 17:39 - 2013-09-16 17:39 - 00032768 _____ C:\Windows\system32\config\security.iobit
2013-09-13 12:44 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-12 20:17 - 2013-09-09 11:54 - 00003072 _____ C:\Users\Petulka\AppData\Local\file__0.localstorage
2013-09-12 20:17 - 2013-04-20 20:27 - 00000000 ____D C:\Users\Petulka\AppData\Roaming\AlawarEntertainment
2013-09-12 15:37 - 2013-09-09 16:50 - 00000000 ____D C:\Users\Petulka\Documents\my farm life 2
2013-09-12 08:11 - 2012-08-27 17:31 - 00000000 ___RD C:\Users\Petulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-12 08:11 - 2012-08-27 17:31 - 00000000 ___RD C:\Users\Petulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-12 08:09 - 2009-07-14 06:45 - 00429152 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-11 23:13 - 2013-07-31 00:05 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 23:13 - 2012-09-19 14:24 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-11 23:10 - 2012-08-28 17:43 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-09 16:48 - 2012-11-28 20:21 - 00000000 ____D C:\Users\Petulka\AppData\Roaming\aliasworlds
2013-09-09 13:39 - 2013-09-09 13:36 - 00000000 ____D C:\ProgramData\OrganicCoffee
2013-09-09 13:00 - 2013-09-09 11:54 - 00003072 _____ C:\Users\Petulka\AppData\Local\https_drm.youdagames.com_0.localstorage
2013-09-09 12:14 - 2013-09-09 11:54 - 00000000 ____D C:\Program Files (x86)\Youdagames
2013-09-09 12:14 - 2012-09-13 13:40 - 00000000 ____D C:\Users\Petulka\AppData\Roaming\YoudaGames
2013-09-09 11:54 - 2013-09-09 11:54 - 00000000 ____D C:\ProgramData\Youdagames
2013-09-06 23:15 - 2013-09-06 22:59 - 70565864 _____ C:\Users\Petulka\Downloads\Asijina-volba---serial-Turecko-2012---diel-01.avi
2013-09-04 02:21 - 2013-09-04 02:20 - 00000000 ____D C:\Users\Petulka\AppData\Roaming\SpeedAnalysis3
2013-09-03 13:28 - 2012-08-27 17:31 - 00000000 ____D C:\Users\Petulka\AppData\Roaming\Atheros
2013-09-02 21:11 - 2012-08-27 17:32 - 00000000 ____D C:\Users\Petulka\Documents\Bluetooth Folder

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.3464.dll

Some content of TEMP:
====================
C:\Users\Petulka\AppData\Local\Temp\KMP_3.7.0.109.exe
C:\Users\Petulka\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-10-01 14:50

==================== End Of Log ============================

#9 Příspěvek od **vyosek** » 02 říj 2013 20:57

Nejak se nam neprovedly funkce modifikacniho skriptu pres FRSTL ale nevadi, poprosim jeste tedy o RSIT http://forum.viry.cz/viewtopic.php?f=24&t=130784

Petulka90 · #10 Příspěvek od **Petulka90** » 02 říj 2013 21:54

Logfile of random's system information tool 1.09 (written by random/random)
Run by Petulka at 2013-10-02 22:52:36
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 291 GB (43%) free of 669 GB
Total RAM: 3996 MB (24% free)

HijackThis download failed

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
taskeng.exe {06375660-CFC1-4CCD-9B30-34F1129DD7ED}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe" -service
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe"
C:\Windows\system32\CxAudMsg64.exe
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE"
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgemca.exe"
taskeng.exe {3B02CD77-CB04-4933-A6A7-30376F356F52}
"c:\programdata\summersoft\ss u helper\ss u helper.exe" /schedule /profile "c:\programdata\summersoft\ss u helper\5429646244.ini"
"C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe" /STARTUP
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=5d5b532a-bc02-4908-9d98-d709c2a12069 /coreSdkOptions=30 /logConfFile="C:\ProgramData\AVG2012\temp\2b6adc13-54b7-4b16-8453-c6136dcc7537-bc0-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
taskeng.exe {754190A9-F9AA-4B0D-A535-9698BA760612}
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\igfxtray.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=e8474e57-d96a-4e3d-ad0e-ca42e2ce962a /coreSdkOptions=18 /logConfFile="C:\ProgramData\AVG2012\temp\8ac88570-4660-4179-9a3e-b55f136b3143-a88-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\LockKey\LockKey.exe"
"C:\Program Files (x86)\USB Camera\VM331_STI.EXE"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
"C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /systemstart /autostart
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 6732
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=1056.152fca00.1708198625 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 1056 "\\.\pipe\gecko-crash-server-pipe.1056" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe" --proxy-stub-channel=Flash6024.6D2EF308.16043 --host-broker-channel=Flash6024.6D2EF308.8170 --host-pid=6024 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe" --channel=6524.003FF2B0.1193305027 --proxy-stub-channel=Flash6024.6D2EF308.16043 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll" --host-npapi-version=27 --type=renderer
"C:\Windows\system32\calc.exe"
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe11_ Global\UsGthrCtrlFltPipeMssGthrPipe11 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Petulka\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Windows\system32\rundll32.exe" "C:\Windows\syswow64\WININET.dll",DispatchAPICall 1

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
C:\Windows\tasks\ss u helper-S-5429646244.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Petulka\AppData\Roaming\Mozilla\Firefox\Profiles\nls2mixc.default-1380380764702

prefs.js - "browser.search.useDBForOrder" - true

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.168 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@GamingWonderland.com/Plugin]
"Description"=GamingWonderland Plugin
"Path"=C:\Program Files (x86)\GamingWonderland\bar\1.bin\NPgtStub.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.168 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\plugins\
nppluginrichmediaplayer.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]
AVG Do Not Track - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll [2012-10-15 1393272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7c8f8fe5-9785-4f74-bcf8-895ef9752d97}]
Toolbar BHO - C:\PROGRA~2\GAMING~2\bar\1.bin\gtbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-02-10 64672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}]
Rich Media Downloader - C:\Users\Petulka\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-03-02 170264]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-03-02 398616]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-03-02 440600]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2011-12-15 564352]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-01-16 2809856]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-06-14 6199128]
"Energy Management"=c:\program files (x86)\lenovo\energy management\energy management.exe [2012-06-14 8079408]
"AthBtTray"=c:\program files (x86)\bluetooth suite\athbttray.exe [2012-02-10 657568]
"Lenovo EE Boot Optimizer"=c:\program files (x86)\lenovo\boot optimizer\popwnd.exe [2012-06-14 206176]
"AtherosBtStack"=c:\program files (x86)\bluetooth suite\btvstack.exe [2012-02-10 792224]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe []
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"EPSON SX420W Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE [2009-09-14 224768]
"EPSON SX420W Series (kopie 1)"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE [2009-09-14 224768]
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2013-05-29 449248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtherosBtStack]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dolby Advanced Audio v2]
c:\program files (x86)\dolby advanced audio v2\pcee4.exe [2011-12-21 507744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Energy Management]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
c:\program files (x86)\intel\intel(r) rapid storage technology\iastoricon.exe [2011-11-30 284440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lenovo EE Boot Optimizer]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SugarSync]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeriFaceManager]
c:\program files (x86)\lenovo\veriface\pmanage.exe [2012-06-14 329056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
c:\program files (x86)\avg secure search\vprot.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Tray]
[]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-02-27 291608]
"LockKey"=C:\Program Files (x86)\LockKey\LockKey.exe [2011-08-26 337776]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331_STI.EXE [2011-11-24 548864]
"Lenovo Registration"=C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [2012-01-26 4351712]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29 136488]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2010-07-27 222504]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-14 222504]
"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2012-11-19 2598520]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"YouCam Tray"=c:\program files (x86)\lenovo\youcam\youcam.exe [2011-01-29 228448]
"EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2009-12-03 976320]
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2013-06-14 1515328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-02-17 430080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-10-02 22:52:36 ----D---- C:\rsit
2013-10-02 22:52:36 ----D---- C:\Program Files\trend micro
2013-10-02 21:18:21 ----D---- C:\FRST
2013-10-02 20:33:27 ----D---- C:\AdwCleaner
2013-10-02 19:37:10 ----D---- C:\Windows\ERUNT
2013-10-02 12:27:22 ----A---- C:\Windows\wininit.ini
2013-10-02 12:27:11 ----A---- C:\Windows\system32\drivers\stflt.sys
2013-10-02 12:27:03 ----D---- C:\Program Files (x86)\Spyware Terminator
2013-10-02 12:14:36 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-10-02 10:57:03 ----AD---- C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ
2013-10-02 10:45:37 ----D---- C:\Users\Petulka\AppData\Roaming\SimpleFiles
2013-10-02 09:33:52 ----A---- C:\autoexec.bat
2013-10-02 09:32:59 ----D---- C:\Program Files\Enigma Software Group
2013-10-02 09:31:08 ----D---- C:\Windows\037F8C0EE8E1408FABB4FC4ABF947E1B.TMP
2013-10-01 13:56:34 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-09-30 19:31:53 ----D---- C:\Users\Petulka\AppData\Roaming\IrfanView
2013-09-28 18:20:15 ----D---- C:\Users\Petulka\AppData\Roaming\Radiocom
2013-09-28 18:19:32 ----D---- C:\Program Files\CCleaner
2013-09-28 18:02:24 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-09-28 17:49:49 ----D---- C:\Users\Petulka\AppData\Roaming\TuneUp Software
2013-09-27 13:29:14 ----SHD---- C:\found.001
2013-09-23 19:14:41 ----D---- C:\ProgramData\Room Arranger
2013-09-23 19:14:38 ----D---- C:\Program Files (x86)\Room Arranger
2013-09-21 15:59:21 ----D---- C:\Users\Petulka\AppData\Roaming\northern_tale_2
2013-09-21 14:55:40 ----D---- C:\Windows\Ubisoft
2013-09-20 21:28:21 ----D---- C:\Program Files (x86)\directx
2013-09-20 20:12:07 ----D---- C:\Program Files (x86)\Ubi Soft
2013-09-20 14:29:10 ----D---- C:\Users\Petulka\AppData\Roaming\Playrix Entertainment
2013-09-19 21:18:45 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2013-09-19 14:40:09 ----D---- C:\ProgramData\SummerSoft
2013-09-18 20:59:24 ----D---- C:\ProgramData\InstallMate
2013-09-18 00:30:33 ----D---- C:\Users\Petulka\AppData\Roaming\Artifex Mundi
2013-09-11 23:08:47 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-09-11 23:08:47 ----A---- C:\Windows\system32\mshtmled.dll
2013-09-11 23:08:45 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-09-11 23:08:44 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-09-11 23:08:44 ----A---- C:\Windows\system32\ieui.dll
2013-09-11 23:08:43 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-09-11 23:08:43 ----A---- C:\Windows\SYSWOW64\url.dll
2013-09-11 23:08:43 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-09-11 23:08:43 ----A---- C:\Windows\system32\wininet.dll
2013-09-11 23:08:43 ----A---- C:\Windows\system32\url.dll
2013-09-11 23:08:43 ----A---- C:\Windows\system32\msfeeds.dll
2013-09-11 23:08:43 ----A---- C:\Windows\system32\ieUnatt.exe
2013-09-11 23:08:42 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-09-11 23:08:42 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-09-11 23:08:42 ----A---- C:\Windows\system32\urlmon.dll
2013-09-11 23:08:42 ----A---- C:\Windows\system32\jsproxy.dll
2013-09-11 23:08:41 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-09-11 23:08:41 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-09-11 23:08:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-09-11 23:08:41 ----A---- C:\Windows\system32\jscript9.dll
2013-09-11 23:08:41 ----A---- C:\Windows\system32\iertutil.dll
2013-09-11 23:08:40 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-09-11 23:08:40 ----A---- C:\Windows\system32\vbscript.dll
2013-09-11 23:08:40 ----A---- C:\Windows\system32\jscript.dll
2013-09-11 23:08:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-09-11 23:08:36 ----A---- C:\Windows\system32\mshtml.dll
2013-09-11 23:08:35 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-09-11 23:08:35 ----A---- C:\Windows\system32\ieframe.dll
2013-09-11 21:57:16 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-09-11 21:57:16 ----A---- C:\Windows\system32\shell32.dll
2013-09-11 21:57:15 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-09-11 21:57:15 ----A---- C:\Windows\system32\shdocvw.dll
2013-09-11 21:43:16 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-09-11 21:39:44 ----A---- C:\Windows\system32\win32k.sys
2013-09-11 21:39:15 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-09-11 21:39:14 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-09-11 21:39:14 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-09-11 21:39:14 ----A---- C:\Windows\system32\ntdll.dll
2013-09-11 21:39:13 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-09-11 21:39:13 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-09-11 21:39:13 ----A---- C:\Windows\system32\wow64.dll
2013-09-11 21:39:13 ----A---- C:\Windows\system32\KernelBase.dll
2013-09-11 21:39:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 21:39:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 21:39:12 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 21:39:12 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 21:39:12 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 21:39:12 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-09-11 21:39:12 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-09-11 21:39:12 ----A---- C:\Windows\system32\wow64win.dll
2013-09-11 21:39:12 ----A---- C:\Windows\system32\wow64cpu.dll
2013-09-11 21:39:12 ----A---- C:\Windows\system32\winsrv.dll
2013-09-11 21:39:12 ----A---- C:\Windows\system32\smss.exe
2013-09-11 21:39:12 ----A---- C:\Windows\system32\ntvdm64.dll
2013-09-11 21:39:12 ----A---- C:\Windows\system32\kernel32.dll
2013-09-11 21:39:12 ----A---- C:\Windows\system32\csrsrv.dll
2013-09-11 21:39:12 ----A---- C:\Windows\system32\conhost.exe
2013-09-11 21:39:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 21:39:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 21:39:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 21:39:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 21:39:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 21:39:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 21:39:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 21:39:11 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 21:39:11 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 21:39:11 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 21:39:11 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 21:39:11 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 21:39:11 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 21:39:11 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 21:39:11 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 21:39:11 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 21:39:11 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 21:39:11 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 21:39:11 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 21:39:11 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-09-11 21:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 21:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 21:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 21:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 21:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 21:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 21:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 21:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 21:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 21:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 21:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 21:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 21:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 21:39:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 21:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 21:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 21:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 21:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 21:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 21:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 21:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 21:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 21:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 21:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 21:39:10 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 21:39:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 21:39:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 21:39:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 21:39:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 21:39:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 21:39:09 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 21:39:09 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 21:39:09 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-09-11 21:39:09 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-09-11 21:39:09 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-09-11 21:39:09 ----A---- C:\Windows\system32\apisetschema.dll
2013-09-11 21:39:08 ----A---- C:\Windows\SYSWOW64\user.exe
2013-09-09 13:36:31 ----D---- C:\ProgramData\OrganicCoffee
2013-09-09 11:54:22 ----D---- C:\Program Files (x86)\Youdagames
2013-09-09 11:54:21 ----D---- C:\ProgramData\Youdagames
2013-09-04 02:20:31 ----D---- C:\Users\Petulka\AppData\Roaming\SpeedAnalysis3

======List of files/folders modified in the last 1 month======

2013-10-02 22:52:50 ----D---- C:\Windows\Temp
2013-10-02 22:52:36 ----RD---- C:\Program Files
2013-10-02 22:08:49 ----D---- C:\Windows\Prefetch
2013-10-02 21:20:16 ----AD---- C:\Windows
2013-10-02 20:47:32 ----D---- C:\Windows\system32\config
2013-10-02 20:39:49 ----A---- C:\Windows\SYSWOW64\log.txt
2013-10-02 20:35:17 ----AHD---- C:\ProgramData
2013-10-02 20:34:39 ----D---- C:\Windows\system32\Tasks
2013-10-02 20:34:39 ----AD---- C:\Windows\System32
2013-10-02 20:34:33 ----D---- C:\Program Files (x86)\Common Files
2013-10-02 20:34:30 ----RD---- C:\Program Files (x86)
2013-10-02 20:18:52 ----SHD---- C:\Windows\Installer
2013-10-02 19:57:27 ----D---- C:\Windows\system32\drivers\AVG
2013-10-02 19:41:09 ----D---- C:\Windows\SysWOW64
2013-10-02 17:17:31 ----D---- C:\Windows\inf
2013-10-02 17:17:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-02 12:27:29 ----SD---- C:\ProgramData\Microsoft
2013-10-02 12:27:18 ----D---- C:\Windows\system32\drivers
2013-10-02 11:18:17 ----SD---- C:\Users\Petulka\AppData\Roaming\Microsoft
2013-10-02 11:18:13 ----SHD---- C:\Config.Msi
2013-10-02 11:16:38 ----SHD---- C:\System Volume Information
2013-10-02 11:15:38 ----D---- C:\Windows\Tasks
2013-10-02 09:26:40 ----D---- C:\Windows\system32\catroot2
2013-10-02 09:24:56 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-30 11:48:52 ----D---- C:\Windows\Minidump
2013-09-29 22:06:51 ----D---- C:\Windows\system32\wdi
2013-09-29 21:34:19 ----D---- C:\Windows\system32\NDF
2013-09-28 12:13:29 ----D---- C:\ProgramData\VeriFace
2013-09-28 03:47:22 ----D---- C:\Windows\system32\wfp
2013-09-28 03:47:22 ----D---- C:\Windows\system32\wbem
2013-09-28 03:47:22 ----D---- C:\Windows\system32\DriverStore
2013-09-28 03:47:22 ----D---- C:\Windows\system32\drivers\etc
2013-09-28 03:47:20 ----D---- C:\Windows\system32\CodeIntegrity
2013-09-28 03:47:18 ----D---- C:\Windows\registration
2013-09-28 03:47:09 ----AD---- C:\Users
2013-09-21 15:55:21 ----D---- C:\Program Files (x86)\LeeGT-Games
2013-09-19 09:38:33 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-09-18 21:02:32 ----D---- C:\games
2013-09-16 19:23:30 ----D---- C:\Windows\debug
2013-09-16 17:39:22 ----SHD---- C:\Boot
2013-09-13 12:44:45 ----D---- C:\Windows\rescache
2013-09-12 20:17:40 ----D---- C:\Users\Petulka\AppData\Roaming\AlawarEntertainment
2013-09-12 08:22:59 ----D---- C:\Windows\Microsoft.NET
2013-09-12 08:11:03 ----D---- C:\Windows\winsxs
2013-09-12 08:07:21 ----D---- C:\Program Files (x86)\Internet Explorer
2013-09-12 08:07:20 ----D---- C:\Windows\SYSWOW64\migration
2013-09-12 08:07:18 ----D---- C:\Windows\system32\migration
2013-09-12 08:07:17 ----D---- C:\Program Files\Internet Explorer
2013-09-12 08:07:13 ----D---- C:\Windows\AppPatch
2013-09-12 08:07:10 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-09-12 08:07:09 ----D---- C:\Windows\system32\cs-CZ
2013-09-12 08:07:08 ----D---- C:\Windows\SYSWOW64\drivers
2013-09-11 23:14:06 ----RSD---- C:\Windows\assembly
2013-09-11 23:13:52 ----D---- C:\ProgramData\Microsoft Help
2013-09-11 23:13:43 ----D---- C:\Windows\system32\MRT
2013-09-11 23:10:15 ----A---- C:\Windows\system32\MRT.exe
2013-09-11 23:09:13 ----D---- C:\Windows\system32\catroot
2013-09-09 16:48:36 ----D---- C:\Users\Petulka\AppData\Roaming\aliasworlds
2013-09-09 12:14:28 ----D---- C:\Users\Petulka\AppData\Roaming\YoudaGames
2013-09-03 13:28:38 ----D---- C:\Users\Petulka\AppData\Roaming\Atheros

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
R0 fbfmon;fbfmon; C:\Windows\system32\drivers\fbfmon.sys [2012-06-14 57952]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-11-30 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-02-27 16152]
R0 LHDmgr;LHDmgr; C:\Windows\System32\DRIVERS\LhdX64.sys [2012-06-14 39008]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2012-02-23 30016]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-05-22 17720]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-11-08 564824]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2011-05-23 48992]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-11-08 307040]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-04-11 384800]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-10-01 46368]
R1 BPntDrv;BPntDrv; C:\Windows\system32\drivers\BPntDrv.sys [2012-06-14 13408]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2012-06-14 30816]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2012-02-10 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-08-04 2768384]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2012-12-10 127328]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2012-02-10 259744]
R3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2012-02-10 109216]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2012-02-10 29344]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2012-02-10 166048]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2012-02-10 59040]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2012-02-10 283296]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2012-02-10 290464]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthMtpEnum;Modul pro výčet zařízení Bluetooth MTP; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [2009-07-14 64512]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-10-10 80384]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2012-01-31 1601152]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-01-16 208168]
R3 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-03-23 23048]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-02-17 14692896]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-02-27 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-02-27 788760]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-11-15 111216]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2013-03-26 34336]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2013-03-26 23016]
R3 vm331avs;Digital Camera 1; C:\Windows\System32\Drivers\vm331avs.sys [2011-12-06 952832]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-08-28 552960]
S3 cpuz134;cpuz134; C:\Windows\system32\drivers\cpuz134.sys []
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-11-07 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-11-07 27760]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-08 19456]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2011-11-15 313960]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-11-08 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-11-08 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S4 DamageGuard;DamageGuard; C:\Windows\system32\DRIVERS\DamageGuardX64.sys [2012-02-11 217392]
S4 dgFltr;dgFltr; C:\Windows\system32\drivers\dgFltrX64.sys [2011-12-13 23648]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-02-10 106144]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2012-12-05 2321560]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-11-02 5174392]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
R2 CxAudMsg;@C:\Windows\system32\CxAudMsg64.exe,-100; C:\Windows\system32\CxAudMsg64.exe [2010-12-17 198784]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-04-25 335168]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-28 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-02-28 277784]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-02-23 889664]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-23 2458944]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-28 363800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-19 138576]
S2 vToolbarUpdater17.0.12;vToolbarUpdater17.0.12; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-28 257416]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-03-02 276248]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-01 118680]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-08-27 1255736]
S4 DamageGuardSvc;Lenovo Instant Reset Service; C:\Program Files\Lenovo\Instant Reset\DamageGuardSvc.exe [2012-03-26 572976]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#11 Příspěvek od **vyosek** » 02 říj 2013 22:06

Odinstalujte Spyware Terminator a PANDORA.TV

Odinstalujte IObit Malware Fighter, Smart Defrag 2 a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Trvate na antiviru AVG - u nas neni moc obliben - vysoka zatez systemu, slabsi detekce

A pokracovani rano, dobrou

Petulka90 · #12 Příspěvek od **Petulka90** » 02 říj 2013 22:18

OK DĚKUJI, určitě sem ještě ráno kouknu, co je potřeba odstraním a na AVG netrvám, moc se v tom nevyznám,chvíli jsem měla avast, ale lidi okolo mě tvrdili, že právě zatěžuje hodně systém. Takže si určitě nechám poradit i vtéto rovině:D

zatím dobrou noc

#13 Příspěvek od **vyosek** » 03 říj 2013 06:57

Dobre rano

Avg je spise parodie na antivir

Odinstalujte Avg a pak pouzijte jeste tento remover http://download.avg.com/filedir/util/av ... 2_2125.exe

Nainstalujte Avast Free http://www.avast.com/get/gWR5mo92 Ve sve verzi 8 je velmi pekne uzivateleksy zpracovan, kvalitni detekce a opravdu nezatezuje system - mnohalete zkusenosti a provereno tisici uzivateli, nejejn na foru

Az budete mit, tak napiste a vrhneme se na mazani

Petulka90 · #14 Příspěvek od **Petulka90** » 03 říj 2013 11:45

ahoooooj,
hotovo, ted jdu chvíli pryč, ale do hodiny jsem doma

Petulka90 · #15 Příspěvek od **Petulka90** » 03 říj 2013 18:43

Krásný večer přeji... všem jsem vykonala, avast stáhnut, co budem mazat:D

VIRY.CZ

Mywebsearch

Mywebsearch

Re: Mywebsearch

Re: Mywebsearch

Re: Mywebsearch

Re: Mywebsearch

Re: Mywebsearch

Re: Mywebsearch

Re: Mywebsearch

Re: Mywebsearch

Re: Mywebsearch

Re: Mywebsearch

Re: Mywebsearch

Re: Mywebsearch

Re: Mywebsearch

Re: Mywebsearch