VIRY.CZ

Cauec vsichni.

Zrovna dneska jsem po dlouhe dobe dorazil na navstevu domu. Nechal jsem tu muj notas s tim, ze si na nem obcas hrajou decka moji segry nejaky online hry.

Potrebuji dneska pracovat - nicmoc narocnyho - pisu ve wordu nejaky veci, pdf, - proste klasika. Ale neco na tomto komplu stvorit je nadlidsky ukol. Hlavne nezvyk cekat na spousteni programu 15vterin. Mylsim, ze se zde usadila nejaka havet.

Prosim o pomoc. Prikladam log z DDS.

Diky za pomoc. Petr

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: BrowserJavaVersion: 10.17.2
Run by Cud at 20:18:57 on 2013-04-19
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1033.18.2046.703 [GMT 2:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\rundll32.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\snuvcdsm.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\PLFSetL.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Launchy\Launchy.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\AIMP3\AIMP3.exe
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\msiexec.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Users\Cud\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.myheritage.com
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://search.myheritage.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: HistoryTriggerBHO Class: {21A88CB9-84D2-4020-A2D1-B25A21034884} - c:\program files\lg electronics\lg pc suite iv\linkair\LinkAirBrowserHelper.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - c:\program files\windows live\toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SNUVCDSM] c:\windows\snuvcdsm.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [PLFSetL] c:\windows\PLFSetL.exe
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\users\cud\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\cud\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\launchy.lnk - c:\program files\launchy\Launchy.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - /105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
TCP: NameServer = 10.0.0.138
TCP: Interfaces\{BDB78590-62F8-4C1A-B1FF-A4EB3A211FE7} : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{BDB78590-62F8-4C1A-B1FF-A4EB3A211FE7}\26C6265636 : DHCPNameServer = 192.168.137.1
TCP: Interfaces\{BDB78590-62F8-4C1A-B1FF-A4EB3A211FE7}\374756E65647 : DHCPNameServer = 213.250.192.1 213.250.194.1
TCP: Interfaces\{BDB78590-62F8-4C1A-B1FF-A4EB3A211FE7}\37C657E616B6F66713 : DHCPNameServer = 192.168.0.1 10.10.10.10
TCP: Interfaces\{BDB78590-62F8-4C1A-B1FF-A4EB3A211FE7}\6516C656E64716F546F6D616 : DHCPNameServer = 192.168.212.1 212.80.66.7
TCP: Interfaces\{BDB78590-62F8-4C1A-B1FF-A4EB3A211FE7}\661627F6D266275656 : DHCPNameServer = 10.10.2.1
TCP: Interfaces\{BDB78590-62F8-4C1A-B1FF-A4EB3A211FE7}\84F63707F64616024527562656C6F667963656E2E65647 : DHCPNameServer = 10.0.1.1 192.168.1.1
TCP: Interfaces\{BDB78590-62F8-4C1A-B1FF-A4EB3A211FE7}\86F667E6F6 : DHCPNameServer = 10.0.0.138
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\15.1.0\ViProtocol.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\cud\appdata\roaming\mozilla\firefox\profiles\chpeypww.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\15.1.0\npsitesafety.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\cud\appdata\local\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\users\cud\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\cud\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\users\cud\appdata\roaming\mozilla\plugins\npo1d.dll
FF - plugin: c:\users\cud\program files\dna\plugins\npbtdna.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_169.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: 2013-04-13 12:37; avg@toolbar; c:\programdata\avg secure search\firefoxext\15.1.0.2
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-2-8 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-2-8 245048]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-2-8 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-2-8 39224]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-2-26 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-2-8 170808]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-2-14 182072]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-4-13 34592]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-2-27 4937264]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-2-19 282624]
R2 vToolbarUpdater15.1.0;vToolbarUpdater15.1.0;c:\program files\common files\avg secure search\vtoolbarupdater\15.1.0\ToolbarUpdater.exe [2013-4-13 1008816]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [2009-9-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [2009-9-29 10496]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [2009-9-29 12928]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-14 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-14 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-14 661504]
R3 V0520Vid;Creative Camera VF0520 Driver;c:\windows\system32\drivers\V0520Vid.sys [2011-9-2 244448]
S3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\drivers\lgandbus.sys [2010-8-2 14336]
S3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\drivers\lganddiag.sys [2010-8-2 20864]
S3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\drivers\lgandgps.sys [2010-8-2 19968]
S3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\drivers\lgandmodem.sys [2010-8-2 24960]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-1-25 54632]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S3 SMARTMouseFilterx86;HID-compliant mouse;c:\windows\system32\drivers\SMARTMouseFilterx86.sys [2008-7-30 11048]
S3 SMARTVHidMini2000x86;SMART HID Device;c:\windows\system32\drivers\SMARTVHidMini2000x86.sys [2008-7-30 14120]
S3 SMARTVTabletPCx86;SMART Virtual TabletPC;c:\windows\system32\drivers\SMARTVTabletPCx86.sys [2008-7-30 16808]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2009-9-19 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2009-9-19 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2009-9-19 123648]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-8-28 1343400]
S3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\drivers\zghsmdm.sys [2011-1-13 106752]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile="c:\windows\system32\notepad.exe" "%1"
.
=============== Created Last 30 ================
.
2013-04-19 12:00:49 -------- d-----w- c:\users\cud\appdata\roaming\AVG2013
2013-04-19 12:00:46 -------- d-----w- c:\users\cud\appdata\local\AVG Secure Search
2013-04-19 12:00:42 -------- d-----w- c:\users\cud\appdata\local\Avg2013
2013-04-13 17:38:47 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-04-13 10:37:01 -------- d-----w- c:\programdata\AVG Secure Search
2013-04-13 10:36:50 34592 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-04-13 10:36:45 -------- d-----w- c:\program files\common files\AVG Secure Search
2013-04-13 10:36:44 -------- d-----w- c:\program files\AVG Secure Search
2013-04-13 10:34:29 -------- d--h--w- C:\$AVG
2013-04-13 10:34:28 -------- d-----w- c:\programdata\AVG2013
2013-04-13 10:32:55 -------- d-----w- c:\program files\AVG
2013-04-13 10:05:39 -------- d--h--w- c:\programdata\Common Files
2013-04-13 10:05:39 -------- d-----w- c:\programdata\MFAData
2013-04-12 23:53:01 26520 ----a-w- c:\program files\mozilla firefox\plugin-hang-ui.exe
2013-04-12 23:31:15 -------- d-sh--w- C:\$RECYCLE.BIN
2013-04-12 17:49:42 -------- d-----w- c:\users\cud\appdata\local\temp
.
==================== Find3M ====================
.
2013-04-13 17:38:35 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-04-13 17:38:35 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-04-13 10:31:52 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-13 10:31:52 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-01 08:32:20 22328 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2013-02-26 21:40:46 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-02-14 01:52:46 182072 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2013-02-08 02:37:56 245048 ----a-w- c:\windows\system32\drivers\avglogx.sys
2013-02-08 02:37:52 60216 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2013-02-08 02:37:44 170808 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2013-02-08 02:37:40 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
.
============= FINISH: 20:20:24,22 ===============

Zdravim

V prve rade doporucuji vymenit AVG treba za Avast Free. AVG je casto zrdojem techto problemu

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Prohledat
• Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

Vkladam log ADW Cleanera.

# AdwCleaner v2.200 - Logfile created 04/19/2013 at 20:50:57
# Updated 02/04/2013 by Xplode
# Operating system : Windows 7 Professional (32 bits)
# User : Cud - CUD-PC
# Boot Mode : Normal
# Running from : C:\Users\Cud\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Folder Found : C:\Program Files\AVG Secure Search
Folder Found : C:\Program Files\Common Files\AVG Secure Search
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\Users\Cud\AppData\Local\AVG Secure Search
Folder Found : C:\Users\Cud\AppData\Roaming\pdfforge
Folder Found : C:\Users\Ivana Sedlakova\AppData\Local\AVG Secure Search
Folder Found : C:\Users\Ivana Sedlakova\AppData\LocalLow\AVG Secure Search

***** [Registry] *****

Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\Softonic
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ShopperReports@ShopperReports.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7600.16385

[OK] Registry is clean.

-\\ Mozilla Firefox v20.0.1 (cs)

File : C:\Users\Cud\AppData\Roaming\Mozilla\Firefox\Profiles\chpeypww.default\prefs.js

[OK] File is clean.

File : C:\Users\Ivana Sedlakova\AppData\Roaming\Mozilla\Firefox\Profiles\2adpn6h9.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Cud\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Ivana Sedlakova\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [5260 octets] - [19/04/2013 20:50:57]

########## EOF - C:\AdwCleaner[R1].txt - [5320 octets] ##########

Spustte znovu AdwCleaner

• Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Smazat
• PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

Na tvoji radu jsem vyhodil AVG. Kdysi jsem ho instaloval na radu kamose - co dela v AVG samozrejme. Je to brak. Uz ted je znatelnej rozdil.

# AdwCleaner v2.200 - Logfile created 04/19/2013 at 21:01:29
# Updated 02/04/2013 by Xplode
# Operating system : Windows 7 Professional (32 bits)
# User : Cud - CUD-PC
# Boot Mode : Normal
# Running from : C:\Users\Cud\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Users\Cud\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Cud\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\Ivana Sedlakova\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Ivana Sedlakova\AppData\LocalLow\AVG Secure Search

***** [Registry] *****

Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ShopperReports@ShopperReports.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7600.16385

[OK] Registry is clean.

-\\ Mozilla Firefox v20.0.1 (cs)

File : C:\Users\Cud\AppData\Roaming\Mozilla\Firefox\Profiles\chpeypww.default\prefs.js

[OK] File is clean.

File : C:\Users\Ivana Sedlakova\AppData\Roaming\Mozilla\Firefox\Profiles\2adpn6h9.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Cud\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Ivana Sedlakova\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [5389 octets] - [19/04/2013 20:50:57]
AdwCleaner[S1].txt - [5431 octets] - [19/04/2013 21:01:29]

########## EOF - C:\AdwCleaner[S1].txt - [5491 octets] ##########

Poprosim o log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=105895

Logfile of random's system information tool 1.09 (written by random/random)
Run by Cud at 2013-04-19 21:32:21
Microsoft Windows 7 Professional
System drive C: has 3 GB (13%) free of 25 GB
Total RAM: 2046 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:32:52, on 19.4.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\rundll32.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\snuvcdsm.exe
C:\Windows\System32\rundll32.exe
C:\Windows\PLFSetL.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Launchy\Launchy.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Cud\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
C:\Users\Cud\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\AIMP3\AIMP3.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\LibreOffice 4.0\program\swriter.exe
C:\Program Files\LibreOffice 4.0\program\soffice.exe
C:\Program Files\LibreOffice 4.0\program\soffice.bin
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Cud\Downloads\RSIT.exe
C:\Program Files\trend micro\Cud.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SNUVCDSM] C:\Windows\snuvcdsm.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - Startup: Dropbox.lnk = Cud\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Launchy.lnk = C:\Program Files\Launchy\Launchy.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res:///105
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: vToolbarUpdater15.1.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe

--
End of file - 5666 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1013575026-446799140-136246748-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1013575026-446799140-136246748-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1013575026-446799140-136246748-1003Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1013575026-446799140-136246748-1003UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Cud\AppData\Roaming\Mozilla\Firefox\Profiles\chpeypww.default

prefs.js - "browser.startup.homepage" - "http://www.google.com/ig"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=1.1.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
MyHeritage.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Cud\AppData\Roaming\Mozilla\Firefox\Profiles\chpeypww.default\extensions\
fastdial@telega.phpnet.us
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21A88CB9-84D2-4020-A2D1-B25A21034884}]
HistoryTriggerBHO Class - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll [2010-10-21 35688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-13 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-25 403832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-13 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]
"SNUVCDSM"=C:\Windows\snuvcdsm.exe [2009-08-10 27184]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-03-06 13605408]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-03-06 92704]
"PLFSetL"=C:\Windows\PLFSetL.exe [2008-07-03 94208]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\B2C_AGENT]
C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [2010-09-27 391096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
C:\Users\Cud\Program Files\DNA\btdna.exe [2010-04-27 323392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Cud\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-20 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetL]
C:\Windows\PLFSetL.exe [2008-07-03 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-06-17 85160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OfficeSAS.lnk]
C:\PROGRA~1\MICROS~2\Office14\OFFICE~1\OFFICE~2.EXE []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Launchy.lnk - C:\Program Files\Launchy\Launchy.exe

C:\Users\Cud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Cud\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.IV41"=IR41_32.AX
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"vidc.VP62"=vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - "C:\Windows\system32\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2013-04-19 21:32:20 ----D---- C:\rsit
2013-04-19 21:01:29 ----A---- C:\AdwCleaner[S1].txt
2013-04-19 20:57:22 ----D---- C:\Windows\System64
2013-04-19 20:55:14 ----D---- C:\Program Files\LibreOffice 4.0
2013-04-19 20:50:57 ----A---- C:\AdwCleaner[R1].txt
2013-04-19 20:36:16 ----D---- C:\Users\Cud\AppData\Roaming\TuneUp Software
2013-04-13 19:39:10 ----A---- C:\Windows\system32\javaws.exe
2013-04-13 19:38:47 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-04-13 12:36:50 ----A---- C:\Windows\system32\drivers\avgtpx86.sys
2013-04-13 12:36:45 ----D---- C:\Program Files\Common Files\AVG Secure Search
2013-04-13 12:05:39 ----HD---- C:\ProgramData\Common Files
2013-04-13 12:05:39 ----D---- C:\ProgramData\MFAData
2013-04-13 01:52:55 ----D---- C:\Program Files\Mozilla Firefox
2013-04-13 01:33:09 ----ASH---- C:\pagefile.sys
2013-04-13 01:31:54 ----D---- C:\Windows\temp
2013-04-13 01:31:53 ----A---- C:\ComboFix.txt
2013-04-13 01:31:15 ----SHD---- C:\$RECYCLE.BIN
2013-04-13 01:20:13 ----A---- C:\Windows\ntbtlog.txt

======List of files/folders modified in the last 1 month======

2013-04-19 21:32:24 ----D---- C:\Users\Cud\AppData\Roaming\AIMP3
2013-04-19 21:32:22 ----D---- C:\Program Files\trend micro
2013-04-19 21:17:07 ----D---- C:\Windows\system32\config
2013-04-19 21:10:33 ----D---- C:\Users\Cud\AppData\Roaming\LibreOffice
2013-04-19 21:04:58 ----D---- C:\Users\Cud\AppData\Roaming\Dropbox
2013-04-19 21:04:37 ----D---- C:\Windows
2013-04-19 21:02:40 ----D---- C:\ProgramData
2013-04-19 21:01:36 ----RD---- C:\Program Files
2013-04-19 21:01:24 ----D---- C:\Windows\Prefetch
2013-04-19 20:57:57 ----SHD---- C:\Windows\Installer
2013-04-19 20:55:37 ----RSD---- C:\Windows\Fonts
2013-04-19 20:54:44 ----SHD---- C:\System Volume Information
2013-04-19 20:43:00 ----D---- C:\Users\Cud\AppData\Roaming\Mozilla
2013-04-19 20:36:58 ----D---- C:\Windows\system32\drivers
2013-04-19 20:27:41 ----D---- C:\Windows\winsxs
2013-04-19 20:18:28 ----D---- C:\ProgramData\Microsoft Help
2013-04-19 20:18:26 ----RSD---- C:\Windows\assembly
2013-04-19 20:17:23 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2013-04-19 20:17:23 ----D---- C:\Program Files\Common Files\microsoft shared
2013-04-19 20:17:22 ----SD---- C:\ProgramData\Microsoft
2013-04-19 20:15:53 ----D---- C:\Windows\ShellNew
2013-04-19 20:15:50 ----D---- C:\Windows\System32
2013-04-19 20:15:50 ----D---- C:\Program Files\Common Files\DESIGNER
2013-04-14 16:09:38 ----D---- C:\Windows\inf
2013-04-14 16:09:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-13 19:38:35 ----A---- C:\Windows\system32\npDeployJava1.dll
2013-04-13 19:38:35 ----A---- C:\Windows\system32\javaw.exe
2013-04-13 19:38:35 ----A---- C:\Windows\system32\java.exe
2013-04-13 19:38:35 ----A---- C:\Windows\system32\deployJava1.dll
2013-04-13 19:38:33 ----D---- C:\Program Files\Java
2013-04-13 12:37:38 ----D---- C:\Windows\system32\Tasks
2013-04-13 12:36:45 ----D---- C:\Program Files\Common Files
2013-04-13 12:32:49 ----D---- C:\Windows\system32\catroot2
2013-04-13 12:32:16 ----D---- C:\ProgramData\Adobe
2013-04-13 12:31:52 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-04-13 12:09:58 ----D---- C:\Windows\system32\catroot
2013-04-13 12:09:57 ----D---- C:\Windows\system32\DriverStore
2013-04-13 12:02:43 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-04-13 02:28:40 ----D---- C:\Users\Cud\AppData\Roaming\Launchy
2013-04-13 01:31:55 ----D---- C:\Qoobox
2013-04-13 01:30:29 ----A---- C:\Windows\system.ini
2013-04-13 01:27:47 ----D---- C:\Windows\AppPatch
2013-04-13 01:19:13 ----D---- C:\Users\Cud\AppData\Roaming\BitTorrent
2013-04-13 01:18:51 ----D---- C:\Windows\Minidump
2013-04-12 19:47:39 ----D---- C:\Windows\system32\drivers\etc
2013-03-24 18:48:37 ----D---- C:\Users\Cud\AppData\Roaming\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2009-04-17 44944]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2013-04-13 34592]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-12-18 26024]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2006-11-14 37376]
R2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [2009-09-17 92712]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6232.sys [2010-03-26 221400]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2009-04-20 9344]
R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-10 84992]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472]
R3 V0520Vid;Creative Camera VF0520 Driver; C:\Windows\system32\DRIVERS\V0520Vid.sys [2011-09-02 244448]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-08-09 29696]
S2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus.sys [2010-08-02 14336]
S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag.sys [2010-08-02 20864]
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps.sys [2010-08-02 19968]
S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem.sys [2010-08-02 24960]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\Users\Cud\AppData\Local\Temp\catchme.sys []
S3 cpuz134;cpuz134; \??\C:\Program Files\CPUID\PC Wizard 2010\pcwiz_x32.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 SMARTMouseFilterx86;HID-compliant mouse; C:\Windows\system32\DRIVERS\SMARTMouseFilterx86.sys [2008-07-30 11048]
S3 SMARTVHidMini2000x86;SMART HID Device; C:\Windows\system32\DRIVERS\SMARTVHidMini2000x86.sys [2008-07-30 14120]
S3 SMARTVTabletPCx86;SMART Virtual TabletPC; C:\Windows\system32\DRIVERS\SMARTVTabletPCx86.sys [2008-07-30 16808]
S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-09-10 1761280]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 123648]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S3 zghsmdm;ZTE General Handset USB Modem Proprietary; C:\Windows\system32\DRIVERS\zghsmdm.sys [2011-01-13 106752]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-03-06 203296]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 vToolbarUpdater15.1.0;vToolbarUpdater15.1.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe [2013-04-13 1008816]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-13 256904]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-01-31 85096]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-02-23 651720]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-13 115608]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-08-28 1343400]

-----------------EOF-----------------

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :services
  catchme
  vToolbarUpdater15.1.0
  
  :reg
  [HKCU\Software\Microsoft\Internet Explorer\Main]
  "Start Page"=""
  [HKLM\Software\Microsoft\Internet Explorer\Main]
  "Start Page"=""
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
  "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "vProt"=-
  "SunJavaUpdateSched"=-
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OfficeSAS.lnk]
  
  :files
  C:\Qoobox
  C:\Windows\tasks\Adobe Flash Player Updater.job
  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1013575026-446799140-136246748-1000Core.job
  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1013575026-446799140-136246748-1000UA.job
  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1013575026-446799140-136246748-1003Core.job
  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1013575026-446799140-136246748-1003UA.job
  C:\ProgramData\MFAData
  C:\Program Files\AVG Secure Search
  C:\Program Files\Common Files\AVG Secure Search
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]
  [EMPTYJAVA]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

All processes killed
========== SERVICES/DRIVERS ==========
Service catchme stopped successfully!
Service catchme deleted successfully!
Service vToolbarUpdater15.1.0 stopped successfully!
Service vToolbarUpdater15.1.0 deleted successfully!
========== REGISTRY ==========
HKCU\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"" /E : value set successfully!
HKLM\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"" /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\vProt deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OfficeSAS.lnk\ deleted successfully.
========== FILES ==========
C:\Qoobox\Quarantine\Registry_backups folder moved successfully.
C:\Qoobox\Quarantine\C\Windows\System32\drivers folder moved successfully.
C:\Qoobox\Quarantine\C\Windows\System32 folder moved successfully.
C:\Qoobox\Quarantine\C\Windows folder moved successfully.
C:\Qoobox\Quarantine\C\Users\Cud\AppData\Roaming\WindowsUpdate folder moved successfully.
C:\Qoobox\Quarantine\C\Users\Cud\AppData\Roaming\ShopperReports3 folder moved successfully.
C:\Qoobox\Quarantine\C\Users\Cud\AppData\Roaming folder moved successfully.
C:\Qoobox\Quarantine\C\Users\Cud\AppData folder moved successfully.
C:\Qoobox\Quarantine\C\Users\Cud folder moved successfully.
C:\Qoobox\Quarantine\C\Users folder moved successfully.
C:\Qoobox\Quarantine\C\ProgramData\QuestScan folder moved successfully.
C:\Qoobox\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports folder moved successfully.
C:\Qoobox\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs folder moved successfully.
C:\Qoobox\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu folder moved successfully.
C:\Qoobox\Quarantine\C\ProgramData\Microsoft\Windows folder moved successfully.
C:\Qoobox\Quarantine\C\ProgramData\Microsoft folder moved successfully.
C:\Qoobox\Quarantine\C\ProgramData folder moved successfully.
C:\Qoobox\Quarantine\C\Program Files\SiL folder moved successfully.
C:\Qoobox\Quarantine\C\Program Files folder moved successfully.
C:\Qoobox\Quarantine\C folder moved successfully.
C:\Qoobox\Quarantine folder moved successfully.
Folder move failed. C:\Qoobox\BackEnv scheduled to be moved on reboot.
C:\Qoobox folder moved successfully.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1013575026-446799140-136246748-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1013575026-446799140-136246748-1000UA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1013575026-446799140-136246748-1003Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1013575026-446799140-136246748-1003UA.job moved successfully.
C:\ProgramData\MFAData\avibackup folder moved successfully.
C:\ProgramData\MFAData folder moved successfully.
File\Folder C:\Program Files\AVG Secure Search not found.
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0 folder moved successfully.
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater folder moved successfully.
C:\Program Files\Common Files\AVG Secure Search folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Cud
->Temp folder emptied: 2780352 bytes
->Temporary Internet Files folder emptied: 228931 bytes
->Java cache emptied: 17876186 bytes
->FireFox cache emptied: 92294782 bytes
->Flash cache emptied: 61021 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56502 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 408208475 bytes
->Flash cache emptied: 96400 bytes

User: Ivana Sedlakova
->Temp folder emptied: 38020445 bytes
->Temporary Internet Files folder emptied: 785731 bytes
->Java cache emptied: 2820408 bytes
->FireFox cache emptied: 361413174 bytes
->Google Chrome cache emptied: 10999479 bytes
->Flash cache emptied: 143187 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 987780 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 110843 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 893,00 mb


[EMPTYFLASH]

User: All Users

User: Cud
->Flash cache emptied: 0 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Guest
->Flash cache emptied: 0 bytes

User: Ivana Sedlakova
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Cud
->Java cache emptied: 0 bytes

User: Default

User: Default User

User: Guest
->Java cache emptied: 0 bytes

User: Ivana Sedlakova
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 04192013_215059

Files\Folders moved on Reboot...
File\Folder C:\Qoobox\BackEnv not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Doporucuji provest defragmentaci disku

• Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
  • Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
  • prepnete se do zalozky Nastroje
  • Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
  • Toto provedte se vsemi disky
• Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
  • Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
  • Kliknete na Analyzovat
  • Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
  • Postup provedte se vsemi disky
• Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
  • Vyhodou programku je, ze se neinstaluje
  • Staci tedy jen stahnout dle verze vaseho OS a rozbalit
  • Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
  • Probehne analyza disku a nasledne i defragmentace

A pokud nejsou problemy ci dotazy, je to z me strany vse

Vsechno je to vycisteno.

Jen me porad trapi nekonencne otevirani obrazku, pdf, doc ... cekam na to i nekolik minut. Jinak web vali normalne.

Mozna mi odchazi disk, jinak si to neumim vysvetlit. Kadzpoadne diky, posilam vam prispevek .

P.

Za podporu fora jmenem tymu dekuji

Udelejte CDI dle kolegy

MiliNess píše:Stáhni CrystalDiskInfo, v nabídce Úpravy zvol Kopírovat a obsah schránky sem vlož pomocí Ctrl+V.

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Ultimate Edition [6.1 Build 7600] (x86)
Date : 2013/04/20 16:59:30

-- Controller Map ----------------------------------------------------------
- Ricoh xD-Picture Card Controller [ATA]
+ ATA Channel 0 (0) [ATA]
- WDC WD3200BEVT-63ZCT0 ATA Device
+ ATA Channel 1 (1) [ATA]
- MATSHITA DVD-RAM UJ-851S ATA Device
+ Intel(R) 82801GBM/GHM (ICH7-M Family) Serial ATA Storage Controller - 27C4 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ Virtual CloneDrive [SCSI]
- ELBY CLONEDRIVE SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) WDC WD3200BEVT-63ZCT0 : 320,0 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) WDC WD3200BEVT-63ZCT0
----------------------------------------------------------------------------
Model : WDC WD3200BEVT-63ZCT0
Firmware : 11.01A11
Serial Number : WD-WXE0E99FEY89
Disk Size : 320,0 GB (8,4/137,4/320,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 4818 hod.
Power On Count : 2678 krát
Temparature : 44 C (111 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000CA8 Počet chyb čtení
03 188 184 _21 000000000627 Čas na roztočení ploten
04 _98 _98 __0 000000000A90 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _94 _94 __0 0000000012D2 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 000000000A76 Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000111 Počet vypnutí disku
C1 168 168 __0 000000017746 Počet cyklů načítání/vymazání
C2 103 _85 __0 00000000002C Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000003 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4539 4539 3946 4559 3839
020: 0000 4000 0032 3131 2E30 3131 3131 5744 4320 5744
030: 3332 3030 4245 5654 2D36 4354 4354 3020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0706 0706 0000 004C 0040
080: 01FE 0000 746B 7F09 6773 BD09 BD09 6763 207F 0035
090: 0035 0080 FFFE 0000 80FE 0000 0000 0000 86A0 0001
100: EAB0 2542 0000 0000 0000 0000 0000 0000 5001 4EE2
110: 58F1 E6A6 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 169E 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 303F 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 100E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 F2A5

Mel jste pravdu s diskem, odchazi do kytek