VIRY.CZ

Dobrý den,
žádám o preventivní kontrolu logu,
Děkuji

Logfile of random's system information tool 1.09 (written by random/random)
Run by Psyhcodelic at 2013-06-10 19:00:51
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 43 GB (26%) free of 167 GB
Total RAM: 4094 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:01:03, on 10.6.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16483)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Users\Psyhcodelic\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\DisplayFusion\DisplayFusionAppHook.exe
C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Psyhcodelic.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=113480 ... 43a405a405
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: KMPlayer Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (file missing)
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (file missing)
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Kerio VPN Client] "C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe" /tray
O4 - HKCU\..\Run: [Google Update] "C:\Users\Psyhcodelic\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [DisplayFusion] "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Psyhcodelic\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Fences.lnk = C:\Program Files (x86)\Stardock\Fences\Fences.exe
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Download video on this page - res://C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YVD_IEX.dll/300
O8 - Extra context menu item: Download video this links to - res://C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YVD_IEX.dll/301
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Psyhcodelic\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Download Video - {B4FECE59-6D0A-4EE6-A07F-E6A94F846E55} - res://C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YVD_IEX.dll/300 (file missing)
O9 - Extra 'Tools' menuitem: Download video on this page - {B4FECE59-6D0A-4EE6-A07F-E6A94F846E55} - res://C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YVD_IEX.dll/300 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{66F21A65-FBE5-4A37-A3F9-37C8DC463698}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{8DDE1AE4-40D0-4487-B768-E11376EA5E9D}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: DisplayFusionService - Binary Fortress Software - C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Kerio VPN Client Service (KVPNCSvc) - Kerio Technologies Inc. - C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Acronis OS Selector activator (OS Selector) - Unknown owner - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15137 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
winlogon.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe"
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000007c4
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-fbbb89e6-ed2e-4853-ac15-54e5fcfdaef4 -SystemEventPortName:HostProcess-d0accb78-166f-488c-9135-226525c012d1 -IoCancelEventPortName:HostProcess-fbac92b3-c588-49e3-bd2f-94c5c2439a75 -NonStateChangingEventPortName:HostProcess-b41ae9c7-6d8c-482a-b9e8-bb037e7cf0fc -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:69021318-9c08-463a-91c7-73ccf1964524 -DeviceGroupId:WpdFsGroup
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe"
"C:\Users\Psyhcodelic\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files\Rainmeter\Rainmeter.exe"
"C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\DisplayFusion\DisplayFusionAppHook.exe" "132038" "63d5518e-4d85-490f-9279-5794e02a455e" "C:\Program Files (x86)\DisplayFusion\Hooks\AppHookx86_71C2806E-68FE-487F-8235-4DA35D784DC2.dll"
"C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5068.0.331091443\246130257" --supports-dual-gpus=false --gpu-vendor-id=0x1002 --gpu-device-id=0x9440 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.970.100.7000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DisabledProviders_16/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup5 channel:stable mods:9/InstantExtended/Control2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/19/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_36/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --channel="5068.1.1559735211\774972502" /prefetch:673131151
"C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DisabledProviders_16/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup5 channel:stable mods:9/InstantExtended/Control2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/19/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_36/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --channel="5068.3.352738733\378143627" /prefetch:673131151
"C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DisabledProviders_16/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup5 channel:stable mods:9/InstantExtended/Control2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/19/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_36/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --channel="5068.4.1897910011\1915414031" /prefetch:673131151
"C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DisabledProviders_16/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup5 channel:stable mods:9/InstantExtended/Control2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/19/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_36/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --channel="5068.5.296721235\992412006" /prefetch:673131151
"C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DisabledProviders_16/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup5 channel:stable mods:9/InstantExtended/Control2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/19/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_36/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --channel="5068.6.1221047984\778560119" /prefetch:673131151
"C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DisabledProviders_16/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup5 channel:stable mods:9/InstantExtended/Control2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/19/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_36/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --channel="5068.7.1560771570\1225355924" /prefetch:673131151
"C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DisabledProviders_16/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup5 channel:stable mods:9/InstantExtended/Control2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/19/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_36/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --channel="5068.8.386405905\546257560" /prefetch:673131151
"C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DisabledProviders_16/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup5 channel:stable mods:9/InstantExtended/Control2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/19/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_36/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --channel="5068.9.1111382967\339552517" /prefetch:673131151
"C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DisabledProviders_16/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup5 channel:stable mods:9/InstantExtended/Control2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/19/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_36/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --channel="5068.10.120165734\1802225275" /prefetch:673131151
"C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DisabledProviders_16/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup5 channel:stable mods:9/InstantExtended/Control2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/19/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_36/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --channel="5068.11.443484784\392465614" /prefetch:673131151
"C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DisabledProviders_16/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup5 channel:stable mods:9/InstantExtended/Control2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/19/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_36/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --channel="5068.12.759596119\822308053" /prefetch:673131151
"C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DisabledProviders_16/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup5 channel:stable mods:9/InstantExtended/Control2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/19/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_36/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --channel="5068.13.2019580461\1634082702" /prefetch:673131151
"C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DisabledProviders_16/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup5 channel:stable mods:9/InstantExtended/Control2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/19/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_36/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --channel="5068.14.1904240517\620429341" /prefetch:673131151
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
taskeng.exe {B494BF80-6E82-4C11-8AF8-A2F416A1DC19}
"C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe"
"C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DisabledProviders_16/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup5 channel:stable mods:9/InstantExtended/Control2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/19/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwndDynamic/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_36/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --channel="5068.190.1835046435\1377170956" /prefetch:673131151
C:\Windows\splwow64.exe 8192
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
taskeng.exe {233282EA-3CB9-46DA-9D7A-AD0D28943B04}
"C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DisabledProviders_16/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup5 channel:stable mods:9/InstantExtended/Control2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/19/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwndDynamic/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_36/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --channel="5068.215.1474976046\608120090" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe13_ Global\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DisabledProviders_16/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup5 channel:stable mods:9/InstantExtended/Control2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/19/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwndDynamic/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_36/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --channel="5068.227.1794617910\286085244" /prefetch:673131151
"C:\Users\Psyhcodelic\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2857271893-2709921192-1482975336-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2857271893-2709921192-1482975336-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14 6307960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
Babylon toolbar helper - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-03 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14 4531320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
KMPlayer Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-03 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - KMPlayer Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll []
{98889811-442D-49dd-99D7-DC866BE87DBC} - Babylon Toolbar - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-03-11 9569096]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-03-27 12459112]
"Fences"=C:\Program Files (x86)\Stardock\Fences\Fences.exe [2012-10-29 4017368]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Psyhcodelic\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-03 116648]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-08-28 3671904]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-05-20 4284976]
"DisplayFusion"=C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [2013-04-26 7283072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMD AVT]
Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2013-04-01 1719944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO]
C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe [2011-11-23 213304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CPA]
C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe [2011-11-23 184120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-08-28 3671904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DrvUpdater]
C:\Users\Psyhcodelic\AppData\Roaming\DRPSu\DrvUpdater.exe [2012-06-20 195256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Program Files (x86)\Origin\Origin.exe [2013-04-24 3497552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Psyhcodelic\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-03 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [2012-06-08 958392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-06-08 21432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2012-06-08 3521464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-05-03 17355912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-11-16 641704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files (x86)\uTorrent\uTorrent.exe [2013-05-08 802136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~2\MCAFEE~1\30937D~1.207\SSSCHE~1.EXE [2011-06-17 272528]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"Driver Genius"= []
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2013-04-01 1719944]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-05-23 345312]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-11-16 641704]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
"Kerio VPN Client"=C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe [2010-03-02 4986728]

C:\Users\Psyhcodelic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Psyhcodelic\AppData\Roaming\Dropbox\bin\Dropbox.exe
Fences.lnk - C:\Program Files (x86)\Stardock\Fences\Fences.exe
Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Windows\system32\guard64.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2012-10-29 551640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CLPSLS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=0
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YouTubeVideoDownloader.exe"="C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YouTubeVideoDownloader.exe:*:Enabled:YouTube Video Downloader"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"VIDC.XFR1"=xfcodec64.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-06-10 19:00:51 ----D---- C:\rsit
2013-06-10 19:00:51 ----D---- C:\Program Files\trend micro
2013-06-10 17:01:16 ----D---- C:\Users\Psyhcodelic\AppData\Roaming\.technic
2013-06-10 16:39:39 ----D---- C:\Users\Psyhcodelic\AppData\Roaming\.minecraft
2013-06-10 16:09:08 ----D---- C:\Users\Psyhcodelic\AppData\Roaming\Kerio
2013-06-10 16:08:17 ----D---- C:\Program Files (x86)\Kerio
2013-06-06 19:29:55 ----D---- C:\Users\Psyhcodelic\AppData\Roaming\.minecraft_2012.7.4_13.12.48
2013-06-06 19:27:18 ----D---- C:\Users\Psyhcodelic\AppData\Roaming\.techniclauncher
2013-06-05 20:37:25 ----A---- C:\Windows\system32\drivers\VBoxDrv.sys
2013-06-05 20:36:47 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2013-06-05 20:36:46 ----DC---- C:\Windows\system32\DRVSTORE
2013-06-05 20:36:43 ----D---- C:\Program Files\Oracle
2013-06-05 19:36:55 ----D---- C:\ProgramData\ATI
2013-06-05 19:36:52 ----D---- C:\Program Files (x86)\AMD AVT
2013-06-05 19:36:41 ----D---- C:\Program Files (x86)\AMD APP
2013-06-05 14:50:13 ----D---- C:\Program Files (x86)\FinalWire
2013-06-05 14:46:56 ----D---- C:\Program Files\PeerBlock
2013-06-04 20:39:23 ----D---- C:\Users\Psyhcodelic\AppData\Roaming\TeamViewer
2013-06-04 17:14:00 ----SHD---- C:\Users\Psyhcodelic\AppData\Roaming\Common
2013-06-04 17:13:57 ----D---- C:\Users\Psyhcodelic\AppData\Roaming\DisplayFusion
2013-06-04 17:13:31 ----D---- C:\ProgramData\Binary Fortress Software
2013-06-04 17:13:24 ----D---- C:\Program Files (x86)\DisplayFusion
2013-06-04 02:33:53 ----D---- C:\Users\Psyhcodelic\AppData\Roaming\Dropbox
2013-06-03 20:12:38 ----D---- C:\Program Files (x86)\T-Mobile
2013-06-03 20:12:31 ----D---- C:\ProgramData\Gemfor
2013-06-03 18:53:10 ----D---- C:\videooutput
2013-06-03 18:53:07 ----D---- C:\Program Files (x86)\Smallvideosoft
2013-06-03 18:53:07 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2013-06-03 18:53:07 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2013-06-03 18:53:07 ----A---- C:\Windows\SYSWOW64\NCMedia2.dll
2013-06-03 18:46:12 ----D---- C:\Program Files (x86)\FreeTime
2013-06-03 18:32:04 ----D---- C:\Users\Psyhcodelic\AppData\Roaming\Tomabo
2013-06-03 18:32:03 ----D---- C:\Program Files (x86)\Tomabo
2013-06-03 16:49:17 ----D---- C:\ProgramData\Sun
2013-06-03 16:49:10 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-06-03 16:49:09 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-06-03 16:49:09 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-06-03 16:48:54 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-06-03 16:48:54 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-06-03 16:48:54 ----A---- C:\Windows\SYSWOW64\java.exe
2013-06-03 16:48:46 ----D---- C:\Program Files (x86)\Java
2013-06-03 00:32:37 ----D---- C:\Program Files (x86)\Valve
2013-05-30 15:48:21 ----D---- C:\Program Files\Google
2013-05-30 15:41:07 ----A---- C:\Windows\system32\Wdfres.dll
2013-05-30 15:41:07 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-05-30 15:41:07 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-05-30 15:20:30 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-05-30 15:20:29 ----A---- C:\Windows\system32\mshtml.dll
2013-05-30 15:19:13 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-05-30 15:19:13 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-05-30 15:19:13 ----A---- C:\Windows\system32\atmlib.dll
2013-05-30 15:19:13 ----A---- C:\Windows\system32\atmfd.dll
2013-05-30 15:18:28 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-05-30 15:18:28 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-05-30 15:18:28 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2013-05-30 15:18:28 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2013-05-30 15:18:27 ----A---- C:\Windows\system32\WUDFx.dll
2013-05-30 15:18:27 ----A---- C:\Windows\system32\WUDFHost.exe
2013-05-30 15:18:27 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-05-30 15:17:02 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-05-30 15:17:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-05-30 15:17:02 ----A---- C:\Windows\system32\mshtmled.dll
2013-05-30 15:17:02 ----A---- C:\Windows\system32\iertutil.dll
2013-05-30 15:17:01 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-05-30 15:17:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-05-30 15:17:01 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-05-30 15:17:01 ----A---- C:\Windows\system32\ieUnatt.exe
2013-05-30 15:17:01 ----A---- C:\Windows\system32\ieui.dll
2013-05-30 15:17:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-05-30 15:17:00 ----A---- C:\Windows\SYSWOW64\url.dll
2013-05-30 15:17:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-05-30 15:17:00 ----A---- C:\Windows\system32\urlmon.dll
2013-05-30 15:17:00 ----A---- C:\Windows\system32\url.dll
2013-05-30 15:17:00 ----A---- C:\Windows\system32\msfeeds.dll
2013-05-30 15:17:00 ----A---- C:\Windows\system32\jscript9.dll
2013-05-30 15:16:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-05-30 15:16:59 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-05-30 15:16:59 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-05-30 15:16:59 ----A---- C:\Windows\system32\wininet.dll
2013-05-30 15:16:59 ----A---- C:\Windows\system32\vbscript.dll
2013-05-30 15:16:59 ----A---- C:\Windows\system32\jsproxy.dll
2013-05-30 15:16:59 ----A---- C:\Windows\system32\jscript.dll
2013-05-30 15:16:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-05-30 15:16:55 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-05-30 15:16:55 ----A---- C:\Windows\system32\ieframe.dll
2013-05-30 15:14:58 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-05-30 15:14:58 ----A---- C:\Windows\system32\Wpc.dll
2013-05-30 15:14:58 ----A---- C:\Windows\system32\gameux.dll
2013-05-30 15:14:57 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-05-30 15:14:42 ----A---- C:\Windows\system32\KernelBase.dll
2013-05-30 15:14:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-05-30 15:14:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-05-30 15:14:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-05-30 15:14:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-05-30 15:14:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-05-30 15:14:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-05-30 15:14:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-05-30 15:14:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-05-30 15:14:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-05-30 15:14:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-05-30 15:14:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-05-30 15:14:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-05-30 15:14:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-05-30 15:14:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-05-30 15:14:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-05-30 15:14:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-05-30 15:14:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-05-30 15:14:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-05-30 15:14:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-05-30 15:14:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-05-30 15:14:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-05-30 15:14:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-05-30 15:14:41 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-05-30 15:14:41 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-05-30 15:14:41 ----A---- C:\Windows\system32\wow64win.dll
2013-05-30 15:14:41 ----A---- C:\Windows\system32\wow64.dll
2013-05-30 15:14:41 ----A---- C:\Windows\system32\kernel32.dll
2013-05-30 15:14:41 ----A---- C:\Windows\system32\conhost.exe
2013-05-30 15:14:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-05-30 15:14:40 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-05-30 15:14:40 ----A---- C:\Windows\system32\wow64cpu.dll
2013-05-30 15:14:40 ----A---- C:\Windows\system32\ntvdm64.dll
2013-05-30 15:14:39 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-05-30 15:14:39 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-05-30 15:13:20 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-05-30 15:13:20 ----A---- C:\Windows\system32\drivers\netio.sys
2013-05-30 15:13:19 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-05-30 15:13:16 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-05-30 15:13:02 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-05-30 15:13:02 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-05-30 15:13:02 ----A---- C:\Windows\system32\winsrv.dll
2013-05-30 15:13:01 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-05-30 15:13:01 ----A---- C:\Windows\SYSWOW64\user.exe
2013-05-30 15:13:01 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-05-30 15:12:52 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-05-30 15:12:52 ----A---- C:\Windows\system32\tzres.dll
2013-05-30 15:12:44 ----A---- C:\Windows\system32\mstscax.dll
2013-05-30 15:12:43 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-05-30 15:12:43 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-05-30 15:12:43 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-05-30 15:12:43 ----A---- C:\Windows\system32\tsgqec.dll
2013-05-30 15:12:43 ----A---- C:\Windows\system32\aaclient.dll
2013-05-30 15:12:36 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2013-05-30 15:12:36 ----A---- C:\Windows\SYSWOW64\netevent.dll
2013-05-30 15:12:36 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2013-05-30 15:12:36 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2013-05-30 15:12:36 ----A---- C:\Windows\system32\nlasvc.dll
2013-05-30 15:12:36 ----A---- C:\Windows\system32\nlaapi.dll
2013-05-30 15:12:36 ----A---- C:\Windows\system32\netevent.dll
2013-05-30 15:12:36 ----A---- C:\Windows\system32\netcorehc.dll
2013-05-30 15:12:36 ----A---- C:\Windows\system32\ncsi.dll
2013-05-30 15:12:36 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-05-30 15:12:36 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-05-30 15:12:29 ----A---- C:\Windows\system32\shell32.dll
2013-05-30 15:12:28 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-05-30 15:12:28 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-05-30 15:12:28 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-05-30 15:12:28 ----A---- C:\Windows\system32\shdocvw.dll
2013-05-30 15:12:28 ----A---- C:\Windows\system32\consent.exe
2013-05-30 15:12:28 ----A---- C:\Windows\system32\authui.dll
2013-05-30 15:12:28 ----A---- C:\Windows\system32\appinfo.dll
2013-05-30 15:12:21 ----A---- C:\Windows\system32\OxpsConverter.exe
2013-05-30 15:12:18 ----A---- C:\Windows\system32\msxml6.dll
2013-05-30 15:12:18 ----A---- C:\Windows\system32\msxml3.dll
2013-05-30 15:12:17 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-05-30 15:12:17 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-05-30 15:12:16 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2013-05-30 15:12:16 ----A---- C:\Windows\SYSWOW64\browcli.dll
2013-05-30 15:12:16 ----A---- C:\Windows\system32\netapi32.dll
2013-05-30 15:12:16 ----A---- C:\Windows\system32\browser.dll
2013-05-30 15:12:16 ----A---- C:\Windows\system32\browcli.dll
2013-05-30 15:12:14 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2013-05-30 15:12:14 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2013-05-30 15:12:14 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-05-30 15:12:14 ----A---- C:\Windows\system32\dhcpcore6.dll
2013-05-30 15:12:11 ----A---- C:\Windows\system32\drivers\ndis.sys
2013-05-30 15:12:10 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2013-05-30 15:12:09 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2013-05-30 15:12:09 ----A---- C:\Windows\system32\kerberos.dll
2013-05-30 15:12:08 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-05-30 15:12:08 ----A---- C:\Windows\system32\win32spl.dll
2013-05-30 15:12:08 ----A---- C:\Windows\system32\usp10.dll
2013-05-30 15:12:07 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-05-30 15:12:06 ----A---- C:\Windows\SYSWOW64\srclient.dll
2013-05-30 15:12:06 ----A---- C:\Windows\system32\srcore.dll
2013-05-30 15:12:02 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-05-30 15:12:02 ----A---- C:\Windows\system32\ncrypt.dll
2013-05-30 15:12:01 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-05-30 15:12:01 ----A---- C:\Windows\system32\wintrust.dll
2013-05-30 15:11:58 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-05-30 15:11:57 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-05-30 15:11:57 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-05-30 15:11:57 ----A---- C:\Windows\system32\cdd.dll
2013-05-30 15:11:56 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2013-05-30 15:11:56 ----A---- C:\Windows\system32\dpnet.dll
2013-05-30 15:11:54 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-05-30 15:11:53 ----A---- C:\Windows\system32\wwansvc.dll
2013-05-30 15:11:53 ----A---- C:\Windows\system32\wwanprotdim.dll
2013-05-30 15:11:53 ----A---- C:\Windows\system32\taskhost.exe
2013-05-30 15:11:52 ----A---- C:\Windows\SYSWOW64\synceng.dll
2013-05-30 15:11:52 ----A---- C:\Windows\system32\synceng.dll
2013-05-30 15:11:45 ----A---- C:\Windows\system32\win32k.sys
2013-05-30 15:11:43 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-05-30 15:11:42 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-05-30 15:11:41 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-05-30 15:11:41 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-05-30 15:11:41 ----A---- C:\Windows\system32\smss.exe
2013-05-30 15:11:41 ----A---- C:\Windows\system32\csrsrv.dll
2013-05-30 15:11:38 ----A---- C:\Windows\system32\localspl.dll
2013-05-30 15:11:32 ----A---- C:\Windows\system32\crypt32.dll
2013-05-30 15:11:31 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-05-30 15:11:31 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-05-30 15:11:31 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-05-30 15:11:31 ----A---- C:\Windows\system32\cryptsvc.dll
2013-05-30 15:11:31 ----A---- C:\Windows\system32\cryptnet.dll
2013-05-30 15:03:47 ----A---- C:\Windows\system32\spoolsv.exe
2013-05-30 15:03:47 ----A---- C:\Windows\splwow64.exe
2013-05-29 18:09:20 ----D---- C:\Users\Psyhcodelic\AppData\Roaming\XUSSoft
2013-05-29 15:15:36 ----D---- C:\Users\Psyhcodelic\AppData\Roaming\Opera
2013-05-29 15:15:27 ----D---- C:\Program Files (x86)\Opera
2013-05-28 21:46:18 ----D---- C:\Users\Psyhcodelic\AppData\Roaming\Google
2013-05-23 19:25:27 ----D---- C:\Users\Psyhcodelic\AppData\Roaming\Avira
2013-05-23 19:21:03 ----A---- C:\Windows\system32\drivers\avnetflt.sys
2013-05-23 19:19:55 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2013-05-23 19:19:55 ----A---- C:\Windows\system32\drivers\avipbb.sys
2013-05-23 19:19:55 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2013-05-23 19:19:49 ----D---- C:\ProgramData\Avira
2013-05-23 19:19:49 ----D---- C:\Program Files (x86)\Avira
2013-05-23 18:58:22 ----D---- C:\Program Files\Common Files\Adobe
2013-05-23 18:57:37 ----D---- C:\Program Files\Adobe
2013-05-23 14:58:43 ----D---- C:\Users\Psyhcodelic\AppData\Roaming\Apple Computer
2013-05-22 21:13:50 ----D---- C:\Program Files (x86)\CR2 Converter
2013-05-22 14:04:23 ----D---- C:\ProgramData\Apple Computer
2013-05-22 14:04:23 ----D---- C:\Program Files (x86)\QuickTime
2013-05-22 14:04:01 ----D---- C:\ProgramData\Apple
2013-05-22 14:04:01 ----D---- C:\Program Files (x86)\Apple Software Update
2013-05-22 13:54:51 ----D---- C:\Users\Psyhcodelic\AppData\Roaming\Publish Providers
2013-05-21 22:04:55 ----D---- C:\Users\Psyhcodelic\AppData\Roaming\Xfire
2013-05-21 22:04:50 ----D---- C:\ProgramData\Xfire
2013-05-21 22:04:50 ----D---- C:\Program Files (x86)\Xfire2
2013-05-20 03:52:41 ----D---- C:\T3Fun
2013-05-20 02:39:25 ----D---- C:\ProgramData\PMB Files
2013-05-20 02:39:15 ----D---- C:\Program Files (x86)\Pando Networks
2013-05-20 00:12:36 ----D---- C:\Program Files (x86)\Ask.com
2013-05-19 23:11:44 ----D---- C:\Fraps
2013-05-16 22:28:13 ----D---- C:\Program Files\Rainmeter
2013-05-16 22:28:07 ----D---- C:\ProgramData\Package Cache
2013-05-16 22:19:48 ----D---- C:\Users\Psyhcodelic\AppData\Roaming\Rainmeter
2013-05-16 20:36:42 ----D---- C:\Program Files (x86)\Halo Combat Evolved
2013-05-15 15:56:11 ----D---- C:\fastboot
2013-05-14 18:59:03 ----D---- C:\Users\Psyhcodelic\AppData\Roaming\Leadertech
2013-05-14 18:55:00 ----D---- C:\Program Files (x86)\EA Sports
2013-05-13 22:33:39 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2013-05-13 22:33:22 ----D---- C:\Windows\PCHEALTH
2013-05-13 22:33:22 ----D---- C:\Program Files (x86)\Microsoft Sync Framework
2013-05-13 22:33:22 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-05-13 22:32:03 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2013-05-13 22:31:50 ----D---- C:\Program Files\Microsoft Office
2013-05-13 22:31:40 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2013-05-13 22:31:16 ----D---- C:\Program Files (x86)\Microsoft Office
2013-05-13 22:31:15 ----D---- C:\ProgramData\Microsoft Help
2013-05-13 22:30:55 ----RHD---- C:\MSOCache
2013-05-13 21:16:04 ----D---- C:\Users\Psyhcodelic\AppData\Roaming\LibreOffice
2013-05-13 21:12:33 ----D---- C:\Program Files (x86)\LibreOffice 4.0
2013-05-13 21:05:04 ----D---- C:\ProgramData\id Software
2013-05-13 20:18:33 ----D---- C:\Windows\SYSWOW64\directx
2013-05-13 18:35:36 ----D---- C:\ProgramData\WarThunder
2013-05-13 18:34:55 ----D---- C:\Program Files (x86)\War Thunder
2013-05-13 17:41:40 ----D---- C:\Users\Psyhcodelic\AppData\Roaming\Trillian

======List of files/folders modified in the last 1 month======

2013-06-10 19:00:55 ----D---- C:\Windows\Temp
2013-06-10 19:00:51 ----RD---- C:\Program Files
2013-06-10 19:00:51 ----D---- C:\Users\Psyhcodelic\AppData\Roaming\Skype
2013-06-10 18:51:48 ----D---- C:\Windows\system32\config
2013-06-10 18:39:52 ----D---- C:\Users\Psyhcodelic\AppData\Roaming\uTorrent
2013-06-10 16:09:04 ----SHD---- C:\Windows\Installer
2013-06-10 16:09:04 ----SHD---- C:\Config.Msi
2013-06-10 16:08:21 ----D---- C:\Windows\system32\drivers
2013-06-10 16:08:21 ----D---- C:\Windows\system32\catroot
2013-06-10 16:08:21 ----D---- C:\Windows\inf
2013-06-10 16:08:20 ----D---- C:\Windows\system32\DriverStore
2013-06-10 16:08:17 ----RD---- C:\Program Files (x86)
2013-06-10 16:05:15 ----D---- C:\Windows\System32
2013-06-10 16:05:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-06-09 22:12:54 ----SHD---- C:\System Volume Information
2013-06-06 22:14:19 ----D---- C:\Program Files (x86)\Adobe
2013-06-06 22:11:16 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2013-06-06 21:57:16 ----D---- C:\Users\Psyhcodelic\AppData\Roaming\Adobe
2013-06-06 21:54:58 ----D---- C:\ProgramData\Adobe
2013-06-06 21:54:07 ----D---- C:\Windows\winsxs
2013-06-06 21:52:58 ----D---- C:\Windows\SysWOW64
2013-06-06 18:42:42 ----RSD---- C:\Windows\Fonts
2013-06-05 21:49:08 ----D---- C:\Windows
2013-06-05 19:36:58 ----D---- C:\Windows\Prefetch
2013-06-05 19:36:55 ----HD---- C:\ProgramData
2013-06-05 19:36:53 ----D---- C:\ProgramData\AMD
2013-06-05 19:36:06 ----D---- C:\Program Files\ATI Technologies
2013-06-05 19:33:24 ----D---- C:\Windows\system32\catroot2
2013-06-05 17:14:08 ----A---- C:\Windows\SYSWOW64\certsentry.dll
2013-06-05 17:14:08 ----A---- C:\Windows\system32\certsentry.dll
2013-06-05 17:14:03 ----D---- C:\Program Files (x86)\Comodo
2013-06-05 15:22:57 ----SD---- C:\Users\Psyhcodelic\AppData\Roaming\Microsoft
2013-06-05 03:14:19 ----D---- C:\Windows\rescache
2013-06-03 16:49:17 ----D---- C:\Program Files (x86)\Common Files
2013-06-03 04:48:23 ----D---- C:\Windows\Microsoft.NET
2013-06-03 04:47:56 ----RSD---- C:\Windows\assembly
2013-06-03 03:20:56 ----D---- C:\Users\Psyhcodelic\AppData\Roaming\Ahead
2013-05-31 01:11:28 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-05-31 01:11:28 ----D---- C:\Windows\system32\cs-CZ
2013-05-31 01:11:27 ----D---- C:\Windows\AppPatch
2013-05-31 01:11:23 ----D---- C:\Windows\system32\wbem
2013-05-31 01:11:23 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-05-31 01:11:21 ----D---- C:\Windows\SYSWOW64\migration
2013-05-31 01:11:21 ----D---- C:\Windows\system32\migration
2013-05-31 01:11:11 ----D---- C:\Program Files (x86)\Internet Explorer
2013-05-31 01:11:08 ----D---- C:\Program Files\Internet Explorer
2013-05-30 17:40:27 ----D---- C:\Windows\system32\oobe
2013-05-30 15:48:56 ----D---- C:\ProgramData\Google
2013-05-29 18:43:40 ----D---- C:\Windows\Logs
2013-05-29 16:13:09 ----D---- C:\Users\Psyhcodelic\AppData\Roaming\Mikrotik
2013-05-29 15:20:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-05-28 16:51:39 ----RD---- C:\Program Files (x86)\Skype
2013-05-28 16:51:39 ----D---- C:\ProgramData\Skype
2013-05-23 18:58:22 ----D---- C:\Program Files\Common Files
2013-05-23 15:28:40 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-05-22 13:54:48 ----D---- C:\Users\Psyhcodelic\AppData\Roaming\Sony
2013-05-22 13:38:17 ----D---- C:\Program Files\Sony
2013-05-21 22:23:45 ----D---- C:\Windows\LiveKernelReports
2013-05-20 00:12:37 ----D---- C:\Windows\system32\Tasks
2013-05-15 20:52:41 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2013-05-13 22:34:02 ----D---- C:\Windows\ShellNew
2013-05-13 22:33:53 ----D---- C:\Program Files (x86)\MSBuild
2013-05-13 22:33:22 ----SD---- C:\ProgramData\Microsoft
2013-05-13 22:33:22 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-05-13 22:32:22 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-05-13 22:31:47 ----A---- C:\Windows\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2013-05-09 272480]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-05-23 130016]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-05-23 28600]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2012-03-11 577824]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2012-03-11 43248]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-09-03 283200]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2012-02-03 93200]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2013-04-12 237840]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2013-04-12 120080]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-05-23 100712]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-11-16 359936]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-03-27 4015592]
R3 kvnet;Kerio Virtual Network Adapter; C:\Windows\system32\DRIVERS\kvnet.sys [2009-03-23 30208]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-11-30 412264]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2013-04-12 131856]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2013-04-12 146704]
S3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-06 125456]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 11922944]
S3 cpuz135;cpuz135; \??\C:\Users\PSYHCO~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-05-21 99384]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys []
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys []
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys []
S3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys []
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys []
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys []
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-12-21 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-12-21 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-12-21 161280]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 XFDriver64;XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [2013-03-14 17160]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-11-16 238080]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-05-23 110816]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-05-23 86752]
R2 CLPSLS;COMODO livePCsupport Service; C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-11-23 1267000]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-03-11 2815496]
R2 DisplayFusionService;DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [2013-04-26 1498000]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2013-06-04 2095752]
R2 KVPNCSvc;Kerio VPN Client Service; C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe [2010-03-02 972648]
R2 OS Selector;Acronis OS Selector activator; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2010-09-29 2139400]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2011-12-21 578264]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-04-28 76888]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-05-14 3289208]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-09 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-05-03 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-29 256904]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-09 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-06-03 1255736]

-----------------EOF-----------------

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Prohledat
• Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

log tu

# AdwCleaner v2.303 - Log vytvooen 10/06/2013 v 20:49:28
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Psyhcodelic - TROLOLO
# Spuštin systém : Normální
# Spuštino z : C:\Users\Psyhcodelic\Desktop\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Program Files (x86)\Ask.com
Složka Nalezeno : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Složka Nalezeno : C:\Program Files (x86)\OApps
Složka Nalezeno : C:\ProgramData\Babylon
Složka Nalezeno : C:\ProgramData\boost_interprocess
Složka Nalezeno : C:\Users\PSYHCO~1\AppData\Local\Temp\AskSearch
Složka Nalezeno : C:\Users\PSYHCO~1\AppData\Local\Temp\BabylonToolbar
Složka Nalezeno : C:\Users\Psyhcodelic\AppData\Local\APN
Složka Nalezeno : C:\Users\Psyhcodelic\AppData\LocalLow\AskToolbar
Složka Nalezeno : C:\Users\Psyhcodelic\AppData\Roaming\dvdvideosoftiehelpers
Složka Nalezeno : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Soubor Nalezeno : C:\user.js
Soubor Nalezeno : C:\Users\PSYHCO~1\AppData\Local\Temp\Uninstall.exe

***** [Registry] *****

Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Klíe Nalezeno : HKCU\Software\APN
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\AskToolbar
Klíe Nalezeno : HKCU\Software\Ask.com
Klíe Nalezeno : HKCU\Software\BabylonToolbar
Klíe Nalezeno : HKCU\Software\InstallCore
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Klíe Nalezeno : HKCU\Software\PIP
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKLM\Software\APN
Klíe Nalezeno : HKLM\Software\AskToolbar
Klíe Nalezeno : HKLM\Software\Babylon
Klíe Nalezeno : HKLM\Software\BabylonToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\b
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Klíe Nalezeno : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Klíe Nalezeno : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\escort.escortIEPane
Klíe Nalezeno : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Klíe Nalezeno : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Klíe Nalezeno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Klíe Nalezeno : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Klíe Nalezeno : HKU\S-1-5-21-2857271893-2709921192-1482975336-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v9.0.8112.16483

[OK] Registry jsou eisté.

-\\ Google Chrome v27.0.1453.110

Soubor : C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

-\\ Opera v12.15.1748.0

Soubor : C:\Users\Psyhcodelic\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [12260 octets] - [10/06/2013 20:49:28]

########## EOF - C:\AdwCleaner[R1].txt - [12321 octets] ##########

Vasi zadost o prijeti do nasi male skolky pdo budouci radce (skupina Novacek) byla zamitnuta - zrejme jste vuuubec necetl informacni thread o skolce

Spustte znovu AdwCleaner

• Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Smazat
• PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

Moc se omlouvám,
moje chyba

# AdwCleaner v2.303 - Log vytvooen 10/06/2013 v 21:03:25
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Psyhcodelic - TROLOLO
# Spuštin systém : Normální
# Spuštino z : C:\Users\Psyhcodelic\Desktop\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Vymazáno : C:\Program Files (x86)\Ask.com
Složka Vymazáno : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Složka Vymazáno : C:\Program Files (x86)\OApps
Složka Vymazáno : C:\ProgramData\Babylon
Složka Vymazáno : C:\ProgramData\boost_interprocess
Složka Vymazáno : C:\Users\PSYHCO~1\AppData\Local\Temp\AskSearch
Složka Vymazáno : C:\Users\PSYHCO~1\AppData\Local\Temp\BabylonToolbar
Složka Vymazáno : C:\Users\Psyhcodelic\AppData\Local\APN
Složka Vymazáno : C:\Users\Psyhcodelic\AppData\LocalLow\AskToolbar
Složka Vymazáno : C:\Users\Psyhcodelic\AppData\Roaming\dvdvideosoftiehelpers
Složka Vymazáno : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Soubor Vymazáno : C:\user.js
Soubor Vymazáno : C:\Users\PSYHCO~1\AppData\Local\Temp\Uninstall.exe

***** [Registry] *****

Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Hodnota Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Hodnota Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Klíe Vymazáno : HKCU\Software\APN
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\AskToolbar
Klíe Vymazáno : HKCU\Software\Ask.com
Klíe Vymazáno : HKCU\Software\BabylonToolbar
Klíe Vymazáno : HKCU\Software\InstallCore
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Klíe Vymazáno : HKCU\Software\PIP
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Vymazáno : HKLM\Software\APN
Klíe Vymazáno : HKLM\Software\AskToolbar
Klíe Vymazáno : HKLM\Software\Babylon
Klíe Vymazáno : HKLM\Software\BabylonToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\b
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Klíe Vymazáno : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Klíe Vymazáno : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\escort.escortIEPane
Klíe Vymazáno : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Klíe Vymazáno : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Klíe Vymazáno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Klíe Vymazáno : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Klíe Vymazáno : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v9.0.8112.16483

[OK] Registry jsou eisté.

-\\ Google Chrome v27.0.1453.110

Soubor : C:\Users\Psyhcodelic\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

-\\ Opera v12.15.1748.0

Soubor : C:\Users\Psyhcodelic\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [12345 octets] - [10/06/2013 20:49:28]
AdwCleaner[S1].txt - [12162 octets] - [10/06/2013 21:03:25]

########## EOF - C:\AdwCleaner[S1].txt - [12223 octets] ##########

Pro vas zbytecne zkomplikovana cesta pri pripadnem dalsim podani zadosti, pro me to byly tri kliknuti navic

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222

• Provedte aktualizaci
• Provedte uplny sken - nic nemazte
• MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

tak konečně log:

Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org

Database version: v2013.06.10.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Psyhcodelic :: "username" [administrator]

10.6.2013 21:43:19
MBAM-log-2013-06-10 (22-47-46).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 372452
Time elapsed: 1 hour(s), 3 minute(s), 34 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\$Recycle.Bin\S-1-5-21-2857271893-2709921192-1482975336-1001\$R5WFID3.exe (RiskWare.Tool.HCK) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-2857271893-2709921192-1482975336-1001\$RHQB9GK.exe (Trojan.Agent.CK) -> No action taken.
C:\Program Files (x86)\Adobe\Adobe Audition CS6\amtlib.dll (PUP.RiskwareTool.CK) -> No action taken.
C:\Users\Psyhcodelic\Dropbox\Outlook LAN Messenger 5.0.2 for Windows.rar (RiskWare.Tool.CK) -> No action taken.

(end)

Nalezy MBAMu smazte, objevi se log, ten rad uvidim

log zde

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.06.10.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Psyhcodelic :: TROLOLO [administrator]

11.6.2013 18:38:12
mbam-log-2013-06-11 (18-38-12).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 374925
Time elapsed: 1 hour(s), 2 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\$Recycle.Bin\S-1-5-21-2857271893-2709921192-1482975336-1001\$R5WFID3.exe (RiskWare.Tool.HCK) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-2857271893-2709921192-1482975336-1001\$RHQB9GK.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Adobe\Adobe Audition CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
C:\Users\Psyhcodelic\Dropbox\Outlook LAN Messenger 5.0.2 for Windows.rar (RiskWare.Tool.CK) -> Quarantined and deleted successfully.

(end)

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane

  Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill iExplore.exe:
  http://download.bleepingcomputer.com/gr ... xplore.exe
  
  Rkill uSeRiNiT.exe:
  http://download.bleepingcomputer.com/gr ... eRiNiT.exe
  
  Rkill WiNlOgOn.exe:
  http://download.bleepingcomputer.com/gr ... NlOgOn.exe

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• Na plose vznikne log Rkill.txt ten mi sem vlozte
• Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

rkill.. a jdu na CF

Rkill 2.5.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 06/11/2013 08:56:58 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\Psyhcodelic\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe (PID: 2032) [UP-HEUR]

1 proccess terminated!

Possibly Patched Files.

* C:\Windows\Explorer.EXE

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Psyhcodelic\Desktop\rkill\rkill-06-11-2013-08-57-20.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* C:\Windows\System32\UxTheme.dll [NoSig]
+-> C:\Windows\SysWOW64\uxtheme.dll : 245 760 : 07/14/2009 00:11 AM : 43964fa89ccf97ba6be34d69455ac65f [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_01d98c7b2040a1b9\uxtheme.dll : 332 288 : 07/14/2009 00:41 AM : d29e998e8277666982b4f0303bf4e7af [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_0c2e36cd54a163b4\uxtheme.dll : 245 760 : 07/14/2009 00:11 AM : 43964fa89ccf97ba6be34d69455ac65f [Pos Repl]

* C:\Windows\explorer.exe [NoSig]
+-> C:\Windows\SysWOW64\explorer.exe : 2 616 320 : 02/25/2011 00:30 AM : 8b88ebbb05a0e56b7dcc708498c02b3e [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe : 2 868 224 : 07/14/2009 00:39 AM : c235a51cb740e45ffa0ebfb9bafcda64 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe : 2 868 224 : 08/03/2009 00:17 AM : f170b4a061c9e026437b193b4d571799 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe : 2 870 272 : 10/31/2009 00:34 AM : 9aaaec8dac27aa17b053e6352ad233ae [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe : 2 870 272 : 02/26/2011 00:23 AM : 0862495e0c825893db75ef44faea8e93 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe : 2 868 224 : 08/03/2009 00:19 AM : 700073016dac1c3d2e7e2ce4223334b6 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe : 2 870 272 : 10/31/2009 00:38 AM : b8ec4bd49ce8f6fc457721bfc210b67f [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe : 2 870 784 : 02/26/2011 00:26 AM : e38899074d4951d31b4040e994dd7c8d [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe : 2 872 320 : 11/20/2010 02:24 PM : ac4c51eb24aa95b77f705ab159189e24 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe : 2 871 808 : 02/25/2011 02:19 AM : 332feab1435662fc6c672e25beb37be3 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe : 2 871 808 : 02/26/2011 02:14 AM : 3b69712041f3d63605529bd66dc00c48 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe : 2 613 248 : 07/14/2009 02:14 AM : 15bc38a7492befe831966adb477cf76f [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe : 2 613 248 : 08/03/2009 02:35 AM : b95eeb0f4e5efbf1038a35b3351cf047 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe : 2 614 272 : 10/31/2009 02:45 AM : 2626fc9755be22f805d3cfa0ce3ee727 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe : 2 614 784 : 02/26/2011 02:33 AM : 2af58d15edc06ec6fdacce1f19482bbf [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe : 2 613 248 : 08/03/2009 02:49 AM : 9ff6c4c91a3711c0a3b18f87b08b518d [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe : 2 614 272 : 10/31/2009 02:00 AM : c76153c7eca00fa852bb0c193378f917 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe : 2 614 784 : 02/26/2011 02:51 AM : 255cf508d7cfb10e0794d6ac93280bd8 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe : 2 616 320 : 11/20/2010 01:17 PM : 40d777b7a95e00593eb1568c68514493 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe : 2 616 320 : 02/25/2011 01:30 AM : 8b88ebbb05a0e56b7dcc708498c02b3e [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe : 2 616 320 : 02/26/2011 01:19 AM : 0fb9c74046656d1579a64660ad67b746 [Pos Repl]

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions could not be fixed. Use Hosts-perm.bat to fix permissions: http://www.bleepingcomputer.com/download/hosts-permbat/

Program finished at: 06/11/2013 08:58:02 PM
Execution time: 0 hours(s), 1 minute(s), and 3 seconds(s)

OK, pockam si na log z ComboFixu

tak CF mi oddělal kompletně registry...
nespustím teďka na PC vůbec nic....
super
log....

ComboFix 13-06-08.02 - Psyhcodelic 11.06.2013 21:02:39.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4094.2667 [GMT 2:00]
Spuštìný z: c:\users\Psyhcodelic\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
FW: COMODO Firewall *Disabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvoøen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\DefaultTab
c:\program files (x86)\DefaultTab\DefaultTab.crx
c:\program files (x86)\DefaultTab\DefaultTabSearch.exe
c:\program files (x86)\DefaultTab\uid
c:\users\Psyhcodelic\AppData\Roaming\DefaultTab\DefaultTab
c:\users\Psyhcodelic\AppData\Roaming\DefaultTab\DefaultTab\addon.ico
c:\users\Psyhcodelic\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.cfg
c:\users\Psyhcodelic\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
c:\users\Psyhcodelic\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart.exe
c:\users\Psyhcodelic\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart64.exe
c:\users\Psyhcodelic\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabUninstaller.exe
c:\users\Psyhcodelic\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap.dll
c:\users\Psyhcodelic\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap64.dll
c:\users\Psyhcodelic\AppData\Roaming\DefaultTab\DefaultTab\DT.ico
c:\users\Psyhcodelic\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
c:\users\Psyhcodelic\AppData\Roaming\DefaultTab\DefaultTab\searchhere.ico
c:\users\Psyhcodelic\AppData\Roaming\DefaultTab\DefaultTab\uninstalldt.exe
c:\windows\SysWow64\frapsvid.dll
c:\windows\SysWow64\muzapp.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladaèe/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_DefaultTabSearch
-------\Service_DefaultTabUpdate
-------\Service_DefaultTabUpdate
.
.
((((((((((((((((((((((((( Soubory vytvoøené od 2013-05-11 do 2013-06-11 )))))))))))))))))))))))))))))))
.
.
2013-06-10 21:26 . 2013-06-10 21:26 -------- d-----w- c:\program files (x86)\Microsoft Works
2013-06-10 21:25 . 2013-06-10 21:25 -------- d-----w- c:\windows\PCHEALTH
2013-06-10 21:23 . 2013-06-10 21:23 -------- d-----w- c:\program files\Microsoft Office
2013-06-10 21:23 . 2013-06-10 21:23 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2013-06-10 21:22 . 2013-06-10 21:22 -------- d-----r- C:\MSOCache
2013-06-10 20:52 . 2013-06-10 20:52 -------- d-----w- c:\users\Psyhcodelic\AppData\Local\TNT2
2013-06-10 20:52 . 2013-06-11 19:08 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\DefaultTab
2013-06-10 19:20 . 2013-06-10 19:20 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\Malwarebytes
2013-06-10 19:20 . 2013-06-10 19:20 -------- d-----w- c:\programdata\Malwarebytes
2013-06-10 19:20 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-10 19:20 . 2013-06-10 19:20 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-06-10 18:21 . 2013-06-10 18:22 0 ----a-w- c:\program files (x86)\CL.5.0.2705.24349__YUC121219-03.tmp
2013-06-10 18:21 . 2013-06-10 18:21 -------- d-----w- c:\programdata\CyberLink
2013-06-10 18:17 . 2013-06-10 18:17 -------- d-----w- c:\program files (x86)\Bandicam
2013-06-10 18:16 . 2013-06-10 18:17 -------- d-----w- c:\program files (x86)\BandiMPEG1
2013-06-10 17:00 . 2013-06-10 17:01 -------- d-----w- C:\rsit
2013-06-10 17:00 . 2013-06-10 17:01 -------- d-----w- c:\program files\trend micro
2013-06-10 15:01 . 2013-06-10 15:09 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\.technic
2013-06-10 14:39 . 2013-06-10 14:41 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\.minecraft
2013-06-10 14:09 . 2013-06-10 14:09 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\Kerio
2013-06-10 14:08 . 2013-06-10 14:08 -------- d-----w- c:\program files (x86)\Kerio
2013-06-05 18:45 . 2013-06-05 18:51 -------- d-----w- c:\users\Psyhcodelic\VirtualBox VMs
2013-06-05 18:40 . 2013-06-05 18:51 -------- d-----w- c:\users\Psyhcodelic\.VirtualBox
2013-06-05 18:37 . 2013-04-12 09:41 237840 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2013-06-05 18:36 . 2013-04-12 09:40 120080 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2013-06-05 18:36 . 2013-06-05 18:37 -------- dc----w- c:\windows\system32\DRVSTORE
2013-06-05 18:36 . 2013-06-05 18:36 -------- d-----w- c:\program files\Oracle
2013-06-05 17:36 . 2013-06-05 17:36 -------- d-----w- c:\programdata\ATI
2013-06-05 17:36 . 2013-06-05 17:36 -------- d-----w- c:\program files (x86)\AMD AVT
2013-06-05 17:36 . 2013-06-05 17:36 -------- d-----w- c:\program files (x86)\AMD APP
2013-06-05 12:50 . 2013-06-05 12:50 -------- d-----w- c:\program files (x86)\FinalWire
2013-06-05 12:46 . 2013-06-05 12:50 -------- d-----w- c:\program files\PeerBlock
2013-06-04 18:39 . 2013-06-04 19:00 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\TeamViewer
2013-06-04 15:14 . 2013-06-04 15:14 -------- d-sh--w- c:\users\Psyhcodelic\AppData\Roaming\Common
2013-06-04 15:13 . 2013-06-04 23:50 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\DisplayFusion
2013-06-04 15:13 . 2013-06-04 15:13 -------- d-----w- c:\programdata\Binary Fortress Software
2013-06-04 15:13 . 2013-06-04 15:13 -------- d-----w- c:\program files (x86)\DisplayFusion
2013-06-04 00:40 . 2013-06-11 17:43 -------- d-----r- c:\users\Psyhcodelic\Dropbox
2013-06-04 00:33 . 2013-06-11 17:43 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\Dropbox
2013-06-03 18:12 . 2013-06-03 18:12 -------- d-----w- c:\program files (x86)\T-Mobile
2013-06-03 18:12 . 2013-06-03 18:12 -------- d-----w- c:\programdata\Gemfor
2013-06-03 16:53 . 2013-06-03 16:55 -------- d-----w- C:\videooutput
2013-06-03 16:53 . 2013-06-03 16:53 -------- d-----w- c:\program files (x86)\Smallvideosoft
2013-06-03 16:53 . 2009-06-04 11:17 8676883 ----a-w- c:\windows\SysWow64\NCMedia2.dll
2013-06-03 16:53 . 2009-05-19 16:32 758018 ----a-w- c:\windows\SysWow64\xvidcore.dll
2013-06-03 16:53 . 2008-12-04 19:46 180224 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2013-06-03 16:53 . 2008-10-08 08:16 139264 ----a-w- c:\windows\SysWow64\xvid.ax
2013-06-03 16:46 . 2013-06-03 16:46 -------- d-----w- c:\program files (x86)\FreeTime
2013-06-03 16:32 . 2013-06-03 16:32 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\Tomabo
2013-06-03 14:49 . 2013-06-03 14:49 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-06-03 14:49 . 2013-06-03 14:48 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-03 14:49 . 2013-06-03 14:48 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-03 14:48 . 2013-06-03 14:48 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-03 14:48 . 2013-06-03 14:48 -------- d-----w- c:\program files (x86)\Java
2013-06-02 22:32 . 2013-06-02 22:32 -------- d-----w- c:\program files (x86)\Valve
2013-05-30 15:39 . 2013-05-30 15:39 -------- d-----w- c:\users\Psyhcodelic\AppData\Local\Windows 7 Account Screen Editor
2013-05-30 13:48 . 2013-05-30 13:48 -------- d-----w- c:\program files\Google
2013-05-30 13:41 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2013-05-30 13:41 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-05-30 13:41 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-05-30 13:41 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-05-30 13:20 . 2013-05-05 21:36 17818624 ----a-w- c:\windows\system32\mshtml.dll
2013-05-30 13:20 . 2013-05-05 21:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-30 13:20 . 2013-05-05 19:12 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-05-30 13:19 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-05-30 13:19 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-05-30 13:19 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-05-30 13:19 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-05-30 13:18 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-05-30 13:18 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-05-30 13:18 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-05-30 13:18 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-05-30 13:18 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-05-30 13:18 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-05-30 13:18 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-05-30 13:16 . 2013-04-05 01:00 1392128 ----a-w- c:\windows\system32\wininet.dll
2013-05-30 13:14 . 2012-12-07 13:20 441856 ----a-w- c:\windows\system32\Wpc.dll
2013-05-30 13:13 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-05-30 13:13 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2013-05-30 13:13 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-05-30 13:13 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-05-30 13:13 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-05-30 13:13 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-05-30 13:13 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-05-30 13:13 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-05-30 13:13 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-05-30 13:13 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-05-30 13:11 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-05-30 13:03 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2013-05-30 13:03 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2013-05-29 16:09 . 2013-05-29 16:09 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\XUSSoft
2013-05-29 13:15 . 2013-05-29 13:15 -------- d-----w- c:\users\Psyhcodelic\AppData\Local\Opera
2013-05-29 13:15 . 2013-05-29 13:15 -------- d-----w- c:\program files (x86)\Opera
2013-05-23 17:25 . 2013-05-23 17:25 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\Avira
2013-05-23 17:21 . 2013-05-23 17:21 83160 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-05-23 17:19 . 2013-05-23 17:08 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-05-23 17:19 . 2013-05-23 17:08 130016 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-05-23 17:19 . 2013-05-23 17:08 100712 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-05-23 17:19 . 2013-05-23 17:19 -------- d-----w- c:\programdata\Avira
2013-05-23 17:19 . 2013-05-23 17:19 -------- d-----w- c:\program files (x86)\Avira
2013-05-23 16:58 . 2013-06-06 19:58 -------- d-----w- c:\program files\Common Files\Adobe
2013-05-23 16:57 . 2013-06-06 20:14 -------- d-----w- c:\program files\Adobe
2013-05-23 12:58 . 2013-05-23 12:58 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\Apple Computer
2013-05-22 19:13 . 2013-05-22 19:13 -------- d-----w- c:\program files (x86)\CR2 Converter
2013-05-22 11:54 . 2013-05-22 11:54 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\Publish Providers
2013-05-21 20:04 . 2013-05-22 11:33 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\Xfire
2013-05-21 20:04 . 2013-05-21 20:04 -------- d-----w- c:\program files (x86)\Common Files\Xfire
2013-05-21 20:04 . 2013-05-22 19:52 -------- d-----w- c:\program files (x86)\Xfire2
2013-05-21 20:04 . 2013-05-22 11:35 -------- d-----w- c:\programdata\Xfire
2013-05-20 01:52 . 2013-05-20 01:52 -------- d-----w- C:\T3Fun
2013-05-20 00:39 . 2013-06-11 15:55 -------- d-----w- c:\program files (x86)\Pando Networks
2013-05-20 00:39 . 2013-05-20 00:39 -------- d-----w- c:\users\Psyhcodelic\.swt
2013-05-19 21:11 . 2013-05-19 21:54 -------- d-----w- C:\Fraps
2013-05-16 20:28 . 2013-05-16 20:30 -------- d-----w- c:\program files\Rainmeter
2013-05-16 20:28 . 2013-05-16 20:28 -------- d-----w- c:\programdata\Package Cache
2013-05-16 20:19 . 2013-05-16 20:30 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\Rainmeter
2013-05-16 18:36 . 2013-05-16 18:38 -------- d-----w- c:\program files (x86)\Halo Combat Evolved
2013-05-15 13:56 . 2013-05-15 13:56 -------- d-----w- C:\fastboot
2013-05-14 16:59 . 2013-05-14 16:59 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\Leadertech
2013-05-14 16:55 . 2013-05-14 16:55 -------- d-----w- c:\program files (x86)\EA Sports
2013-05-13 20:31 . 2013-06-05 13:22 -------- d-----w- c:\users\Psyhcodelic\AppData\Local\Microsoft Help
2013-05-13 20:31 . 2013-06-10 21:29 -------- d-----w- c:\programdata\Microsoft Help
2013-05-13 19:16 . 2013-05-13 19:16 -------- d-----w- c:\users\Psyhcodelic\AppData\Roaming\LibreOffice
2013-05-13 19:12 . 2013-05-13 19:13 -------- d-----w- c:\program files (x86)\LibreOffice 4.0
2013-05-13 19:05 . 2013-05-13 19:05 -------- d-----w- c:\programdata\id Software
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-05 15:14 . 2013-04-24 20:42 56072 ----a-w- c:\windows\system32\certsentry.dll
2013-06-05 15:14 . 2013-04-24 20:42 47368 ----a-w- c:\windows\SysWow64\certsentry.dll
2013-05-29 13:20 . 2012-06-03 11:02 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-29 13:20 . 2012-06-03 11:02 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-23 13:28 . 2012-06-03 16:53 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-05-23 13:28 . 2012-06-03 12:53 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-05-23 13:28 . 2012-06-03 12:53 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-05-08 22:13 . 2013-05-08 22:13 272480 ----a-w- c:\windows\system32\drivers\snapman.sys
2013-05-08 18:10 . 2009-07-13 23:55 332288 ----a-w- c:\windows\system32\uxtheme.dll
2013-05-08 18:10 . 2012-06-05 16:00 2851840 ----a-w- c:\windows\system32\themeui.dll
2013-05-08 18:10 . 2009-07-13 23:54 44544 ----a-w- c:\windows\system32\themeservice.dll
2013-05-03 14:15 . 2012-06-03 14:57 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-04-28 18:22 . 2012-06-03 12:53 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-04-13 05:49 . 2013-05-30 13:13 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-30 13:13 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-30 13:13 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-30 13:13 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-30 13:13 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-30 13:13 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 09:41 . 2013-04-12 09:41 131856 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2013-04-12 09:40 . 2013-04-12 09:40 146704 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2013-04-12 09:40 . 2013-04-12 09:40 204048 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2013-04-02 14:09 . 2013-04-02 14:09 4550656 ----a-w- c:\windows\SysWow64\GPhotos.scr
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2011-02-26 . E38899074D4951D31B4040E994DD7C8D . 2870784 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[7] 2011-02-26 . 0862495E0C825893DB75EF44FAEA8E93 . 2870272 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[7] 2011-02-26 . 3B69712041F3D63605529BD66DC00C48 . 2871808 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[7] 2011-02-25 . 332FEAB1435662FC6C672E25BEB37BE3 . 2871808 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[7] 2010-11-20 . AC4C51EB24AA95B77F705AB159189E24 . 2872320 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[7] 2009-10-31 . B8EC4BD49CE8F6FC457721BFC210B67F . 2870272 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[7] 2009-10-31 . 9AAAEC8DAC27AA17B053E6352AD233AE . 2870272 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[7] 2009-08-03 . 700073016DAC1C3D2E7E2CE4223334B6 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[7] 2009-08-03 . F170B4A061C9E026437B193B4D571799 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[-] 2009-07-14 . 3A3B4CBABB583C17C17DE89D6468DACC . 2385408 . . [6.1.7600.16385] .. c:\windows\explorer.exe
[7] 2009-07-14 . C235A51CB740E45FFA0EBFB9BAFCDA64 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
.
(((((((((((((((((((((((((((((((((( Spouštìcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Psyhcodelic\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Psyhcodelic\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Psyhcodelic\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-08-28 3671904]
"DisplayFusion"="c:\program files (x86)\DisplayFusion\DisplayFusion.exe" [2013-04-26 7283072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-05-23 345312]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-11-16 641704]
"Kerio VPN Client"="c:\program files (x86)\Kerio\VPN Client\kvpncgui.exe" [2010-03-02 4986728]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
.
c:\users\Psyhcodelic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Psyhcodelic\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-5-25 27776968]
Fences.lnk - c:\program files (x86)\Stardock\Fences\Fences.exe [2012-10-29 4017368]
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2013-5-12 38072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux5"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
R2 BackupStack;Computer Backup (MyPC Backup);c:\program files (x86)\MyPC Backup\BackupStack.exe;c:\program files (x86)\MyPC Backup\BackupStack.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
R3 cpuz135;cpuz135;c:\users\PSYHCO~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys;c:\users\PSYHCO~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe;c:\program files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 XFDriver64;XFDriver64;c:\program files (x86)\Xfire2\XFDriver64.sys;c:\program files (x86)\Xfire2\XFDriver64.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO GeekBuddy\CLPSLS.exe;c:\program files\COMODO\COMODO GeekBuddy\CLPSLS.exe [x]
S2 DisplayFusionService;DisplayFusionService;c:\program files (x86)\DisplayFusion\DisplayFusionService.exe;c:\program files (x86)\DisplayFusion\DisplayFusionService.exe [x]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [x]
S2 KVPNCSvc;Kerio VPN Client Service;c:\program files (x86)\Kerio\VPN Client\kvpncsvc.exe;c:\program files (x86)\Kerio\VPN Client\kvpncsvc.exe [x]
S2 OS Selector;Acronis OS Selector activator;c:\program files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe;c:\program files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 kvnet;Kerio Virtual Network Adapter;c:\windows\system32\DRIVERS\kvnet.sys;c:\windows\SYSNATIVE\DRIVERS\kvnet.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
--- Ostatní služby/ovladaèe v pamìti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáøe 'Naplánované úlohy'
.
2013-06-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-03 13:20]
.
2013-06-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-09 19:44]
.
2013-06-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-09 19:44]
.
2013-06-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2857271893-2709921192-1482975336-1001Core.job
- c:\users\Psyhcodelic\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-03 11:22]
.
2013-06-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2857271893-2709921192-1482975336-1001UA.job
- c:\users\Psyhcodelic\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-03 11:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Psyhcodelic\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Psyhcodelic\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Psyhcodelic\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Psyhcodelic\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-03-11 9569096]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-03-27 12459112]
"Fences"="c:\program files (x86)\Stardock\Fences\Fences.exe" [2012-10-29 4017368]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2012-10-29 551640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll c:\windows\System32\guard64.dll
.
------- Doplòkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://start.search.us.com/v/2/?guid={429EEC89-1E84-4B8D-8810-C51D9614A484}&serpv=5
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download video on this page - c:\program files (x86)\Tomabo\YouTube Video Downloader\YVD_IEX.dll/300
IE: Download video this links to - c:\program files (x86)\Tomabo\YouTube Video Downloader\YVD_IEX.dll/301
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\Psyhcodelic\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {{B4FECE59-6D0A-4EE6-A07F-E6A94F846E55} - res://c:\program files (x86)\Tomabo\YouTube Video Downloader\YVD_IEX.dll/300
TCP: DhcpNameServer = 192.168.0.12 192.168.0.2
TCP: Interfaces\{66F21A65-FBE5-4A37-A3F9-37C8DC463698}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{8DDE1AE4-40D0-4487-B768-E11376EA5E9D}: NameServer = 8.26.56.26,156.154.70.22
.
- - - - NEPLATNÉ POLOŽKY ODSTRANÌNÉ Z REGISTRU - - - -
.
BHO-{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - (no file)
BHO-{7F6AFBF1-E065-4627-A2FD-810366367D01} - c:\users\Psyhcodelic\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-Driver Genius - (no file)
AddRemove-5513-1208-7298-9440 - c:\program files (x86)\JDownloader\JDUninstall.exe
AddRemove-Bigfoot Networks LagMeter - c:\program files (x86)\Bigfoot Networks\LagMeter\uninstall.exe
AddRemove-Darksiders II_is1 - g:\darksiders ii\unins000.exe
AddRemove-DefaultTab - c:\users\Psyhcodelic\AppData\Roaming\DefaultTab\DefaultTab\uninstalldt.exe
AddRemove-XUS PC Lock Ultimate Edition(x32 & x64)_is1 - c:\program files (x86)\Xussoft\XUS PC Lock\unins000.exe
AddRemove-Youtube Music Downloader_is1 - c:\youtubemusicdownloader\unins000.exe
AddRemove-YouTube Video Downloader_is1 - c:\program files (x86)\Tomabo\YouTube Video Downloader\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍÈE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový èas: 2013-06-11 21:15:29 - poèítaè byl restartován
ComboFix-quarantined-files.txt 2013-06-11 19:15
.
Pøed spuštìním: Volných bajtù: 45 660 168 192
Po spuštìní: Volných bajtù: 46 793 605 120
.
- - End Of File - - 68BDA19A6D6F087B0D5FE60D93F2D8B1
A36C5E4F47E84449FF07ED3517B43A31

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

A ja mezitim napisu docistovaci skript