VIRY.CZ

Preji dobry den z velke britanie.. tady je moc pekne pocasi dnes... nevim jak v cechach
Koukam do procesu... nejaky stjir.exe vidim poprvi,,, nvm 100% ale explorer se zasek a avast zahlasil virus a ja se to snazil zabit ukoncenim ale porad to nabiha zpet
Dale mi naskakuje register optimizer po kazdem spusteni ne ze by to bylo nastavene na to sem se dival...
a nakonec rano mi ve vsech browserech naskocila jina domovska stranaka nez google..
start pocitace trva cim dal tim dele... Na druhou stranu ve windowsech se mi to mozna zda i rychlejsi ale to se mi asi jen zda
Prosim jakehokoli radce aby se podival na muj log... diky

Logfile of random's system information tool 1.09 (written by random/random)
Run by ADMIN at 2013-07-03 10:10:40
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 716 GB (75%) free of 954 GB
Total RAM: 3839 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:11:04 AM, on 7/3/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16611)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Mobile App Sync\D2MClient.exe
C:\Users\ADMIN\AppData\Roaming\WebCake\WebCakeDesktop.exe
C:\Users\ADMIN\AppData\Roaming\Search Protection\SearchProtection.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\jmdp\stij.exe
C:\uzit+\chrome-win32\chrome.exe
C:\uzit+\chrome-win32\chrome.exe
C:\uzit+\chrome-win32\chrome.exe
C:\uzit+\chrome-win32\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\uzit+\chrome-win32\chrome.exe
C:\Program Files\trend micro\ADMIN.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mysearch.sweetpacks.com/?src=10& ... 2C80139263}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://mysearch.sweetpacks.com/?src=10& ... 2C80139263}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O1 - Hosts: 81.0.254.162 L2authd.Lineage2.com
O2 - BHO: WebCake Layers - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files (x86)\WebCake\WebCakeIEClient.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\New folder\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\New folder\bin\jp2ssv.dll
O2 - BHO: Updater By Sweetpacks Helper - {DEDAF650-12B8-48f5-A843-BBA100716106} - C:\Program Files\Updater By Sweetpacks\Extension32.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MobileAppSync] "C:\Program Files (x86)\Mobile App Sync\D2MClient.exe"
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [WebCake Desktop] "C:\Users\ADMIN\AppData\Roaming\WebCake\WebCakeDesktop.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\ADMIN\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [SearchProtection] "C:\Users\ADMIN\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2424735532-840248378-3633617618-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2424735532-840248378-3633617618-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IBUpdaterService - Unknown owner - C:\Windows\system32\dmwu.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mobile Broadband HL Service - Unknown owner - C:\ProgramData\MobileBrServ\mbbservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater By Sweetpacks - Unknown owner - C:\Program Files\Updater By Sweetpacks\ExtensionUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WebCake Desktop Updater - WebCake LLC - C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10579 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\dmwu.exe
"C:\ProgramData\MobileBrServ\mbbservice.exe" -service
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Mobile App Sync\D2MClient.exe"
"C:\Users\ADMIN\AppData\Roaming\WebCake\WebCakeDesktop.exe"
"C:\Users\ADMIN\AppData\Roaming\Search Protection\SearchProtection.exe" /autostart
"C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Updater By Sweetpacks\ExtensionUpdaterService.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe" "C:\Users\ADMIN\AppData\Roaming\WebCake\WebCakeDesktop.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 1444
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c0f74ecb-432a-45aa-8e9a-06c291300901 -SystemEventPortName:HostProcess-ef012778-8392-47bc-8152-439afc7a4113 -IoCancelEventPortName:HostProcess-c74a5de2-057e-4393-8559-2c3b0c839d2d -NonStateChangingEventPortName:HostProcess-bf6c3ce8-d82d-4ee5-9cfd-fbc52ef0bf1b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:fcb5268d-afb4-4267-a5e1-3f6e29df6597 -DeviceGroupId:WpdFsGroup
"C:\Windows\SysWOW64\jmdp\stij.exe"
"C:\uzit+\chrome-win32\chrome.exe"
"C:\uzit+\chrome-win32\chrome.exe" --type=gpu-process --channel="4848.0.1466366482\706938394" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,8,19,21 --gpu-vendor-id=0x10de --gpu-device-id=0x084b --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.2018 --ignored=" --type=renderer " /prefetch:822062411
C:\Windows\System32\svchost.exe -k secsvcs
"C:\uzit+\chrome-win32\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials=CacheSensitivityAnalysis/No/ForceCompositingMode/thread/InfiniteCache/No/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prefetch/ContentPrefetchPrefetchOff/Prerender/PrerenderControl/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLoggedInPredictor/Enabled/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/ --enable-threaded-compositing --disable-html-notifications --channel="4848.4.1157928658\262803524" /prefetch:673131151
"C:\uzit+\chrome-win32\chrome.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll" --lang=en-US --channel="4848.5.2077798813\649419520" /prefetch:-390060480
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
"C:\uzit+\chrome-win32\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials=CacheSensitivityAnalysis/No/ForceCompositingMode/thread/InfiniteCache/No/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prefetch/ContentPrefetchPrefetchOff/Prerender/PrerenderControl/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLoggedInPredictor/Enabled/SpdyCwnd/cwndMin16/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/ --enable-threaded-compositing --disable-html-notifications --channel="4848.8.2087215579\179543988" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 536 540 548 65536 544
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 5F2DBFD0-F66D-F104-BCF3-44D08EB4B69B -Reinvoke
"C:\Users\ADMIN\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Registry Optimizer_DEFAULT.job
C:\Windows\tasks\Registry Optimizer_UPDATES.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-06 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-06-25 254032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DEDAF650-12B8-48f5-A843-BBA100716106}]
Updater By Sweetpacks - C:\Program Files\Updater By Sweetpacks\Extension64.dll [2013-05-29 211288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}]
WebCake - C:\Program Files (x86)\WebCake\WebCakeIEClient.dll [2013-06-07 197912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\New folder\bin\ssv.dll [2013-04-21 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-06 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-06-25 192592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\New folder\bin\jp2ssv.dll [2013-04-21 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DEDAF650-12B8-48f5-A843-BBA100716106}]
Updater By Sweetpacks - C:\Program Files\Updater By Sweetpacks\Extension32.dll [2013-05-29 169304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2013-05-30 1309456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-06 1497560]
{ae07101b-46d4-4a98-af68-0333ea26e113}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-06-25 254032]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-06 1224568]
{ae07101b-46d4-4a98-af68-0333ea26e113}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-06-25 192592]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2013-05-30 1309456]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-05-16 1012000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"MobileAppSync"=C:\Program Files (x86)\Mobile App Sync\D2MClient.exe [2013-05-14 312320]
"RGSC"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]
"WebCake Desktop"=C:\Users\ADMIN\AppData\Roaming\WebCake\WebCakeDesktop.exe [2013-06-07 47896]
"uTorrent"=C:\Users\ADMIN\AppData\Roaming\uTorrent\uTorrent.exe [2013-06-22 1045072]
"SearchProtection"=C:\Users\ADMIN\AppData\Roaming\Search Protection\SearchProtection.EXE [2013-05-22 740712]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2013-04-12 39408]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-06-28 3093624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4StoryPrePatch]
C:\Program Files (x86)\Zemi Interactive\4StoryUS\PrePatch.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2013-06-06 1641896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2013-04-12 39408]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-06 4767304]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-07-03 10:10:40 ----D---- C:\rsit
2013-07-03 10:10:40 ----D---- C:\Program Files\trend micro
2013-07-01 19:53:14 ----D---- C:\Program Files (x86)\Guild Wars 2
2013-06-30 12:08:27 ----D---- C:\Program Files\Updater By Sweetpacks
2013-06-30 12:08:12 ----D---- C:\Program Files (x86)\SweetIM
2013-06-30 12:07:46 ----D---- C:\Windows\SYSWOW64\jmdp
2013-06-30 12:07:46 ----D---- C:\Windows\SYSWOW64\ARFC
2013-06-30 12:07:46 ----A---- C:\Windows\system32\ImHttpComm.dll
2013-06-30 12:07:46 ----A---- C:\Windows\system32\dmwu.exe
2013-06-30 12:07:45 ----D---- C:\Windows\SYSWOW64\WNLT
2013-06-30 12:07:08 ----D---- C:\Program Files (x86)\TornTV.com
2013-06-28 21:10:26 ----D---- C:\ProgramData\PMB Files
2013-06-28 21:08:19 ----D---- C:\Program Files (x86)\NCSoft
2013-06-28 21:07:22 ----D---- C:\hbngv
2013-06-24 03:01:38 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-06-24 03:01:38 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-06-24 03:01:38 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-06-24 03:01:38 ----A---- C:\Windows\system32\iesetup.dll
2013-06-24 03:01:38 ----A---- C:\Windows\system32\iernonce.dll
2013-06-24 03:01:38 ----A---- C:\Windows\system32\ie4uinit.exe
2013-06-24 03:01:37 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-06-24 03:01:37 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-06-24 03:01:37 ----A---- C:\Windows\system32\iesysprep.dll
2013-06-24 03:01:36 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-06-24 03:01:35 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-06-24 03:01:35 ----A---- C:\Windows\system32\msfeeds.dll
2013-06-24 03:01:35 ----A---- C:\Windows\system32\jscript.dll
2013-06-24 03:01:34 ----A---- C:\Windows\system32\jscript9.dll
2013-06-24 03:01:33 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-06-24 03:01:31 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-06-24 03:01:31 ----A---- C:\Windows\system32\jsproxy.dll
2013-06-24 03:01:30 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-06-24 03:01:30 ----A---- C:\Windows\system32\wininet.dll
2013-06-24 03:01:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-06-24 03:00:59 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-06-24 03:00:59 ----A---- C:\Windows\system32\urlmon.dll
2013-06-24 03:00:58 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-06-24 03:00:58 ----A---- C:\Windows\system32\iertutil.dll
2013-06-24 03:00:57 ----A---- C:\Windows\system32\ieui.dll
2013-06-24 03:00:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-06-24 03:00:55 ----A---- C:\Windows\system32\ieframe.dll
2013-06-24 03:00:52 ----A---- C:\Windows\system32\mshtml.dll
2013-06-24 03:00:48 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-06-23 23:52:39 ----D---- C:\drop
2013-06-23 15:31:34 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-06-23 15:31:34 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-06-23 11:42:33 ----A---- C:\Windows\SYSWOW64\npptNT2.sys
2013-06-23 11:38:12 ----D---- C:\Program Files (x86)\Lineage II
2013-06-23 10:23:34 ----D---- C:\onga sys
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\url.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-06-23 03:04:00 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\wextract.exe
2013-06-23 03:04:00 ----A---- C:\Windows\system32\webcheck.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\vbscript.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\url.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-06-23 03:04:00 ----A---- C:\Windows\system32\pngfilt.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\occache.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-06-23 03:04:00 ----A---- C:\Windows\system32\msrating.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\msls31.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\mshtmler.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\mshtmled.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\mshta.exe
2013-06-23 03:04:00 ----A---- C:\Windows\system32\msfeedssync.exe
2013-06-23 03:04:00 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\licmgr10.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\inseng.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\imgutil.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\iexpress.exe
2013-06-23 03:04:00 ----A---- C:\Windows\system32\ieUnatt.exe
2013-06-23 03:04:00 ----A---- C:\Windows\system32\iepeers.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\iedkcs32.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\ieapfltr.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\ieapfltr.dat
2013-06-23 03:04:00 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\icardie.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\elshyph.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\dxtrans.dll
2013-06-23 03:04:00 ----A---- C:\Windows\system32\dxtmsft.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-23 03:02:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-23 03:02:55 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-06-23 03:02:55 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-06-23 03:02:55 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-06-23 03:02:55 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-06-23 03:02:55 ----A---- C:\Windows\system32\XpsPrint.dll
2013-06-23 03:02:55 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-06-23 03:02:55 ----A---- C:\Windows\system32\WMPhoto.dll
2013-06-23 03:02:55 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-06-23 03:02:54 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-06-23 03:02:54 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-06-23 03:02:54 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-06-23 03:02:54 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-06-23 03:02:54 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-06-23 03:02:54 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-06-23 03:02:54 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-06-23 03:02:54 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-06-23 03:02:54 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-06-23 03:02:54 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-06-23 03:02:54 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-06-23 03:02:54 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-06-23 03:02:54 ----A---- C:\Windows\system32\UIAnimation.dll
2013-06-23 03:02:54 ----A---- C:\Windows\system32\FntCache.dll
2013-06-23 03:02:54 ----A---- C:\Windows\system32\dxgi.dll
2013-06-23 03:02:54 ----A---- C:\Windows\system32\DWrite.dll
2013-06-23 03:02:54 ----A---- C:\Windows\system32\d3d10warp.dll
2013-06-23 03:02:54 ----A---- C:\Windows\system32\d3d10level9.dll
2013-06-23 03:02:54 ----A---- C:\Windows\system32\d3d10core.dll
2013-06-23 03:02:54 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-06-23 03:02:54 ----A---- C:\Windows\system32\d3d10_1.dll
2013-06-23 03:02:54 ----A---- C:\Windows\system32\d3d10.dll
2013-06-23 03:02:54 ----A---- C:\Windows\system32\d2d1.dll
2013-06-22 23:48:50 ----D---- C:\l2 zaloha
2013-06-22 19:27:25 ----D---- C:\Users\ADMIN\AppData\Roaming\Search Protection
2013-06-22 19:27:15 ----D---- C:\Users\ADMIN\AppData\Roaming\Nico Mak Computing
2013-06-22 19:27:09 ----A---- C:\Windows\system32\roboot64.exe
2013-06-22 19:27:06 ----D---- C:\Program Files (x86)\WinZip Registry Optimizer
2013-06-22 19:26:18 ----D---- C:\Users\ADMIN\AppData\Roaming\uTorrent
2013-06-13 20:11:17 ----D---- C:\l2 sys
2013-06-12 19:11:41 ----SHD---- C:\ProgramData\SecuROM
2013-06-12 19:08:02 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-06-12 19:06:53 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-06-12 19:06:53 ----A---- C:\Windows\system32\win32spl.dll
2013-06-12 19:06:45 ----A---- C:\Windows\system32\cryptdlg.dll
2013-06-12 19:06:44 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2013-06-12 19:04:07 ----A---- C:\Windows\SYSWOW64\certutil.exe
2013-06-12 19:04:07 ----A---- C:\Windows\system32\crypt32.dll
2013-06-12 19:04:07 ----A---- C:\Windows\system32\certutil.exe
2013-06-12 19:04:06 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-06-12 19:04:06 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-06-12 19:04:06 ----A---- C:\Windows\system32\cryptsvc.dll
2013-06-12 19:04:06 ----A---- C:\Windows\system32\cryptnet.dll
2013-06-12 19:04:05 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-06-12 19:04:05 ----A---- C:\Windows\SYSWOW64\certenc.dll
2013-06-12 19:04:05 ----A---- C:\Windows\system32\certenc.dll
2013-06-12 19:03:05 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-06-12 19:03:05 ----A---- C:\Windows\system32\d3d11.dll
2013-06-11 20:08:43 ----D---- C:\gamigo
2013-06-11 19:41:31 ----D---- C:\Program Files (x86)\Rockstar Games
2013-06-11 18:11:34 ----D---- C:\Users\ADMIN\AppData\Roaming\GetRightToGo
2013-06-11 17:03:35 ----D---- C:\Users\ADMIN\AppData\Roaming\mysearchdial
2013-06-11 17:03:15 ----D---- C:\Users\ADMIN\AppData\Roaming\WebCake
2013-06-11 17:03:15 ----D---- C:\Program Files (x86)\WebCake
2013-06-11 17:02:59 ----D---- C:\Users\ADMIN\AppData\Roaming\Mozilla
2013-06-11 16:45:08 ----D---- C:\gta4 crack
2013-06-06 21:08:42 ----D---- C:\Users\ADMIN\AppData\Roaming\SynthMaker
2013-06-06 00:54:57 ----A---- C:\Windows\system32\MRT.exe
2013-06-06 00:21:15 ----A---- C:\Windows\system32\nvhdap64.dll
2013-06-06 00:21:15 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2013-06-06 00:21:14 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-06-06 00:21:14 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-06-06 00:21:14 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-06-06 00:21:14 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2013-06-06 00:21:14 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2013-06-06 00:21:14 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-06-06 00:21:14 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-06-06 00:21:14 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-06-06 00:21:14 ----A---- C:\Windows\system32\nvopencl.dll
2013-06-06 00:21:14 ----A---- C:\Windows\system32\nvoglv64.dll
2013-06-06 00:21:14 ----A---- C:\Windows\system32\NvIFR64.dll
2013-06-06 00:21:14 ----A---- C:\Windows\system32\NvFBC64.dll
2013-06-06 00:21:14 ----A---- C:\Windows\system32\nvdispgenco6432018.dll
2013-06-06 00:21:14 ----A---- C:\Windows\system32\nvdispco6432018.dll
2013-06-06 00:21:14 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-06-06 00:21:14 ----A---- C:\Windows\system32\nvcuvid.dll
2013-06-06 00:21:14 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-06-06 00:21:14 ----A---- C:\Windows\system32\nvcuda.dll
2013-06-06 00:21:14 ----A---- C:\Windows\system32\nvapo64v.dll
2013-06-06 00:21:14 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-06-06 00:21:13 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-06-06 00:21:13 ----A---- C:\Windows\system32\nvcompiler.dll
2013-06-05 23:43:51 ----D---- C:\Users\ADMIN\AppData\Roaming\StarDrive
2013-06-05 23:15:04 ----D---- C:\Program Files (x86)\Microsoft XNA
2013-06-05 22:20:54 ----A---- C:\Windows\SYSWOW64\CmdLineExt_x64.dll
2013-06-05 22:17:00 ----D---- C:\Windows\SYSWOW64\xlive
2013-06-05 22:16:59 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE

======List of files/folders modified in the last 1 month======

2013-07-03 10:11:03 ----D---- C:\Windows\Prefetch
2013-07-03 10:10:40 ----RD---- C:\Program Files
2013-07-03 10:10:40 ----D---- C:\Windows\Temp
2013-07-03 09:48:37 ----D---- C:\Windows\System32
2013-07-03 09:48:37 ----D---- C:\Windows\inf
2013-07-03 09:48:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-03 09:44:46 ----D---- C:\Windows\system32\Tasks
2013-07-03 09:41:58 ----D---- C:\ProgramData\NVIDIA
2013-07-03 00:22:42 ----D---- C:\Windows\system32\config
2013-07-02 19:10:43 ----SHD---- C:\System Volume Information
2013-07-01 23:44:54 ----D---- C:\Program Files (x86)\Steam
2013-07-01 22:29:07 ----D---- C:\Windows\SysWOW64
2013-07-01 22:21:30 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-07-01 19:53:14 ----RD---- C:\Program Files (x86)
2013-07-01 19:11:15 ----D---- C:\Windows\system32\drivers
2013-06-30 22:57:16 ----D---- C:\Windows\system32\catroot2
2013-06-30 22:56:28 ----D---- C:\Windows\system32\appmgmt
2013-06-30 22:56:27 ----SHD---- C:\Windows\Installer
2013-06-30 12:07:47 ----D---- C:\Windows\system32\catroot
2013-06-28 21:10:26 ----HD---- C:\ProgramData
2013-06-28 21:10:21 ----D---- C:\Program Files (x86)\Pando Networks
2013-06-25 03:17:15 ----D---- C:\Windows\winsxs
2013-06-24 03:17:15 ----D---- C:\Program Files\Internet Explorer
2013-06-24 03:17:15 ----D---- C:\Program Files (x86)\Internet Explorer
2013-06-23 04:01:27 ----D---- C:\Windows\rescache
2013-06-23 03:21:38 ----D---- C:\Windows\SYSWOW64\migration
2013-06-23 03:21:38 ----D---- C:\Windows\SYSWOW64\en-US
2013-06-23 03:21:36 ----D---- C:\Windows\system32\migration
2013-06-23 03:21:36 ----D---- C:\Windows\system32\en-US
2013-06-23 03:21:36 ----D---- C:\Windows\PolicyDefinitions
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\it-IT
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\es-ES
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\el-GR
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\de-DE
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\da-DK
2013-06-23 03:21:33 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-06-23 03:21:33 ----D---- C:\Windows\system32\pt-PT
2013-06-23 03:21:33 ----D---- C:\Windows\system32\pt-BR
2013-06-23 03:21:33 ----D---- C:\Windows\system32\pl-PL
2013-06-23 03:21:33 ----D---- C:\Windows\system32\ko-KR
2013-06-23 03:21:33 ----D---- C:\Windows\system32\it-IT
2013-06-23 03:21:32 ----D---- C:\Windows\system32\zh-TW
2013-06-23 03:21:32 ----D---- C:\Windows\system32\zh-HK
2013-06-23 03:21:32 ----D---- C:\Windows\system32\zh-CN
2013-06-23 03:21:32 ----D---- C:\Windows\system32\tr-TR
2013-06-23 03:21:32 ----D---- C:\Windows\system32\sv-SE
2013-06-23 03:21:32 ----D---- C:\Windows\system32\nl-NL
2013-06-23 03:21:32 ----D---- C:\Windows\system32\ja-JP
2013-06-23 03:21:32 ----D---- C:\Windows\system32\hu-HU
2013-06-23 03:21:32 ----D---- C:\Windows\system32\fr-FR
2013-06-23 03:21:32 ----D---- C:\Windows\system32\fi-FI
2013-06-23 03:21:32 ----D---- C:\Windows\system32\es-ES
2013-06-23 03:21:32 ----D---- C:\Windows\system32\el-GR
2013-06-23 03:21:32 ----D---- C:\Windows\system32\de-DE
2013-06-23 03:21:32 ----D---- C:\Windows\system32\cs-CZ
2013-06-23 03:21:31 ----D---- C:\Windows\system32\ru-RU
2013-06-23 03:21:31 ----D---- C:\Windows\system32\nb-NO
2013-06-23 03:21:31 ----D---- C:\Windows\system32\da-DK
2013-06-23 03:06:13 ----D---- C:\Windows\Logs
2013-06-23 03:00:52 ----D---- C:\Windows
2013-06-22 19:29:09 ----D---- C:\Windows\system32\LogFiles
2013-06-22 19:27:29 ----D---- C:\Windows\Tasks
2013-06-17 03:13:38 ----RSD---- C:\Windows\assembly
2013-06-17 03:13:38 ----D---- C:\Windows\Microsoft.NET
2013-06-17 03:03:40 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-06-16 18:31:24 ----D---- C:\Program Files (x86)\Diablo III
2013-06-12 19:40:24 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-06-12 19:06:40 ----SD---- C:\ProgramData\Microsoft
2013-06-11 17:03:15 ----D---- C:\ProgramData\Tarma Installer
2013-06-11 16:28:28 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-06-11 16:10:31 ----SD---- C:\Users\ADMIN\AppData\Roaming\Microsoft
2013-06-06 00:55:04 ----D---- C:\Windows\debug
2013-06-06 00:23:50 ----D---- C:\Windows\system32\DriverStore
2013-06-06 00:23:20 ----D---- C:\Program Files (x86)\NVIDIA Corporation

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-03-06 65336]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-03-06 70992]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-06 1025808]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-06 377920]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-06 68920]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-05-13 283200]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-06 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-25 194848]
R3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-06 178624]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-06 45248]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IBUpdaterService;IBUpdaterService; C:\Windows\system32\dmwu.exe [2013-06-12 1495856]
R2 Mobile Broadband HL Service;Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [2012-06-28 233344]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-05-12 884512]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-05-16 1826592]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-05-12 413472]
R2 Updater By Sweetpacks;Updater By Sweetpacks; C:\Program Files\Updater By Sweetpacks\ExtensionUpdaterService.exe [2013-05-29 188760]
R2 WebCake Desktop Updater;WebCake Desktop Updater; C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe [2013-06-07 23552]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-12 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12 256904]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-12 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-04-12 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2013-05-20 5086240]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-06-06 543656]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-05-15 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Zdravim

A tentokrat to dokoncite?

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Prohledat a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

jo prisaham...

# AdwCleaner v2.303 - Logfile created 07/03/2013 at 10:22:43
# Updated 08/06/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : ADMIN - ADMIN-PC
# Boot Mode : Normal
# Running from : C:\Users\ADMIN\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****

Found : IBUpdaterService
Found : WebCake Desktop Updater

***** [Files / Folders] *****

File Found : C:\Users\Public\Desktop\MySearchDial.url
Folder Found : C:\Program Files (x86)\SweetIM
Folder Found : C:\Program Files (x86)\TornTV.com
Folder Found : C:\Program Files (x86)\WebCake
Folder Found : C:\Program Files (x86)\WinZip Registry Optimizer
Folder Found : C:\Program Files\Updater By SweetPacks
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Registry Optimizer
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\Users\ADMIN\AppData\Local\Bundled software uninstaller
Folder Found : C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Folder Found : C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Folder Found : C:\Users\ADMIN\AppData\Local\PutLockerDownloader
Folder Found : C:\Users\ADMIN\AppData\LocalLow\Delta
Folder Found : C:\Users\ADMIN\AppData\Roaming\Babylon
Folder Found : C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Found : C:\Users\ADMIN\AppData\Roaming\Mysearchdial
Folder Found : C:\Users\ADMIN\AppData\Roaming\search protection
Folder Found : C:\Users\ADMIN\AppData\Roaming\WebCake
Folder Found : C:\Windows\SysWOW64\WNLT

***** [Registry] *****

Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\BabylonToolbar
Key Found : HKCU\Software\BI
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\mysearchdial
Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\WNLT
Key Found : HKCU\Software\596dddbb334ed10
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
Key Found : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc.1
Key Found : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Found : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
Key Found : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api
Key Found : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1
Key Found : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers
Key Found : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\InstallCore
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Found : HKLM\Software\Supreme Savings
Key Found : HKLM\SOFTWARE\Wow6432Node\596dddbb334ed10
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Key Found : HKLM\SOFTWARE\Tarma Installer
Key Found : HKU\S-1-5-21-2424735532-840248378-3633617618-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-21-2424735532-840248378-3633617618-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WebCake Desktop]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16611

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://mysearch.sweetpacks.com/?src=10&st=12&crg=3.5000006.10059&barid={468C8E40-E175-11E2-AC3E-582C80139263}
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - bProtectTabs] = hxxp://www.delta-search.com/?affID=120519&tt=g ... 2C80139263
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://mysearch.sweetpacks.com/?src=10&st=12&crg=3.5000006.10059&barid={468C8E40-E175-11E2-AC3E-582C80139263}

-\\ Google Chrome v27.0.1453.116

File : C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.35] : icon_url ="encodings": "UTF-8", "hxxp://home.sweetpacks.com/favicon.ico", "id": "104", "instant_url": "", "keyword": "mysearch.sweetpacks.com", "name": "Sweetpacks", "prepopulate_id": "0", "search_terms_replacement_key": "", "search_url": "hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid={468C8E40-E175-11E2-AC3E-582C80139263}&crg=3.5000006.10059&st=23", "suggest_url": ""
Found [l.2218] : homepage = "hxxp://mysearch.sweetpacks.com/?src=10&st=12&crg=3.5000006.10059&barid={468C8E40-E175-11E2-AC3E-582C80139263}", "homepage_is_newtabpage": false,
Found [l.2404] : urls_to_restore_on_startup = [ "hxxp://uk.search.yahoo.com?type=512435&fr=spigot-yhp-ch", "hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyEtN2Y1L1QzuyDzztB0CzztDtCtAzytByCtAyBzztC0AtN0D0Tzu0CyDtBzztN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=325290780&ir=", "hxxp://www.delta-search.com/?affID=120519&tt=g ... 2C80139263" ]

-\\ Chromium v28.0.1483.0

File : C:\Users\ADMIN\AppData\Local\Chromium\User Data\Default\Preferences

Found [l.29] : icon_url = "hxxp://home.sweetpacks.com/favicon.ico",
Found [l.32] : keyword = "mysearch.sweetpacks.com",
Found [l.36] : search_url = "hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid={468C8E40-E175-11E2-AC3E-582C80139263}&crg=3.5000006.10059&st=23",
Found [l.2520] : urls_to_restore_on_startup = [ "hxxp://mysearch.sweetpacks.com/?barid={468C8E40-E175-11E2-AC3E-582C80139263}&src=10&crg=3.5000006.10059&st=23", "hxxp://www.google.co.uk/" ]

*************************

AdwCleaner[R1].txt - [11930 octets] - [03/07/2013 10:22:43]

########## EOF - C:\AdwCleaner[R1].txt - [11991 octets] ##########

No uvidime

Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.
Tentokrat kliknete na Smazat
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner [S1].txt ). Ten mi sem zase zkopirujte.

# AdwCleaner v2.303 - Logfile created 07/03/2013 at 10:40:25
# Updated 08/06/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : ADMIN - ADMIN-PC
# Boot Mode : Normal
# Running from : C:\Users\ADMIN\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : IBUpdaterService
Stopped & Deleted : WebCake Desktop Updater

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files\Updater By SweetPacks
File Deleted : C:\Users\Public\Desktop\MySearchDial.url
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\Program Files (x86)\TornTV.com
Folder Deleted : C:\Program Files (x86)\WebCake
Folder Deleted : C:\Program Files (x86)\WinZip Registry Optimizer
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Registry Optimizer
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\ADMIN\AppData\Local\Bundled software uninstaller
Folder Deleted : C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Folder Deleted : C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Folder Deleted : C:\Users\ADMIN\AppData\Local\PutLockerDownloader
Folder Deleted : C:\Users\ADMIN\AppData\LocalLow\Delta
Folder Deleted : C:\Users\ADMIN\AppData\Roaming\Babylon
Folder Deleted : C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Deleted : C:\Users\ADMIN\AppData\Roaming\Mysearchdial
Folder Deleted : C:\Users\ADMIN\AppData\Roaming\search protection
Folder Deleted : C:\Users\ADMIN\AppData\Roaming\WebCake
Folder Deleted : C:\Windows\SysWOW64\WNLT

***** [Registry] *****

Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\mysearchdial
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKCU\Software\596dddbb334ed10
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\InstallCore
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKLM\Software\Supreme Savings
Key Deleted : HKLM\SOFTWARE\Wow6432Node\596dddbb334ed10
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WebCake Desktop]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16611

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://mysearch.sweetpacks.com/?src=10&st=12&crg=3.5000006.10059&barid={468C8E40-E175-11E2-AC3E-582C80139263} --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - bProtectTabs] = hxxp://www.delta-search.com/?affID=120519&tt=g ... 2C80139263 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://mysearch.sweetpacks.com/?src=10&st=12&crg=3.5000006.10059&barid={468C8E40-E175-11E2-AC3E-582C80139263} --> hxxp://www.google.com

-\\ Google Chrome v27.0.1453.116

File : C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.35] : icon_url ="encodings": "UTF-8", "hxxp://home.sweetpacks.com/favicon.ico", "id": [...]
Deleted [l.2218] : homepage = "hxxp://mysearch.sweetpacks.com/?src=10&st=12&crg=3.5000006.10059&barid={468C8E40-E17[...]
Deleted [l.2404] : urls_to_restore_on_startup = [ "hxxp://uk.search.yahoo.com?type=512435&fr=spigot-yhp-ch", "ht[...]

-\\ Chromium v28.0.1483.0

File : C:\Users\ADMIN\AppData\Local\Chromium\User Data\Default\Preferences

Deleted [l.29] : icon_url = "hxxp://home.sweetpacks.com/favicon.ico",
Deleted [l.32] : keyword = "mysearch.sweetpacks.com",
Deleted [l.36] : search_url = "hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid={468C8E40-E175-11E2-[...]
Deleted [l.2524] : urls_to_restore_on_startup = [ "hxxp://mysearch.sweetpacks.com/?barid={468C8E40-E175-11E2-AC3[...]

*************************

AdwCleaner[R1].txt - [12037 octets] - [03/07/2013 10:22:43]
AdwCleaner[R2].txt - [12098 octets] - [03/07/2013 10:40:13]
AdwCleaner[S1].txt - [11343 octets] - [03/07/2013 10:40:25]

########## EOF - C:\AdwCleaner[S1].txt - [11404 octets] ##########

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

ja sem to udelal v anglictine doufam ze full scan je spravna volba.... trva uz pul hodiny tak mi da cas na omluvu....
duvod proc jsem nedokoncil tema je.... ze ten laptop co jsem scanoval skoncil jako podlozka na mys... ktera vazi 0.8 kg to byla taky jedina vyhoda na nem... koupil jsem si desktop PC za 100 liber normalne v obchode... rikam si takovej silnej jen 2 roky starej a tak levne??? hmmm az doma sem zjisit ze nemel operacni system... neni to nelegalni??? musel sem si koupit original win7 z ebay a radsi sem si stahnul kopii
hotovo
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.07.03.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
ADMIN :: ADMIN-PC [administrator]

7/3/2013 11:14:58 AM
MBAM-log-2013-07-03 (12-05-03).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 426146
Time elapsed: 49 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 15
C:\$Recycle.Bin\S-1-5-21-2424735532-840248378-3633617618-1000\$RPCAN00\msxml4b.dll (Spyware.Agent) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-2424735532-840248378-3633617618-1000\$RPCAN00\msxml4c.dll (Trojan.Spy.Agent) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-2424735532-840248378-3633617618-1000\$RSPJ1MD\system\msxml4b.dll (Spyware.Agent) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-2424735532-840248378-3633617618-1000\$RSPJ1MD\system\msxml4c.dll (Trojan.Spy.Agent) -> No action taken.
C:\gta4 crack\ivPM [RELEASE] 1.0.0.0\ivPM.exe (Trojan.Delfiles) -> No action taken.
C:\onga sys\system\msxml4b.dll (Spyware.Agent) -> No action taken.
C:\onga sys\system\msxml4c.dll (Trojan.Spy.Agent) -> No action taken.
C:\Users\ADMIN\AppData\Local\Temp\DIQM\FlashPlayer_151\DomaIQ.exe (Adware.DomaIQ) -> No action taken.
C:\Users\ADMIN\AppData\Local\Temp\DIQM\FlashPlayer_151\DomaIQ10.exe (Adware.DomaIQ) -> No action taken.
C:\Users\ADMIN\AppData\Local\Temp\DIQM\FlashPlayer_151\exes.zip (Adware.DomaIQ) -> No action taken.
C:\Users\ADMIN\Downloads\1336636391_ivPMRELEASE1.0.0.0.rar (Trojan.Delfiles) -> No action taken.
C:\Users\ADMIN\Downloads\FlashPlayer_V.126226661c.exe (PUP.FakeFlash.Domaiq) -> No action taken.
C:\Users\ADMIN\Downloads\FlashPlayer_V.128863649c.exe (PUP.FakeFlash.Domaiq) -> No action taken.
C:\Users\ADMIN\Downloads\GFsystem_drop_spoil.rar (Spyware.Agent) -> No action taken.
C:\Users\ADMIN\Downloads\L2Anius_Updater.exe (Trojan.Downloader) -> No action taken.

(end)

drop and spoil psaly na foru lineage 2 ze se projevi jako vyrus ale nemusim se bat

Real píše:drop and spoil psaly na foru lineage 2 ze se projevi jako vyrus ale nemusim se bat

A jste si jisty, ze je to v poradku?

Nalezy doporucuji odstranit a pokud nenastane nejaky problem, MBAM zase odinstalujte.

Jestli to bylo nelegalni nevim. Pokud u nej bylo napsano, ze tam ma OS byt, v poradku to jiste nebylo. Ale ted uz je to stejne jedno.



Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.07.03.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
ADMIN :: ADMIN-PC [administrator]

7/3/2013 11:14:58 AM
mbam-log-2013-07-03 (11-14-58).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 426146
Time elapsed: 49 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 15
C:\Users\ADMIN\Downloads\FlashPlayer_V.126226661c.exe (PUP.FakeFlash.Domaiq) -> No action taken.
C:\Users\ADMIN\Downloads\FlashPlayer_V.128863649c.exe (PUP.FakeFlash.Domaiq) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-2424735532-840248378-3633617618-1000\$RPCAN00\msxml4b.dll (Spyware.Agent) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-2424735532-840248378-3633617618-1000\$RPCAN00\msxml4c.dll (Trojan.Spy.Agent) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-2424735532-840248378-3633617618-1000\$RSPJ1MD\system\msxml4b.dll (Spyware.Agent) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-2424735532-840248378-3633617618-1000\$RSPJ1MD\system\msxml4c.dll (Trojan.Spy.Agent) -> Quarantined and deleted successfully.
C:\gta4 crack\ivPM [RELEASE] 1.0.0.0\ivPM.exe (Trojan.Delfiles) -> Quarantined and deleted successfully.
C:\onga sys\system\msxml4b.dll (Spyware.Agent) -> Quarantined and deleted successfully.
C:\onga sys\system\msxml4c.dll (Trojan.Spy.Agent) -> Quarantined and deleted successfully.
C:\Users\ADMIN\AppData\Local\Temp\DIQM\FlashPlayer_151\DomaIQ.exe (Adware.DomaIQ) -> Quarantined and deleted successfully.
C:\Users\ADMIN\AppData\Local\Temp\DIQM\FlashPlayer_151\DomaIQ10.exe (Adware.DomaIQ) -> Quarantined and deleted successfully.
C:\Users\ADMIN\AppData\Local\Temp\DIQM\FlashPlayer_151\exes.zip (Adware.DomaIQ) -> Quarantined and deleted successfully.
C:\Users\ADMIN\Downloads\1336636391_ivPMRELEASE1.0.0.0.rar (Trojan.Delfiles) -> Quarantined and deleted successfully.
C:\Users\ADMIN\Downloads\GFsystem_drop_spoil.rar (Spyware.Agent) -> Quarantined and deleted successfully.
C:\Users\ADMIN\Downloads\L2Anius_Updater.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

(end)

RogueKiller V8.6.2 [Jul 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : hxxp://www.adlice.com/forum/
Website : hxxp://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : ADMIN [Admin rights]
Mode : Scan -- Date : 07/04/2013 19:31:01
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] mbbService.exe -- C:\ProgramData\MobileBrServ\mbbservice.exe [7] -> KILLED [TermProc]

¤¤¤ Registry Entries : 9 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : SearchProtection ("C:\Users\ADMIN\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart [x]) -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-2424735532-840248378-3633617618-1000\[...]\Run : SearchProtection ("C:\Users\ADMIN\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart [x]) -> FOUND
[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


::1 localhost
127.0.0.1 localhost
81.0.254.162 L2authd.Lineage2.com


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD10EARS-22Y5B1 ATA Device +++++
--- User ---
[MBR] 1316fe42fb9cd7315d5e0914a1c6773e
[BSP] f6bddce5e4fcafd7ec5a1100a93de828 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_07042013_193101.txt >>



Se sadim ze uz jste si myslel ze znovu nedokoncim... ja jsem se uz nedostal k PC asi 10 telat se nam narodilo.. a mate pravdu je to jedno ale jen me to zajimalo protoze jsem se nejak bal zeptat mistnich...

Real píše:Se sadim ze uz jste si myslel ze znovu nedokoncim...

To byste sazku prohral. Zacal bych si to myslet az plus minus po tydnu


Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

RogueKiller V8.6.2 [Jul 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : hxxp://www.adlice.com/forum/
Webové stránky : hxxp://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : ADMIN [Práva správce]
Mód : Odebrat -- Datum : 07/04/2013 21:16:23
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] mbbService.exe -- C:\ProgramData\MobileBrServ\mbbservice.exe [7] -> KILLED [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 9 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : SearchProtection ("C:\Users\ADMIN\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart [x]) -> VYMAZÁNO
[RUN][SUSP PATH] HKUS\S-1-5-21-2424735532-840248378-3633617618-1000\[...]\Run : SearchProtection ("C:\Users\ADMIN\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart [x]) -> [0x2] The system cannot find the file specified.
[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NAHRAZENO (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


::1 localhost
127.0.0.1 localhost
81.0.254.162 L2authd.Lineage2.com


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD10EARS-22Y5B1 ATA Device +++++
--- User ---
[MBR] 1316fe42fb9cd7315d5e0914a1c6773e
[BSP] f6bddce5e4fcafd7ec5a1100a93de828 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_07042013_211623.txt >>
RKreport[0]_S_07042013_193101.txt


2.host
RogueKiller V8.6.2 [Jul 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : hxxp://www.adlice.com/forum/
Webové stránky : hxxp://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : ADMIN [Práva správce]
Mód : Oprava HOSTS -- Datum : 07/04/2013 21:18:18
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] mbbService.exe -- C:\ProgramData\MobileBrServ\mbbservice.exe [7] -> KILLED [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


::1 localhost
127.0.0.1 localhost
81.0.254.162 L2authd.Lineage2.com


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost


Dokončeno : << RKreport[0]_H_07042013_211818.txt >>
RKreport[0]_D_07042013_211623.txt;RKreport[0]_S_07042013_193101.txt;RKreport[0]_S_07042013_211753.txt

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Mel jsem male trable s vasim linkem... soubor co se stahnul hazel error pri kopirovani a instalace dal sem ignorovat a dokoncil instalaci ale nic se nestalo.... tak sem v google.co.uk dal combofix download a prvni stranka co vyjela byl updatovany combofix ale musel jsem ho prejmenovat jinak me to nepustilo dal ja vim ze to je asi jen detail ale nazval jsem to whatever

ComboFix 13-07-04.01 - ADMIN 07/04/2013 21:48:06.1.3 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3839.1740 [GMT 1:00]
Running from: c:\users\ADMIN\Downloads\whatever.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\ADMIN\AppData\Local\assembly\tmp
c:\windows\security\Database\tmp.edb
.
.
((((((((((((((((((((((((( Files Created from 2013-06-04 to 2013-07-04 )))))))))))))))))))))))))))))))
.
.
2013-07-04 20:58 . 2013-07-04 20:58 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-07-04 20:58 . 2013-07-04 20:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-04 04:37 . 2013-07-04 04:37 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E60810AD-5593-4156-81CB-4481E0060D60}\offreg.dll
2013-07-03 10:12 . 2013-07-03 10:12 -------- d-----w- c:\users\ADMIN\AppData\Roaming\Malwarebytes
2013-07-03 10:12 . 2013-07-03 10:12 -------- d-----w- c:\programdata\Malwarebytes
2013-07-03 09:10 . 2013-07-03 09:11 -------- d-----w- C:\rsit
2013-07-03 09:10 . 2013-07-03 09:11 -------- d-----w- c:\program files\trend micro
2013-07-02 18:11 . 2013-06-12 03:08 9552976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E60810AD-5593-4156-81CB-4481E0060D60}\mpengine.dll
2013-07-01 18:53 . 2013-07-01 20:11 -------- d-----w- c:\program files (x86)\Guild Wars 2
2013-06-30 11:08 . 2013-07-03 09:42 -------- d-----w- c:\program files\Updater By Sweetpacks
2013-06-30 11:07 . 2013-06-30 11:07 -------- d-----w- c:\windows\SysWow64\jmdp
2013-06-30 11:07 . 2013-06-30 11:07 -------- d-----w- c:\windows\SysWow64\ARFC
2013-06-30 11:07 . 2013-06-12 08:27 1495856 ----a-w- c:\windows\system32\dmwu.exe
2013-06-30 11:07 . 2013-06-12 08:26 33792 ----a-w- c:\windows\system32\ImHttpComm.dll
2013-06-28 20:10 . 2013-07-04 20:59 -------- d-----w- c:\users\ADMIN\AppData\Local\PMB Files
2013-06-28 20:10 . 2013-06-28 20:15 -------- d-----w- c:\programdata\PMB Files
2013-06-28 20:10 . 2013-06-28 20:10 -------- d-----w- c:\users\ADMIN\AppData\Local\Pando_Temp
2013-06-28 20:08 . 2013-07-04 20:54 -------- d-----w- c:\users\ADMIN\AppData\Local\assembly
2013-06-28 20:08 . 2013-07-01 21:21 -------- d-----w- c:\program files (x86)\NCSoft
2013-06-28 20:07 . 2013-06-28 20:07 -------- d-----w- C:\hbngv
2013-06-24 02:00 . 2013-06-08 14:08 1365504 ----a-w- c:\windows\system32\urlmon.dll
2013-06-24 02:00 . 2013-06-08 14:06 2648064 ----a-w- c:\windows\system32\iertutil.dll
2013-06-24 02:00 . 2013-06-08 14:06 526336 ----a-w- c:\windows\system32\ieui.dll
2013-06-24 02:00 . 2013-06-08 14:06 15404544 ----a-w- c:\windows\system32\ieframe.dll
2013-06-24 02:00 . 2013-06-08 14:07 19233792 ----a-w- c:\windows\system32\mshtml.dll
2013-06-23 22:52 . 2013-06-23 22:52 -------- d-----w- C:\drop
2013-06-23 14:31 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-06-23 14:31 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-06-23 10:42 . 2009-04-06 08:08 4682 ----a-w- c:\windows\SysWow64\npptNT2.sys
2013-06-23 10:42 . 2009-04-06 08:08 5174 ----a-w- c:\windows\SysWow64\nppt9x.vxd
2013-06-23 10:38 . 2013-07-04 18:58 -------- d-----w- c:\program files (x86)\Lineage II
2013-06-23 09:23 . 2013-06-23 09:23 -------- d-----w- C:\onga sys
2013-06-23 02:02 . 2013-06-23 02:02 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-22 22:48 . 2013-06-22 22:49 -------- d-----w- C:\l2 zaloha
2013-06-22 18:27 . 2013-06-22 18:27 -------- d-----w- c:\users\ADMIN\AppData\Roaming\Nico Mak Computing
2013-06-22 18:27 . 2013-02-13 10:07 19840 ----a-w- c:\windows\system32\roboot64.exe
2013-06-22 18:26 . 2013-07-03 09:43 -------- d-----w- c:\users\ADMIN\AppData\Roaming\uTorrent
2013-06-13 19:11 . 2013-07-04 18:53 -------- d-----w- C:\l2 sys
2013-06-12 18:11 . 2013-06-12 18:11 -------- d-sh--w- c:\programdata\SecuROM
2013-06-12 18:08 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-12 18:06 . 2013-04-26 05:51 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-06-12 18:06 . 2013-04-26 04:55 492544 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-06-12 18:06 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-06-12 18:06 . 2013-05-10 03:20 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-06-12 18:04 . 2013-05-13 05:51 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-06-12 18:04 . 2013-05-13 03:43 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-06-12 18:04 . 2013-05-13 03:08 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-06-12 18:04 . 2013-05-13 05:51 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-06-12 18:04 . 2013-05-13 05:51 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-06-12 18:04 . 2013-05-13 04:45 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-06-12 18:04 . 2013-05-13 04:45 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-06-12 18:04 . 2013-05-13 05:50 52224 ----a-w- c:\windows\system32\certenc.dll
2013-06-12 18:04 . 2013-05-13 04:45 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-06-12 18:04 . 2013-05-13 03:08 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-06-12 18:03 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-06-12 18:03 . 2013-03-31 22:52 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-06-11 19:08 . 2013-06-11 19:08 -------- d-----w- C:\gamigo
2013-06-11 18:41 . 2013-06-13 09:03 -------- d-----w- c:\program files (x86)\Rockstar Games
2013-06-11 17:11 . 2013-06-11 19:10 -------- d-----w- c:\users\ADMIN\AppData\Roaming\GetRightToGo
2013-06-11 15:45 . 2013-06-11 18:04 -------- d-----w- C:\gta4 crack
2013-06-06 20:08 . 2013-06-06 20:08 -------- d-----w- c:\users\ADMIN\AppData\Roaming\SynthMaker
2013-06-05 23:54 . 2013-06-13 02:03 75825640 ----a-w- c:\windows\system32\MRT.exe
2013-06-05 22:43 . 2013-06-05 22:43 -------- d-----w- c:\users\ADMIN\AppData\Roaming\StarDrive
2013-06-05 22:15 . 2013-06-05 22:15 -------- d-----w- c:\program files (x86)\Microsoft XNA
2013-06-05 21:23 . 2013-06-12 17:51 -------- d-----w- c:\users\ADMIN\AppData\Local\Rockstar Games
2013-06-05 21:20 . 2013-06-05 21:20 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2013-06-05 21:17 . 2013-06-05 21:17 -------- d-----w- c:\windows\SysWow64\xlive
2013-06-05 21:16 . 2013-06-05 21:16 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-12 18:40 . 2013-04-24 16:54 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 18:40 . 2013-04-24 16:54 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-11 15:33 . 2009-08-18 11:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2013-06-11 15:33 . 2009-08-18 10:24 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-20 19:39 . 2013-05-22 00:55 5086240 ----a-w- c:\windows\SysWow64\GameMon.des
2013-05-13 19:08 . 2013-04-12 20:38 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-05-12 21:42 . 2013-04-21 21:20 15910736 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-05-12 21:42 . 2013-04-21 21:20 12426216 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-05-12 21:42 . 2013-04-21 21:20 2935696 ----a-w- c:\windows\system32\nvapi64.dll
2013-05-12 21:42 . 2013-04-21 21:20 2597344 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-05-12 21:42 . 2013-04-19 02:01 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-05-12 21:42 . 2013-04-19 02:01 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-05-12 20:34 . 2013-05-13 18:31 6491936 ----a-w- c:\windows\system32\nvcpl.dll
2013-05-12 20:34 . 2013-05-13 18:31 3514656 ----a-w- c:\windows\system32\nvsvc64.dll
2013-05-12 20:34 . 2013-05-13 18:31 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-05-12 20:34 . 2013-05-13 18:31 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-05-12 20:34 . 2013-05-13 18:31 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-05-12 14:43 . 2013-05-12 14:43 566048 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-05-02 01:06 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-21 14:13 . 2013-04-21 14:13 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-04-21 14:13 . 2013-04-21 14:13 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-04-21 14:13 . 2013-04-21 14:13 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-04-13 05:49 . 2013-05-16 02:50 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-16 02:50 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-16 02:50 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-16 02:50 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-16 02:50 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-16 02:50 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 17:11 . 2013-04-12 17:11 1156 ----a-w- c:\windows\SysWow64\ealregsnapshot1.reg
2013-04-12 14:45 . 2013-05-14 03:24 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-16 02:50 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-16 02:50 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-16 02:50 3153920 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"MobileAppSync"="c:\program files (x86)\Mobile App Sync\D2MClient.exe" [2013-05-14 312320]
"RGSC"="c:\program files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2008-11-14 305064]
"uTorrent"="c:\users\ADMIN\AppData\Roaming\uTorrent\uTorrent.exe" [2013-06-22 1045072]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2013-04-12 39408]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2013-06-28 3093624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Mobile Broadband HL Service;Mobile Broadband HL Service;c:\programdata\MobileBrServ\mbbservice.exe;c:\programdata\MobileBrServ\mbbservice.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 aswVmm;aswVmm; [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 Updater By Sweetpacks;Updater By Sweetpacks;c:\program files\Updater By Sweetpacks\ExtensionUpdaterService.exe;c:\program files\Updater By Sweetpacks\ExtensionUpdaterService.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-22 18:43 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-07-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-24 18:40]
.
2013-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-12 20:09]
.
2013-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-12 20:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 22:32 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{DEDAF650-12B8-48f5-A843-BBA100716106} - c:\program files\Updater By Sweetpacks\Extension32.dll
BHO-{DEDAF650-12B8-48f5-A843-BBA100716106} - c:\program files\Updater By Sweetpacks\Extension64.dll
AddRemove-WinZip Registry Optimizer_is1 - c:\program files (x86)\WinZip Registry Optimizer\unins000.exe
AddRemove-NCsoft-Lineage2 - c:\program files (x86)\NCSoft\Launcher\NCLauncher.exe
AddRemove-Search Protection - c:\users\ADMIN\AppData\Roaming\Search Protection\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2424735532-840248378-3633617618-1000\Software\SecuROM\License information*]
"datasecu"=hex:7a,f9,41,28,96,02,2a,c1,aa,fa,c3,9a,98,eb,44,6e,24,fa,c6,8d,47,
cc,06,ad,23,3e,32,84,95,92,33,5c,55,2f,b3,e3,0d,29,8b,61,52,a3,8c,07,d9,47,\
"rkeysecu"=hex:80,8d,ff,0c,26,c6,12,d7,fc,e4,18,e6,ae,73,bc,48
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-07-04 22:09:40
ComboFix-quarantined-files.txt 2013-07-04 21:09
.
Pre-Run: 762,041,049,088 bytes free
Post-Run: 762,427,310,080 bytes free
.
- - End Of File - - 2F00909DD99B024422F1CC1C69FBFECA
A36C5E4F47E84449FF07ED3517B43A31

Odinstaloval bych Pando Media Booster (Pando Networks)


Otevrete si poznamkovy blok a zkopirujte do nej tento skript Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku