VIRY.CZ

Ahoj, včera se mi začal nehorázně sekat pc, tady je výpis mohli by jste se na to prosím podívat

?

Logfile of random's system information tool 1.09 (written by random/random)
Run by Dominik at 2014-03-20 20:42:39
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 134 GB (28%) free of 477 GB
Total RAM: 4061 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:42:44, on 20.3.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files\My Lockbox\mylbx.exe
C:\Users\Dominik\AppData\Local\CatalinaGroup\Update\1.3.25.203\CatalinaCrashHandler.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Users\Dominik\AppData\Local\VNT\vntldr.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Dominik.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.ividi.org/?src=tbhp&id=3c ... 6&affilt=3
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: CrossriderApp0047220 - {11111111-1111-1111-1111-110411721120} - C:\Program Files (x86)\DP1815\DP1815-bho.dll
O2 - BHO: VideoPlayerV3beta155 - {5e071226-6121-4ce1-94b5-a95a92980e5f} - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta155\ie\VideoPlayerV3beta155.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: ividi Helper Object - {8B8B2E80-1444-451D-AC8E-EB9A847F3887} - C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SerialTrunc - {e76b4f24-4a2f-4e65-ad36-e2aa934e547c} - C:\Program Files (x86)\SerialTrunc\SerialTruncBHO.dll
O2 - BHO: Rich Media Player - {FEB703F7-E7B2-4AB0-9566-87658AC70095} - C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [VNT] C:\Program Files (x86)\VNT\vntldr.exe
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [msagccfSrv] C:\Windows\inf\msagccf.vbe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [Google Update] "C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [CatalinaGroup Update] "C:\Users\Dominik\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Startup: Ubisoft register.lnk = C:\Program Files (x86)\Ubisoft\Register\schedule.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (file missing)
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IMPI Updater - Unknown owner - C:\Program Files\IMPI\ExtensionUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update SerialTrunc - Unknown owner - C:\Program Files (x86)\SerialTrunc\updateSerialTrunc.exe
O23 - Service: Util SerialTrunc - Unknown owner - C:\Program Files (x86)\SerialTrunc\bin\utilSerialTrunc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 10724 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files\IMPI\ExtensionUpdaterService.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\SerialTrunc\updateSerialTrunc.exe"
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:2708
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\SerialTrunc\bin\utilSerialTrunc.exe"
"C:\Program Files\My Lockbox\mylbx.exe" /a
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Users\Dominik\AppData\Local\CatalinaGroup\Update\1.3.25.203\CatalinaCrashHandler.exe" /crashhandler
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
WLIDSvcM.exe 688
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE" -r
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"C:\Users\Dominik\AppData\Local\VNT\vntldr.exe" /EXEC
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\AUDIODG.EXE 0x3cc
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely without Kodachrome/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_53/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-experimental-extension-apis --disable-accelerated-video-decode --enable-software-compositing --channel="1784.4.1789982912\426806404" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1784.6.91384875\518944240" --disable-image-transport-surface --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,5,14,27,29 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2302 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="1784.8.1052377674\426703499" --ppapi-flash-args --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely without Kodachrome/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_53/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-experimental-extension-apis --disable-accelerated-video-decode --enable-software-compositing --channel="1784.14.292184653\827047943" /prefetch:673131151
C:\Windows\system32\sppsvc.exe
taskmgr.exe /3
"C:\Users\Dominik\Downloads\RSITx64.exe"
"C:\Windows\System32\osk.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\AmiUpdXp.job
C:\Windows\tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000Core.job
C:\Windows\tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000UA.job
C:\Windows\tasks\DP1815-enabler.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000UA.job
C:\Windows\tasks\Norton Security Scan for Dominik.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://search.ividi.org/?src=tbhp&id=3c ... 6&affilt=3"

"{17E113E6-CD0E-4045-B154-65F0E57959EF}"=C:\Program Files\IMPI\Firefox

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@DotSpot_2k.com/Plugin]
"Description"=DotSpot Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@richmediaplayer.com/nppluginrichmediaplayer]
"Description"=
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\nppluginrichmediaplayer.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
flashplayer.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
npffividiplg.dll
nppluginrichmediaplayer.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\extensions\
2kffxtbr@DotSpot_2k.com
858a779a-4bec-47f4-ac06-ed86e2daad75@d82626c3-adcb-475b-b77d-9a1e67c4fd2a.com
battlefieldheroespatcher@ea.com
WebSiteRecommendation@weliketheweb.com
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\searchplugins\
improvedsearch.xml
ividi.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411721120}]
DP1815 - C:\Program Files (x86)\DP1815\DP1815-bho64.dll [2014-02-18 958464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-06 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-08-21 537576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-08-21 193512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411721120}]
DP1815 - C:\Program Files (x86)\DP1815\DP1815-bho.dll [2014-02-18 682496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5e071226-6121-4ce1-94b5-a95a92980e5f}]
Video Player - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta155\ie\VideoPlayerV3beta155.dll [2014-01-07 87040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-08-21 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B8B2E80-1444-451D-AC8E-EB9A847F3887}]
ividi Helper Object - C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll [2013-07-25 301464]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-06 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}]
Rich Media Downloader - C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll [2013-07-03 155928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-08-21 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e76b4f24-4a2f-4e65-ad36-e2aa934e547c}]
SerialTrunc - C:\Program Files (x86)\SerialTrunc\SerialTruncBHO.dll [2014-02-27 249632]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FEB703F7-E7B2-4AB0-9566-87658AC70095}]
Rich Media Player - C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll [2013-03-12 120600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-06 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-06 1224568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 162328]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 417304]
"mylbx"=C:\Program Files\My Lockbox\mylbx.exe [2011-02-03 1898208]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-13 472984]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2014-03-10 3588952]
"Google Update"=C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-11 136176]
"CatalinaGroup Update"=C:\Users\Dominik\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe [2014-01-06 147440]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]
C:\Program Files\Elantech\ETDCtrl.exe [2009-07-30 617856]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-07-13 2244096]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-06 4767304]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-02-13 1758160]
"VNT"=C:\Program Files (x86)\VNT\vntldr.exe [2014-02-13 195536]
"mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe []
"msagccfSrv"=C:\Windows\inf\msagccf.vbe []
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-02-26 3814736]

C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Ubisoft register.lnk - C:\Program Files (x86)\Ubisoft\Register\schedule.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-04-28 16:42:15 ----D---- C:\ProgramData\Razer
2014-04-28 16:42:15 ----D---- C:\Program Files (x86)\Razer
2014-03-20 20:37:32 ----D---- C:\rsit
2014-03-15 15:13:42 ----D---- C:\ProgramData\Codemasters
2014-03-13 18:40:40 ----D---- C:\Counter-Strike 1.6
2014-03-12 22:17:49 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-03-12 22:17:49 ----A---- C:\Windows\system32\msrating.dll
2014-03-12 22:17:48 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-03-12 22:17:47 ----A---- C:\Windows\system32\ieui.dll
2014-03-12 22:17:45 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-03-12 22:17:45 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-03-12 22:17:45 ----A---- C:\Windows\system32\iesetup.dll
2014-03-12 22:17:45 ----A---- C:\Windows\system32\iernonce.dll
2014-03-12 22:17:44 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-03-12 22:17:44 ----A---- C:\Windows\system32\iesysprep.dll
2014-03-12 22:17:44 ----A---- C:\Windows\system32\ie4uinit.exe
2014-03-12 22:17:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-03-12 22:17:41 ----A---- C:\Windows\system32\iertutil.dll
2014-03-12 22:17:38 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-03-12 22:17:38 ----A---- C:\Windows\system32\msfeeds.dll
2014-03-12 22:17:38 ----A---- C:\Windows\system32\jscript.dll
2014-03-12 22:17:37 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-03-12 22:17:35 ----A---- C:\Windows\system32\jscript9.dll
2014-03-12 22:17:34 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-03-12 22:17:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-03-12 22:17:33 ----A---- C:\Windows\system32\urlmon.dll
2014-03-12 22:17:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-03-12 22:17:30 ----A---- C:\Windows\system32\jsproxy.dll
2014-03-12 22:17:29 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-03-12 22:17:29 ----A---- C:\Windows\system32\wininet.dll
2014-03-12 22:17:28 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-03-12 22:17:24 ----A---- C:\Windows\system32\ieframe.dll
2014-03-12 22:17:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-03-12 22:17:19 ----A---- C:\Windows\system32\mshtml.dll
2014-03-12 06:36:13 ----A---- C:\Windows\system32\wwansvc.dll
2014-03-12 06:36:11 ----A---- C:\Windows\SYSWOW64\wer.dll
2014-03-12 06:36:11 ----A---- C:\Windows\system32\wer.dll
2014-03-12 06:36:08 ----A---- C:\Windows\system32\win32k.sys
2014-03-12 06:36:06 ----A---- C:\Windows\system32\qedit.dll
2014-03-12 06:36:05 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-03-12 06:36:04 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-03-12 06:36:03 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-03-09 17:43:19 ----D---- C:\ProgramData\TmForever
2014-03-09 17:39:27 ----D---- C:\Program Files (x86)\TmNationsForever
2014-02-27 16:35:05 ----D---- C:\Program Files (x86)\MediaViewV1
2014-02-26 07:22:10 ----D---- C:\Windows\Migration

======List of files/folders modified in the last 1 month======

2014-04-28 16:44:12 ----D---- C:\Windows\system32\Tasks
2014-04-28 16:42:33 ----D---- C:\Windows\SysWOW64
2014-04-28 16:42:15 ----RD---- C:\Program Files (x86)
2014-04-28 16:42:15 ----D---- C:\ProgramData
2014-03-20 20:42:44 ----D---- C:\Windows\temp
2014-03-20 20:42:42 ----D---- C:\Program Files\trend micro
2014-03-20 20:37:38 ----D---- C:\Program Files (x86)\trend micro
2014-03-20 20:00:53 ----D---- C:\Program Files (x86)\Steam
2014-03-20 18:45:07 ----D---- C:\Windows\system32\config
2014-03-20 18:13:01 ----D---- C:\Program Files (x86)\DP1815
2014-03-20 17:31:14 ----D---- C:\Users\Dominik\AppData\Roaming\Skype
2014-03-20 13:47:01 ----D---- C:\Windows\System32
2014-03-20 13:47:01 ----D---- C:\Windows\inf
2014-03-20 13:47:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-03-20 13:41:49 ----D---- C:\Program Files (x86)\Origin
2014-03-20 06:52:59 ----SHD---- C:\Windows\Installer
2014-03-20 06:52:58 ----D---- C:\Config.Msi
2014-03-20 06:52:57 ----D---- C:\Users\Dominik\AppData\Roaming\Mozilla
2014-03-19 17:33:31 ----D---- C:\ProgramData\Origin
2014-03-18 22:00:55 ----D---- C:\ProgramData\Microsoft Help
2014-03-18 22:00:22 ----D---- C:\Windows\system32\MRT
2014-03-18 21:57:37 ----A---- C:\Windows\system32\MRT.exe
2014-03-18 21:57:19 ----SHD---- C:\System Volume Information
2014-03-16 07:31:28 ----D---- C:\Windows\system32\catroot2
2014-03-16 00:59:14 ----D---- C:\Users\Dominik\AppData\Roaming\uTorrent
2014-03-15 23:56:48 ----D---- C:\Users\Dominik\AppData\Roaming\vlc
2014-03-14 18:40:58 ----D---- C:\Program Files (x86)\SerialTrunc
2014-03-14 18:40:58 ----D---- C:\Program Files (x86)\Mobogenie
2014-03-14 17:48:38 ----D---- C:\Windows\Minidump
2014-03-14 17:48:32 ----D---- C:\Windows
2014-03-13 06:36:31 ----D---- C:\Windows\Tasks
2014-03-13 06:29:17 ----D---- C:\Windows\winsxs
2014-03-13 06:25:08 ----D---- C:\Program Files (x86)\Internet Explorer
2014-03-13 06:25:06 ----D---- C:\Program Files\Internet Explorer
2014-03-13 06:24:55 ----D---- C:\Program Files\Microsoft Silverlight
2014-03-13 06:24:52 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 22:18:11 ----D---- C:\Windows\system32\catroot
2014-03-11 15:11:00 ----RD---- C:\Program Files (x86)\Skype
2014-03-11 15:10:53 ----D---- C:\ProgramData\Skype
2014-03-09 17:38:52 ----D---- C:\Windows\Prefetch
2014-03-07 12:11:20 ----D---- C:\Program Files (x86)\GoforFiles
2014-03-02 09:51:53 ----D---- C:\Users\Dominik\AppData\Roaming\My Battle for Middle-earth Files
2014-02-28 19:29:00 ----D---- C:\Windows\rescache
2014-02-28 06:48:14 ----D---- C:\Windows\Microsoft.NET
2014-02-27 16:36:11 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-02-27 16:35:53 ----HD---- C:\Windows\system32\GroupPolicy
2014-02-27 16:35:53 ----D---- C:\Windows\SYSWOW64\GroupPolicy
2014-02-27 13:41:57 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2014-02-27 07:38:20 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-02-26 07:29:28 ----RSD---- C:\Windows\assembly
2014-02-26 07:22:58 ----D---- C:\Windows\SYSWOW64\en-US
2014-02-26 07:22:58 ----D---- C:\Windows\system32\en-US
2014-02-26 07:22:10 ----SD---- C:\ProgramData\Microsoft
2014-02-25 15:11:37 ----D---- C:\Program Files (x86)\VNT
2014-02-21 18:15:43 ----D---- C:\Users\Dominik\AppData\Roaming\newnext.me

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-03-06 22600]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-03-06 65336]
R0 FSProFilter;FSPro File Filter; C:\Windows\System32\Drivers\FSPFltd.sys [2010-07-22 54848]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-03-06 70992]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-06 1025808]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-06 377920]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-06 68920]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-01-21 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-06 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]
R2 WCMVCAM;WebcamMax, WDM Video Capture; C:\Windows\system32\DRIVERS\wcmvcam64.sys [2011-06-23 1071032]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-07-09 140800]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2007-08-09 13680]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [2012-11-13 14544]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS []
S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-06 178624]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2010-03-01 127600]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2010-03-01 19568]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2010-03-01 161904]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2010-03-01 141424]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2010-03-01 34416]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2010-03-01 137328]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2010-03-01 158320]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S4 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-08-10 68608]
S4 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2005-05-16 7168]
S4 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2005-11-03 89600]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-02-13 166352]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-06 45248]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-02-26 2224976]
R2 IMPI Updater;IMPI Updater; C:\Program Files\IMPI\ExtensionUpdaterService.exe [2013-02-05 185856]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-02-26 377616]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-12-05 76888]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-03-18 2271608]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2012-11-02 2365792]
R2 Update SerialTrunc;Update SerialTrunc; C:\Program Files (x86)\SerialTrunc\updateSerialTrunc.exe [2014-03-15 348960]
R2 Util SerialTrunc;Util SerialTrunc; C:\Program Files (x86)\SerialTrunc\bin\utilSerialTrunc.exe [2014-03-15 348960]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-02-25 568512]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-21 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-21 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-13 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Jinak o nelegálních officech vím. Po výplatě se je pokusím koupit.

Zdravím!

Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v3.022 - Report created 20/03/2014 at 21:06:30
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Dominik - DOMINIK-PC
# Running from : C:\Users\Dominik\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : APNMCP

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\goforfiles
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\SimilarSites
Folder Deleted : C:\Program Files (x86)\Unitech LLC
Folder Deleted : C:\Program Files (x86)\VideoPlayerV3
Folder Deleted : C:\Program Files (x86)\DP1815
Folder Deleted : C:\Windows\SysWOW64\AI_RecycleBin
Folder Deleted : C:\Windows\System32\ljkb
Folder Deleted : C:\Users\Dominik\AppData\Local\b1e
Folder Deleted : C:\Users\Dominik\AppData\Local\genienext
Folder Deleted : C:\Users\Dominik\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Dominik\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Dominik\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Dominik\AppData\Roaming\goforfiles
Folder Deleted : C:\Users\Dominik\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Dominik\AppData\Roaming\SimilarSites
Folder Deleted : C:\Users\Dominik\AppData\Roaming\Unitech LLC
Folder Deleted : C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Folder Deleted : C:\Users\Dominik\Documents\Mobogenie
Folder Deleted : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\Extensions\858a779a-4bec-47f4-ac06-ed86e2daad75@d82626c3-adcb-475b-b77d-9a1e67c4fd2a.com
File Deleted : C:\Users\Dominik\Desktop\Uninstall.exe
File Deleted : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\defaulttab.config
File Deleted : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\searchplugins\ividi.xml
File Deleted : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\user.js
File Deleted : C:\Windows\Tasks\AmiUpdXp.job
File Deleted : C:\Windows\System32\Tasks\AmiUpdXp
File Deleted : C:\Windows\System32\Tasks\GoforFilesUpdate
File Deleted : C:\Windows\Tasks\DP1815-enabler.job
File Deleted : C:\Windows\System32\Tasks\DP1815-enabler

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\I
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0047220.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0047220.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0047220.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0047220.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A2773ED4-83BD-488A-A186-73590706C916}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EB93AADE-9884-47F0-AA9D-0920E1D1203F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411721120}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422722220}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455725520}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466726620}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BB30FEA7-5866-406A-B47D-FB69E1AF8FD7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444724420}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411721120}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2b49a489-2e5d-4e47-98af-f7c2784a2e01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77355f36-9350-44f8-bb9c-57a76ad695f0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a770bb1f-ca04-4bd9-bb26-44832f326125}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b3fd906c-e87e-4cd2-a54a-315d3fe2a3cb}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cf40afda-41ba-4405-8a1d-5732e3bc65e7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411721120}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422722220}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455725520}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466726620}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411721120}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2b49a489-2e5d-4e47-98af-f7c2784a2e01}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77355f36-9350-44f8-bb9c-57a76ad695f0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a770bb1f-ca04-4bd9-bb26-44832f326125}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b3fd906c-e87e-4cd2-a54a-315d3fe2a3cb}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cf40afda-41ba-4405-8a1d-5732e3bc65e7}
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Speedchecker Limited
Key Deleted : HKCU\Software\Unitech LLC
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DP1815
Key Deleted : HKLM\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\GoforFiles
Key Deleted : HKLM\Software\Speedchecker Limited
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\Unitech LLC
Key Deleted : HKLM\Software\DP1815
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\GoforFiles
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zulagames
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DP1815
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited

***** [ Browsers ] *****

-\\ Internet Explorer v0.0.0.0

-\\ Mozilla Firefox v7.0.1 (cs)

[ File : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\prefs.js ]

-\\ Google Chrome v33.0.1750.154

[ File : C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url
Deleted : search_url
Deleted : keyword

*************************

AdwCleaner[R0].txt - [28718 octets] - [21/10/2013 21:40:51]
AdwCleaner[R1].txt - [13335 octets] - [20/03/2014 21:03:38]
AdwCleaner[S0].txt - [28934 octets] - [21/10/2013 21:41:47]
AdwCleaner[S1].txt - [10626 octets] - [20/03/2014 21:06:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [10687 octets]

Dejte nový log RSIT.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Dominik at 2014-03-20 22:01:44
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 133 GB (28%) free of 477 GB
Total RAM: 4061 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:01:49, on 20.3.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files\My Lockbox\mylbx.exe
C:\Users\Dominik\AppData\Local\CatalinaGroup\Update\1.3.25.203\CatalinaCrashHandler.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Dominik\AppData\Local\VNT\vntldr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Dominik.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.ividi.org/?src=tbhp&id=3c ... 6&affilt=3
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: VideoPlayerV3beta155 - {5e071226-6121-4ce1-94b5-a95a92980e5f} - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta155\ie\VideoPlayerV3beta155.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: ividi Helper Object - {8B8B2E80-1444-451D-AC8E-EB9A847F3887} - C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll (file missing)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SerialTrunc - {e76b4f24-4a2f-4e65-ad36-e2aa934e547c} - C:\Program Files (x86)\SerialTrunc\SerialTruncBHO.dll
O2 - BHO: Rich Media Player - {FEB703F7-E7B2-4AB0-9566-87658AC70095} - C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [VNT] C:\Program Files (x86)\VNT\vntldr.exe
O4 - HKLM\..\Run: [msagccfSrv] C:\Windows\inf\msagccf.vbe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [Google Update] "C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [CatalinaGroup Update] "C:\Users\Dominik\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Startup: Ubisoft register.lnk = C:\Program Files (x86)\Ubisoft\Register\schedule.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (file missing)
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IMPI Updater - Unknown owner - C:\Program Files\IMPI\ExtensionUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update SerialTrunc - Unknown owner - C:\Program Files (x86)\SerialTrunc\updateSerialTrunc.exe
O23 - Service: Util SerialTrunc - Unknown owner - C:\Program Files (x86)\SerialTrunc\bin\utilSerialTrunc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 9680 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\IMPI\ExtensionUpdaterService.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:1760
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\My Lockbox\mylbx.exe" /a
"C:\Users\Dominik\AppData\Local\CatalinaGroup\Update\1.3.25.203\CatalinaCrashHandler.exe" /crashhandler
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE" -r
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\SerialTrunc\bin\utilSerialTrunc.exe"
"C:\Users\Dominik\AppData\Local\VNT\vntldr.exe" /EXEC
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
WLIDSvcM.exe 3056
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\AUDIODG.EXE 0x668
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4660.0.1936278830\1946683178" --disable-image-transport-surface --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,5,14,27 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2302 --ignored=" --type=renderer " /prefetch:822062411
C:\Windows\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely without Kodachrome/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_53/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-experimental-extension-apis --disable-accelerated-video-decode --enable-software-compositing --channel="4660.8.580319126\844756105" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4660.9.1070978889\409844948" --ppapi-flash-args --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely without Kodachrome/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_53/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-experimental-extension-apis --disable-accelerated-video-decode --enable-software-compositing --channel="4660.11.1912873231\2088609539" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely without Kodachrome/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_53/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-experimental-extension-apis --disable-accelerated-video-decode --enable-software-compositing --channel="4660.12.598359099\1953015909" /prefetch:673131151
"C:\Users\Dominik\Downloads\RSITx64.exe"
"C:\Windows\System32\osk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000Core.job
C:\Windows\tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000UA.job
C:\Windows\tasks\Norton Security Scan for Dominik.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://search.ividi.org/?src=tbhp&id=3c ... 6&affilt=3"

"{17E113E6-CD0E-4045-B154-65F0E57959EF}"=C:\Program Files\IMPI\Firefox

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@DotSpot_2k.com/Plugin]
"Description"=DotSpot Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@richmediaplayer.com/nppluginrichmediaplayer]
"Description"=
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\nppluginrichmediaplayer.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
flashplayer.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
npffividiplg.dll
nppluginrichmediaplayer.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\extensions\
2kffxtbr@DotSpot_2k.com
battlefieldheroespatcher@ea.com
WebSiteRecommendation@weliketheweb.com
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\searchplugins\
improvedsearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-03-20 724512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-08-21 537576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-08-21 193512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5e071226-6121-4ce1-94b5-a95a92980e5f}]
Video Player - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta155\ie\VideoPlayerV3beta155.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-08-21 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B8B2E80-1444-451D-AC8E-EB9A847F3887}]
ividi Helper Object - C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-08-21 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e76b4f24-4a2f-4e65-ad36-e2aa934e547c}]
SerialTrunc - C:\Program Files (x86)\SerialTrunc\SerialTruncBHO.dll [2014-02-27 249632]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FEB703F7-E7B2-4AB0-9566-87658AC70095}]
Rich Media Player - C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll [2013-03-12 120600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-03-20 724512]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 162328]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 417304]
"mylbx"=C:\Program Files\My Lockbox\mylbx.exe [2011-02-03 1898208]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-13 472984]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2014-03-10 3588952]
"Google Update"=C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-11 136176]
"CatalinaGroup Update"=C:\Users\Dominik\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe [2014-01-06 147440]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]
C:\Program Files\Elantech\ETDCtrl.exe [2009-07-30 617856]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-07-13 2244096]
"VNT"=C:\Program Files (x86)\VNT\vntldr.exe [2014-02-13 195536]
"msagccfSrv"=C:\Windows\inf\msagccf.vbe []
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-02-26 3814736]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-03-06 4767304]

C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Ubisoft register.lnk - C:\Program Files (x86)\Ubisoft\Register\schedule.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-04-28 16:42:15 ----D---- C:\ProgramData\Razer
2014-04-28 16:42:15 ----D---- C:\Program Files (x86)\Razer
2014-03-20 21:59:39 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-03-20 21:59:22 ----A---- C:\Windows\avastSS.scr
2014-03-20 20:37:32 ----D---- C:\rsit
2014-03-15 15:13:42 ----D---- C:\ProgramData\Codemasters
2014-03-13 18:40:40 ----D---- C:\Counter-Strike 1.6
2014-03-12 22:17:49 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-03-12 22:17:49 ----A---- C:\Windows\system32\msrating.dll
2014-03-12 22:17:48 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-03-12 22:17:47 ----A---- C:\Windows\system32\ieui.dll
2014-03-12 22:17:45 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-03-12 22:17:45 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-03-12 22:17:45 ----A---- C:\Windows\system32\iesetup.dll
2014-03-12 22:17:45 ----A---- C:\Windows\system32\iernonce.dll
2014-03-12 22:17:44 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-03-12 22:17:44 ----A---- C:\Windows\system32\iesysprep.dll
2014-03-12 22:17:44 ----A---- C:\Windows\system32\ie4uinit.exe
2014-03-12 22:17:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-03-12 22:17:41 ----A---- C:\Windows\system32\iertutil.dll
2014-03-12 22:17:38 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-03-12 22:17:38 ----A---- C:\Windows\system32\msfeeds.dll
2014-03-12 22:17:38 ----A---- C:\Windows\system32\jscript.dll
2014-03-12 22:17:37 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-03-12 22:17:35 ----A---- C:\Windows\system32\jscript9.dll
2014-03-12 22:17:34 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-03-12 22:17:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-03-12 22:17:33 ----A---- C:\Windows\system32\urlmon.dll
2014-03-12 22:17:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-03-12 22:17:30 ----A---- C:\Windows\system32\jsproxy.dll
2014-03-12 22:17:29 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-03-12 22:17:29 ----A---- C:\Windows\system32\wininet.dll
2014-03-12 22:17:28 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-03-12 22:17:24 ----A---- C:\Windows\system32\ieframe.dll
2014-03-12 22:17:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-03-12 22:17:19 ----A---- C:\Windows\system32\mshtml.dll
2014-03-12 06:36:13 ----A---- C:\Windows\system32\wwansvc.dll
2014-03-12 06:36:11 ----A---- C:\Windows\SYSWOW64\wer.dll
2014-03-12 06:36:11 ----A---- C:\Windows\system32\wer.dll
2014-03-12 06:36:08 ----A---- C:\Windows\system32\win32k.sys
2014-03-12 06:36:06 ----A---- C:\Windows\system32\qedit.dll
2014-03-12 06:36:05 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-03-12 06:36:04 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-03-12 06:36:03 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-03-09 17:43:19 ----D---- C:\ProgramData\TmForever
2014-03-09 17:39:27 ----D---- C:\Program Files (x86)\TmNationsForever
2014-02-27 16:35:05 ----D---- C:\Program Files (x86)\MediaViewV1
2014-02-26 07:22:10 ----D---- C:\Windows\Migration

======List of files/folders modified in the last 1 month======

2014-03-20 22:01:48 ----D---- C:\Windows\temp
2014-03-20 22:01:47 ----D---- C:\Program Files\trend micro
2014-03-20 22:00:02 ----D---- C:\Windows\system32\drivers
2014-03-20 21:59:51 ----D---- C:\Windows\system32\Tasks
2014-03-20 21:59:34 ----D---- C:\Windows\winsxs
2014-03-20 21:59:25 ----D---- C:\Windows
2014-03-20 21:59:23 ----A---- C:\Windows\system32\aswBoot.exe
2014-03-20 21:57:48 ----SHD---- C:\System Volume Information
2014-03-20 21:56:50 ----D---- C:\ProgramData\AVAST Software
2014-03-20 21:11:38 ----D---- C:\Program Files (x86)\Origin
2014-03-20 21:09:44 ----D---- C:\Windows\system32\config
2014-03-20 21:09:28 ----D---- C:\AdwCleaner
2014-03-20 21:08:05 ----D---- C:\Windows\Tasks
2014-03-20 21:07:30 ----RD---- C:\Program Files (x86)
2014-03-20 21:07:30 ----D---- C:\Windows\SysWOW64
2014-03-20 21:07:30 ----D---- C:\Windows\System32
2014-03-20 21:06:32 ----D---- C:\ProgramData
2014-03-20 21:03:46 ----D---- C:\Program Files (x86)\Steam
2014-03-20 20:37:38 ----D---- C:\Program Files (x86)\trend micro
2014-03-20 17:31:14 ----D---- C:\Users\Dominik\AppData\Roaming\Skype
2014-03-20 13:47:01 ----D---- C:\Windows\inf
2014-03-20 13:47:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-03-20 06:52:59 ----SHD---- C:\Windows\Installer
2014-03-20 06:52:58 ----D---- C:\Config.Msi
2014-03-20 06:52:57 ----D---- C:\Users\Dominik\AppData\Roaming\Mozilla
2014-03-19 17:33:31 ----D---- C:\ProgramData\Origin
2014-03-18 22:00:55 ----D---- C:\ProgramData\Microsoft Help
2014-03-18 22:00:22 ----D---- C:\Windows\system32\MRT
2014-03-18 21:57:37 ----A---- C:\Windows\system32\MRT.exe
2014-03-16 07:31:28 ----D---- C:\Windows\system32\catroot2
2014-03-16 00:59:14 ----D---- C:\Users\Dominik\AppData\Roaming\uTorrent
2014-03-15 23:56:48 ----D---- C:\Users\Dominik\AppData\Roaming\vlc
2014-03-14 18:40:58 ----D---- C:\Program Files (x86)\SerialTrunc
2014-03-14 17:48:38 ----D---- C:\Windows\Minidump
2014-03-13 06:25:08 ----D---- C:\Program Files (x86)\Internet Explorer
2014-03-13 06:25:06 ----D---- C:\Program Files\Internet Explorer
2014-03-13 06:24:55 ----D---- C:\Program Files\Microsoft Silverlight
2014-03-13 06:24:52 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 22:18:11 ----D---- C:\Windows\system32\catroot
2014-03-11 15:11:00 ----RD---- C:\Program Files (x86)\Skype
2014-03-11 15:10:53 ----D---- C:\ProgramData\Skype
2014-03-09 17:38:52 ----D---- C:\Windows\Prefetch
2014-03-02 09:51:53 ----D---- C:\Users\Dominik\AppData\Roaming\My Battle for Middle-earth Files
2014-02-28 19:29:00 ----D---- C:\Windows\rescache
2014-02-28 06:48:14 ----D---- C:\Windows\Microsoft.NET
2014-02-27 16:36:11 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-02-27 16:35:53 ----HD---- C:\Windows\system32\GroupPolicy
2014-02-27 16:35:53 ----D---- C:\Windows\SYSWOW64\GroupPolicy
2014-02-27 13:41:57 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2014-02-27 07:38:20 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-02-26 07:29:28 ----RSD---- C:\Windows\assembly
2014-02-26 07:22:58 ----D---- C:\Windows\SYSWOW64\en-US
2014-02-26 07:22:58 ----D---- C:\Windows\system32\en-US
2014-02-26 07:22:10 ----SD---- C:\ProgramData\Microsoft
2014-02-25 15:11:37 ----D---- C:\Program Files (x86)\VNT

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-03-06 22600]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-03-20 65776]
R0 FSProFilter;FSPro File Filter; C:\Windows\System32\Drivers\FSPFltd.sys [2010-07-22 54848]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-03-20 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-03-20 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-03-20 423240]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-01-21 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-03-20 79184]
R2 WCMVCAM;WebcamMax, WDM Video Capture; C:\Windows\system32\DRIVERS\wcmvcam64.sys [2011-06-23 1071032]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-07-09 140800]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2007-08-09 13680]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-03-20 208928]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS []
S3 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-03-20 84816]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2010-03-01 127600]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2010-03-01 19568]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2010-03-01 161904]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2010-03-01 141424]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2010-03-01 34416]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2010-03-01 137328]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2010-03-01 158320]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys []
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [2012-11-13 14544]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S4 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-08-10 68608]
S4 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2005-05-16 7168]
S4 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2005-11-03 89600]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-06 45248]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-02-26 2224976]
R2 IMPI Updater;IMPI Updater; C:\Program Files\IMPI\ExtensionUpdaterService.exe [2013-02-05 185856]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-02-26 377616]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-12-05 76888]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-03-18 2271608]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2012-11-02 2365792]
R2 Util SerialTrunc;Util SerialTrunc; C:\Program Files (x86)\SerialTrunc\bin\utilSerialTrunc.exe [2014-03-15 348960]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-21 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 Update SerialTrunc;Update SerialTrunc; C:\Program Files (x86)\SerialTrunc\updateSerialTrunc.exe [2014-03-15 348960]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-21 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-02-25 568512]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-13 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\inf\msagccf.vbe
C:\Windows\tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000Core.job
C:\Windows\tasks\CatalinaGroupUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000UA.job

:reg
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"msagccfSrv"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

Tady je, je normální, že po spuštění toho programu a následně po restartu se mi otevírali sami složky, programy atd.?

Logfile of random's system information tool 1.09 (written by random/random)
Run by Dominik at 2014-03-21 06:50:55
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 133 GB (28%) free of 477 GB
Total RAM: 4061 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:50:58, on 21.3.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files\My Lockbox\mylbx.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Dominik\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe
C:\Users\Dominik\AppData\Local\CatalinaGroup\Update\1.3.25.203\CatalinaCrashHandler.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Dominik\AppData\Local\VNT\vntldr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Dominik.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.ividi.org/?src=tbhp&id=3c ... 6&affilt=3
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: VideoPlayerV3beta155 - {5e071226-6121-4ce1-94b5-a95a92980e5f} - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta155\ie\VideoPlayerV3beta155.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: ividi Helper Object - {8B8B2E80-1444-451D-AC8E-EB9A847F3887} - C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll (file missing)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SerialTrunc - {e76b4f24-4a2f-4e65-ad36-e2aa934e547c} - C:\Program Files (x86)\SerialTrunc\SerialTruncBHO.dll
O2 - BHO: Rich Media Player - {FEB703F7-E7B2-4AB0-9566-87658AC70095} - C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [VNT] C:\Program Files (x86)\VNT\vntldr.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [Google Update] "C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [CatalinaGroup Update] "C:\Users\Dominik\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Startup: Ubisoft register.lnk = C:\Program Files (x86)\Ubisoft\Register\schedule.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (file missing)
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IMPI Updater - Unknown owner - C:\Program Files\IMPI\ExtensionUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update SerialTrunc - Unknown owner - C:\Program Files (x86)\SerialTrunc\updateSerialTrunc.exe
O23 - Service: Util SerialTrunc - Unknown owner - C:\Program Files (x86)\SerialTrunc\bin\utilSerialTrunc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 9821 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2e0
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {A29C683F-B439-4056-AA31-F1924F34E4DA}
"C:\Program Files\IMPI\ExtensionUpdaterService.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\SerialTrunc\updateSerialTrunc.exe"
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:2232
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\My Lockbox\mylbx.exe" /a
"C:\Program Files (x86)\SerialTrunc\bin\utilSerialTrunc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
WLIDSvcM.exe 2788
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Users\Dominik\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe" /c
"C:\Users\Dominik\AppData\Local\CatalinaGroup\Update\1.3.25.203\CatalinaCrashHandler.exe" /crashhandler
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE" -r
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Users\Dominik\AppData\Local\VNT\vntldr.exe" /EXEC
Explorer.exe
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3300.0.1090111363\1602089184" --disable-image-transport-surface --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,5,14,27 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2302 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely without Kodachrome/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_53/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-experimental-extension-apis --disable-accelerated-video-decode --enable-software-compositing --channel="3300.3.65940079\748648146" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely without Kodachrome/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_53/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-experimental-extension-apis --disable-accelerated-video-decode --enable-software-compositing --channel="3300.4.305490269\998055252" /prefetch:673131151
"C:\Users\Dominik\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Norton Security Scan for Dominik.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://search.ividi.org/?src=tbhp&id=3c ... 6&affilt=3"

"{17E113E6-CD0E-4045-B154-65F0E57959EF}"=C:\Program Files\IMPI\Firefox

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@DotSpot_2k.com/Plugin]
"Description"=DotSpot Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@richmediaplayer.com/nppluginrichmediaplayer]
"Description"=
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\nppluginrichmediaplayer.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
flashplayer.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
npffividiplg.dll
nppluginrichmediaplayer.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\extensions\
2kffxtbr@DotSpot_2k.com
battlefieldheroespatcher@ea.com
WebSiteRecommendation@weliketheweb.com
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\searchplugins\
improvedsearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-22 245592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-08-21 537576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-08-21 193512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5e071226-6121-4ce1-94b5-a95a92980e5f}]
Video Player - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta155\ie\VideoPlayerV3beta155.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-08-21 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B8B2E80-1444-451D-AC8E-EB9A847F3887}]
ividi Helper Object - C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-03-20 597816]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-08-21 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e76b4f24-4a2f-4e65-ad36-e2aa934e547c}]
SerialTrunc - C:\Program Files (x86)\SerialTrunc\SerialTruncBHO.dll [2014-02-27 249632]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FEB703F7-E7B2-4AB0-9566-87658AC70095}]
Rich Media Player - C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll [2013-03-12 120600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-22 245592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 162328]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 417304]
"mylbx"=C:\Program Files\My Lockbox\mylbx.exe [2011-02-03 1898208]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-13 472984]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2014-03-10 3588952]
"Google Update"=C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-11 136176]
"CatalinaGroup Update"=C:\Users\Dominik\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe [2014-01-06 147440]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]
C:\Program Files\Elantech\ETDCtrl.exe [2009-07-30 617856]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-07-13 2244096]
"VNT"=C:\Program Files (x86)\VNT\vntldr.exe [2014-02-13 195536]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-02-26 3814736]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-03-20 3854640]

C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Ubisoft register.lnk - C:\Program Files (x86)\Ubisoft\Register\schedule.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-04-28 16:42:15 ----D---- C:\ProgramData\Razer
2014-04-28 16:42:15 ----D---- C:\Program Files (x86)\Razer
2014-03-21 06:41:48 ----D---- C:\_OTM
2014-03-21 06:20:03 ----D---- C:\Users\Dominik\AppData\Roaming\AVAST Software
2014-03-20 21:59:39 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-03-20 21:59:22 ----A---- C:\Windows\avastSS.scr
2014-03-20 20:37:32 ----D---- C:\rsit
2014-03-15 15:13:42 ----D---- C:\ProgramData\Codemasters
2014-03-13 18:40:40 ----D---- C:\Counter-Strike 1.6
2014-03-12 22:17:49 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-03-12 22:17:49 ----A---- C:\Windows\system32\msrating.dll
2014-03-12 22:17:48 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-03-12 22:17:47 ----A---- C:\Windows\system32\ieui.dll
2014-03-12 22:17:45 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-03-12 22:17:45 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-03-12 22:17:45 ----A---- C:\Windows\system32\iesetup.dll
2014-03-12 22:17:45 ----A---- C:\Windows\system32\iernonce.dll
2014-03-12 22:17:44 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-03-12 22:17:44 ----A---- C:\Windows\system32\iesysprep.dll
2014-03-12 22:17:44 ----A---- C:\Windows\system32\ie4uinit.exe
2014-03-12 22:17:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-03-12 22:17:41 ----A---- C:\Windows\system32\iertutil.dll
2014-03-12 22:17:38 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-03-12 22:17:38 ----A---- C:\Windows\system32\msfeeds.dll
2014-03-12 22:17:38 ----A---- C:\Windows\system32\jscript.dll
2014-03-12 22:17:37 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-03-12 22:17:35 ----A---- C:\Windows\system32\jscript9.dll
2014-03-12 22:17:34 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-03-12 22:17:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-03-12 22:17:33 ----A---- C:\Windows\system32\urlmon.dll
2014-03-12 22:17:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-03-12 22:17:30 ----A---- C:\Windows\system32\jsproxy.dll
2014-03-12 22:17:29 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-03-12 22:17:29 ----A---- C:\Windows\system32\wininet.dll
2014-03-12 22:17:28 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-03-12 22:17:24 ----A---- C:\Windows\system32\ieframe.dll
2014-03-12 22:17:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-03-12 22:17:19 ----A---- C:\Windows\system32\mshtml.dll
2014-03-12 06:36:13 ----A---- C:\Windows\system32\wwansvc.dll
2014-03-12 06:36:11 ----A---- C:\Windows\SYSWOW64\wer.dll
2014-03-12 06:36:11 ----A---- C:\Windows\system32\wer.dll
2014-03-12 06:36:08 ----A---- C:\Windows\system32\win32k.sys
2014-03-12 06:36:06 ----A---- C:\Windows\system32\qedit.dll
2014-03-12 06:36:05 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-03-12 06:36:04 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-03-12 06:36:03 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-03-09 17:43:19 ----D---- C:\ProgramData\TmForever
2014-03-09 17:39:27 ----D---- C:\Program Files (x86)\TmNationsForever
2014-02-27 16:35:05 ----D---- C:\Program Files (x86)\MediaViewV1
2014-02-26 07:22:10 ----D---- C:\Windows\Migration

======List of files/folders modified in the last 1 month======

2014-03-21 06:50:59 ----D---- C:\Windows\temp
2014-03-21 06:50:57 ----D---- C:\Program Files\trend micro
2014-03-21 06:49:59 ----D---- C:\Users\Dominik\AppData\Roaming\Skype
2014-03-21 06:49:06 ----D---- C:\Users\Dominik\AppData\Roaming\vlc
2014-03-21 06:47:24 ----D---- C:\ProgramData\Origin
2014-03-21 06:47:08 ----D---- C:\Program Files (x86)\Steam
2014-03-21 06:43:52 ----D---- C:\Program Files (x86)\Origin
2014-03-21 06:42:05 ----D---- C:\Windows\system32\config
2014-03-21 06:41:49 ----D---- C:\Windows\Tasks
2014-03-20 22:00:02 ----D---- C:\Windows\system32\drivers
2014-03-20 21:59:51 ----D---- C:\Windows\system32\Tasks
2014-03-20 21:59:34 ----D---- C:\Windows\winsxs
2014-03-20 21:59:25 ----D---- C:\Windows
2014-03-20 21:59:23 ----A---- C:\Windows\system32\aswBoot.exe
2014-03-20 21:57:48 ----SHD---- C:\System Volume Information
2014-03-20 21:56:50 ----D---- C:\ProgramData\AVAST Software
2014-03-20 21:09:28 ----D---- C:\AdwCleaner
2014-03-20 21:07:30 ----RD---- C:\Program Files (x86)
2014-03-20 21:07:30 ----D---- C:\Windows\SysWOW64
2014-03-20 21:07:30 ----D---- C:\Windows\System32
2014-03-20 21:06:32 ----D---- C:\ProgramData
2014-03-20 20:37:38 ----D---- C:\Program Files (x86)\trend micro
2014-03-20 13:47:01 ----D---- C:\Windows\inf
2014-03-20 13:47:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-03-20 06:52:59 ----SHD---- C:\Windows\Installer
2014-03-20 06:52:58 ----D---- C:\Config.Msi
2014-03-20 06:52:57 ----D---- C:\Users\Dominik\AppData\Roaming\Mozilla
2014-03-18 22:00:55 ----D---- C:\ProgramData\Microsoft Help
2014-03-18 22:00:22 ----D---- C:\Windows\system32\MRT
2014-03-18 21:57:37 ----A---- C:\Windows\system32\MRT.exe
2014-03-16 07:31:28 ----D---- C:\Windows\system32\catroot2
2014-03-16 00:59:14 ----D---- C:\Users\Dominik\AppData\Roaming\uTorrent
2014-03-14 18:40:58 ----D---- C:\Program Files (x86)\SerialTrunc
2014-03-14 17:48:38 ----D---- C:\Windows\Minidump
2014-03-13 06:25:08 ----D---- C:\Program Files (x86)\Internet Explorer
2014-03-13 06:25:06 ----D---- C:\Program Files\Internet Explorer
2014-03-13 06:24:55 ----D---- C:\Program Files\Microsoft Silverlight
2014-03-13 06:24:52 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 22:18:11 ----D---- C:\Windows\system32\catroot
2014-03-11 15:11:00 ----RD---- C:\Program Files (x86)\Skype
2014-03-11 15:10:53 ----D---- C:\ProgramData\Skype
2014-03-09 17:38:52 ----D---- C:\Windows\Prefetch
2014-03-02 09:51:53 ----D---- C:\Users\Dominik\AppData\Roaming\My Battle for Middle-earth Files
2014-02-28 19:29:00 ----D---- C:\Windows\rescache
2014-02-28 06:48:14 ----D---- C:\Windows\Microsoft.NET
2014-02-27 16:36:11 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-02-27 16:35:53 ----HD---- C:\Windows\system32\GroupPolicy
2014-02-27 16:35:53 ----D---- C:\Windows\SYSWOW64\GroupPolicy
2014-02-27 13:41:57 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2014-02-27 07:38:20 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-02-26 07:29:28 ----RSD---- C:\Windows\assembly
2014-02-26 07:22:58 ----D---- C:\Windows\SYSWOW64\en-US
2014-02-26 07:22:58 ----D---- C:\Windows\system32\en-US
2014-02-26 07:22:10 ----SD---- C:\ProgramData\Microsoft
2014-02-25 15:11:37 ----D---- C:\Program Files (x86)\VNT

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-03-06 22600]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-03-20 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-03-20 208928]
R0 FSProFilter;FSPro File Filter; C:\Windows\System32\Drivers\FSPFltd.sys [2010-07-22 54848]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-03-20 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-03-20 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-03-20 423240]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-01-21 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-03-20 79184]
R2 WCMVCAM;WebcamMax, WDM Video Capture; C:\Windows\system32\DRIVERS\wcmvcam64.sys [2011-06-23 1071032]
R3 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-03-20 84816]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-07-09 140800]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2007-08-09 13680]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2010-03-01 127600]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2010-03-01 19568]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2010-03-01 161904]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2010-03-01 141424]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2010-03-01 34416]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2010-03-01 137328]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2010-03-01 158320]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys []
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [2012-11-13 14544]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S4 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-08-10 68608]
S4 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2005-05-16 7168]
S4 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2005-11-03 89600]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-03-20 50344]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-02-26 2224976]
R2 IMPI Updater;IMPI Updater; C:\Program Files\IMPI\ExtensionUpdaterService.exe [2013-02-05 185856]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-02-26 377616]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-12-05 76888]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-03-18 2271608]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2012-11-02 2365792]
R2 Update SerialTrunc;Update SerialTrunc; C:\Program Files (x86)\SerialTrunc\updateSerialTrunc.exe [2014-03-15 348960]
R2 Util SerialTrunc;Util SerialTrunc; C:\Program Files (x86)\SerialTrunc\bin\utilSerialTrunc.exe [2014-03-15 348960]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-21 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-21 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-02-25 568512]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-13 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Dominik111 píše:...je normální, že po spuštění toho programu a následně po restartu se mi otevírali sami složky, programy atd.?

Neměly by. Záleží teké na tom, co se otevíralo. Problém trvá?

Dvouklikem na soubor C:\Program Files\trend micro\Dominik.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.ividi.org/?src=tbhp&id=3c ... 6&affilt=3
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: VideoPlayerV3beta155 - {5e071226-6121-4ce1-94b5-a95a92980e5f} - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta155\ie\VideoPlayerV3beta155.dll (file missing)
O2 - BHO: ividi Helper Object - {8B8B2E80-1444-451D-AC8E-EB9A847F3887} - C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll (file missing)
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (file missing)
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

Problém už je vyřešen

, ještě něco sem mám dát nebo už je hotovo

Pokud je vše v pořádku, není třeba.

VIRY.CZ

Zasekaný pc

Zasekaný pc

Re: Zasekaný pc

Re: Zasekaný pc

Re: Zasekaný pc

Re: Zasekaný pc

Re: Zasekaný pc

Re: Zasekaný pc

Re: Zasekaný pc

Re: Zasekaný pc

Re: Zasekaný pc