VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

nejde nainstalovat antivirus

https://forum.viry.cz:443/viewtopic.php?t=142166

Stránka 1 z 2

nejde nainstalovat antivirus

Napsal: 30 pro 2014 20:17
od PeterZ
Prosím o kontrolu, na notebook nejde nainstalovat antivirus, pri pokusu zmrzne:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Saska at 2014-12-30 20:09:16
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 27 GB (27%) free of 100 GB
Total RAM: 4094 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:09:27, on 30. 12. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Windows\SysWOW64\mjcm\dnkt.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Hitachi Software Engineering\StarBoard Driver\DGBoard.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Hitachi Software Engineering\StarBoard Driver\DGBWinTouchChg.exe
C:\Program Files (x86)\ICQ7.6\ICQ.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files\trend micro\Saska.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?st=6&barid={1C ... F232DDC309}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?st=6&barid={1C ... F232DDC309}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (file missing)
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (file missing)
O2 - BHO: wxDfast - {40CA53B8-1422-4884-AB65-155E75B923E4} - C:\ProgramData\wxDfast\bhoclass.dll (file missing)
O2 - BHO: SMART Notebook Download Plugin - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Notebook Software\NotebookPlugin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (file missing)
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (file missing)
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [StarBoardDriver] "C:\Program Files (x86)\Hitachi Software Engineering\StarBoard Driver\DGBoard.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [5cd8f17f4086744065eb0992a09e05a2] "C:\Users\Saska\AppData\Local\Temp\Trojan.exe" ..
O4 - HKCU\..\Run: [ICQ] ~"C:\Program Files (x86)\ICQ7.6\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [5cd8f17f4086744065eb0992a09e05a2] "C:\Users\Saska\AppData\Local\Temp\Trojan.exe" ..
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {F8E691A0-C92E-4E42-9CDA-62FC07A9483B} (nvUnifiedControl Control) - http://actiftp.hosting4less.com/ACTIGEN ... ontrol.ocx
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IBUpdaterService - Unknown owner - C:\Windows\system32\dmwu.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe (file missing)
O23 - Service: mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit (mi-raysat_3dsmax2012_64) - Unknown owner - C:\Program Files\Autodesk\3D Max\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13724 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
atieclxx
/QuitInfo:00000000000006DC;00000000000006E0; /AddRef;
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe"
"taskhost.exe"
taskeng.exe {CB9AEDC5-73B9-4A03-8682-20386D059FC1}
/QuitInfo:00000000000007A4;00000000000007A8; /AddRef;
/QuitInfo:0000000000000794;00000000000007B0;
taskeng.exe {FBD68979-0B20-4E53-A25A-2F44AD96560D}
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\system32\dmwu.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe" --autorun
C:\Windows\Explorer.EXE
"C:\Program Files\Autodesk\3D Max\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe"
/loadhooks /Parent:00000000000006FC
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe"
"C:\Windows\System32\dinotify.exe" pnpui.dll,SimplifiedDINotification
"C:\Windows\SysWOW64\mjcm\dnkt.exe"
"C:\Windows\System32\tprb\dnkt.exe"
ATKOSD.exe
"C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
WDC.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b6c59d59-12f9-4927-a76a-b23fa7c8dfc9 -SystemEventPortName:HostProcess-d0fd63dc-bff2-4b3d-ad01-21d38281ab11 -IoCancelEventPortName:HostProcess-292c7498-c557-4a19-a510-dcd54c581b87 -NonStateChangingEventPortName:HostProcess-21df3207-969b-4daf-abbc-1d8265fe3c8e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a5d4504a-9091-4e27-835e-2e1ffe2057f1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip /h
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\CyberLink\Shared files\brs.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Hitachi Software Engineering\StarBoard Driver\DGBoard.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
"C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files (x86)\Hitachi Software Engineering\StarBoard Driver\DGBWinTouchChg.exe"
"C:\Program Files (x86)\ICQ7.6\ICQ.exe" silent loginmode=4
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
{B8A106F9-FED2-4718-B11A-E6BA58F6FB47}
{993B43F8-0234-457B-99DE-2ADAF316F902}
{B696235D-7322-4A0B-AB5B-F3689CA3866F}
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\Saska\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DriverToolkit Autorun.job - C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe --autorun
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default

prefs.js - "browser.startup.homepage" - "http://home.sweetim.com/?barid=&UPN2=92 ... 23&ptr=100"
prefs.js - "keyword.URL" - "http://search.sweetim.com/search.asp?sr ... ptr=100&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.246 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Doplnok iTunes Detector
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.246 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{D6D05E6F-D5C1-4e03-8E33-73F92B05E262}

C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\extensions\
info@wxdownloadmanager.com
{800b5000-a755-47e1-992b-48a1c1357f07}

C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-25.xml
icqplugin-26.xml
icqplugin-27.xml
icqplugin-28.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
MyStart Search.xml
MyStart.xml
SweetIM Search.xml
sweetim.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
Babylon toolbar helper - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{40CA53B8-1422-4884-AB65-155E75B923E4}]
wxDfast Class - C:\ProgramData\wxDfast\bhoclass.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67BCF957-85FC-4036-8DC4-D4D80E00A77B}]
CIEDownload Object - C:\Program Files (x86)\SMART Technologies\Notebook Software\NotebookPlugin.dll [2008-07-31 558376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll []
{98889811-442D-49dd-99D7-DC866BE87DBC} - Babylon Toolbar - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll []
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-06-10 649608]
"AtherosBtStack"=C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe [2010-11-25 613536]
"AthBtTray"=C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe [2010-11-25 379040]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-13 10144288]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=~C:\Program Files (x86)\ICQ7.6\ICQ.exe silent loginmode=4 []
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
"PC Suite Tray"=C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
"AdobeBridge"= []
"5cd8f17f4086744065eb0992a09e05a2"=C:\Users\Saska\AppData\Local\Temp\Trojan.exe .. []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-09-21 98304]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
""= []
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe []
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2010-02-02 87336]
"BDRegion"=C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2010-08-26 75048]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
"StarBoardDriver"=C:\Program Files (x86)\Hitachi Software Engineering\StarBoard Driver\DGBoard.exe [2010-12-10 859232]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2012-10-04 115032]
"Sweetpacks Communicator"=C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-08-15 231768]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]
"5cd8f17f4086744065eb0992a09e05a2"=C:\Users\Saska\AppData\Local\Temp\Trojan.exe .. []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-12-30 20:21:16 ----AD---- C:\.Trash-999
2014-12-30 20:09:19 ----D---- C:\Program Files\trend micro
2014-12-30 20:09:16 ----D---- C:\rsit
2014-12-30 19:59:54 ----A---- C:\TDSSKiller.2.8.13.0_30.12.2014_19.59.54_log.txt
2014-12-30 17:03:58 ----AD---- C:\$Anvi Rescue Disk$
2014-12-20 13:26:06 ----D---- C:\Program Files\CCleaner
2014-12-15 20:45:11 ----A---- C:\Windows\SYSWOW64\.tmp
2014-12-09 16:27:05 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2014-12-30 20:09:25 ----D---- C:\Windows\Prefetch
2014-12-30 20:09:23 ----D---- C:\Windows\Temp
2014-12-30 20:09:19 ----RD---- C:\Program Files
2014-12-30 20:07:26 ----D---- C:\Windows\system32\catroot2
2014-12-30 20:07:26 ----D---- C:\Windows\system32\catroot
2014-12-30 20:07:17 ----D---- C:\Windows\winsxs
2014-12-30 20:06:44 ----D---- C:\Windows\system32\config
2014-12-30 20:01:46 ----D---- C:\Windows\System32
2014-12-30 20:01:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-30 19:59:55 ----D---- C:\Windows\system32\drivers
2014-12-30 19:57:39 ----SHD---- C:\System Volume Information
2014-12-30 19:29:51 ----D---- C:\Windows\inf
2014-12-30 10:56:02 ----D---- C:\Windows
2014-12-30 10:55:15 ----D---- C:\Windows\system32\wbem
2014-12-30 10:55:15 ----D---- C:\Windows\registration
2014-12-29 12:07:47 ----D---- C:\Windows\Minidump
2014-12-29 11:55:35 ----SHD---- C:\Windows\Installer
2014-12-29 11:55:30 ----SHD---- C:\Config.Msi
2014-12-29 11:55:29 ----RD---- C:\Program Files (x86)
2014-12-29 11:55:27 ----D---- C:\Windows\system32\Tasks
2014-12-29 11:55:03 ----HD---- C:\ProgramData
2014-12-20 13:31:44 ----D---- C:\Users\Saska\AppData\Roaming\TeamViewer
2014-12-20 13:31:44 ----D---- C:\Users\Saska\AppData\Roaming\DAEMON Tools Pro
2014-12-20 13:31:44 ----D---- C:\Users\Saska\AppData\Roaming\DAEMON Tools Lite
2014-12-20 13:31:30 ----D---- C:\Users\Saska\AppData\Roaming\uTorrent
2014-12-20 13:31:30 ----D---- C:\Users\Saska\AppData\Roaming\Skype
2014-12-20 13:31:30 ----D---- C:\Program Files (x86)\PDFCreator
2014-12-20 13:31:24 ----D---- C:\Windows\Panther
2014-12-20 13:31:24 ----D---- C:\Windows\ModemLogs
2014-12-20 13:31:23 ----D---- C:\Windows\Logs
2014-12-20 13:31:23 ----D---- C:\Windows\debug
2014-12-15 20:45:11 ----D---- C:\Windows\SysWOW64
2014-12-10 23:48:22 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-09 20:06:18 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-08 14:25:24 ----D---- C:\Windows\SYSWOW64\mjcm
2014-12-08 14:25:24 ----D---- C:\Windows\system32\tprb
2014-12-07 10:10:49 ----D---- C:\Users\Saska\AppData\Roaming\vlastná fotokniha
2014-12-07 10:00:05 ----D---- C:\Windows\SYSWOW64\ARFC
2014-12-07 09:59:09 ----D---- C:\Windows\SYSWOW64\WNLT
2014-12-02 11:24:48 ----A---- C:\Windows\system32\dmwu.exe
2014-12-02 11:21:14 ----A---- C:\Windows\system32\ImHttpComm.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2011-02-01 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2011-02-01 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-14 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-09-22 7883264]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-09-22 285696]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-11-25 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-07-08 2228736]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-23 119312]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-11-25 298144]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-11-25 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-11-25 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-11-25 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-11-25 154272]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-02-01 80384]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-12-14 53800]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-01-15 98344]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2010-01-15 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-01-15 21288]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-04-13 2345760]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-08-19 143472]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits); C:\Windows\system32\DRIVERS\JME.sys [2010-10-12 131552]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 StarBoardMT;StarBoard Software Multi-touch; C:\Windows\system32\DRIVERS\StarBoardMT.sys [2011-01-26 28968]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-04-29 38528]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-09-24 116752]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-02-01 552448]
S3 dmvsc;dmvsc; C:\Windows\system32\DRIVERS\dmvsc.sys [2011-02-01 71168]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2012-01-09 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2011-02-01 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2011-02-01 20992]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2011-02-01 6656]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2011-02-01 109056]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2011-02-01 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2011-02-01 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\DRIVERS\terminpt.sys [2011-02-01 34816]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2011-02-01 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\DRIVERS\TsUsbGD.sys [2011-02-01 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2011-02-01 117248]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-08-15 54784]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2011-02-01 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\DRIVERS\vmbus.sys [2011-02-01 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2011-02-01 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2011-02-01 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-09-22 203264]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe [2010-05-24 151552]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2010-11-25 52896]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-03-11 873248]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IBUpdaterService;IBUpdaterService; C:\Windows\system32\dmwu.exe [2014-12-02 3037488]
R2 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit; C:\Program Files\Autodesk\3D Max\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [2011-02-22 86016]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2009-07-24 189728]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23 107912]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2011-12-01 85096]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-02-14 1431888]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23 107912]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe []
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-09 114800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Re: nejde nainstalovat antivirus

Napsal: 30 pro 2014 20:38
od Rudy
Zdravím!
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: nejde nainstalovat antivirus

Napsal: 30 pro 2014 20:48
od PeterZ
tu je log z AdwCleaner:

# AdwCleaner v4.106 - Report created 30/12/2014 at 20:43:58
# Updated 21/12/2014 by Xplode
# Database : 2014-12-30.1 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Saska - SASKA-PC
# Running from : C:\Users\Saska\Desktop\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : IBUpdaterService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\ProgramData\wxDfast
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wxDfast
Folder Deleted : C:\Program Files (x86)\~BabylonToolbar
Folder Deleted : C:\Program Files (x86)\FTDownloader.com
Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Folder Deleted : C:\Windows\SysWOW64\ARFC
Folder Deleted : C:\Windows\SysWOW64\jmdp
Folder Deleted : C:\Windows\SysWOW64\WNLT
Folder Deleted : C:\Windows\System32\ljkb
Folder Deleted : C:\Users\Saska\AppData\Local\Babylon
Folder Deleted : C:\Users\Saska\AppData\Local\PackageAware
Folder Deleted : C:\Users\Saska\AppData\Local\PutLockerDownloader
Folder Deleted : C:\Users\Saska\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Saska\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\Saska\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Saska\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\Saska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com
Folder Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
[!] Folder Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
Folder Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\Extensions\info@wxdownloadmanager.com
Folder Deleted : C:\Users\Saska\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Deleted : C:\Users\Saska\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbcjjdjanpccmehilicphhmeobiljcpk
Folder Deleted : C:\Users\Saska\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Folder Deleted : C:\Users\Saska\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppjemjejnnojomfekgbpbbnecicblllf
Folder Deleted : C:\Users\Saska\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Deleted : C:\Windows\System32\dmwu.exe
File Deleted : C:\Windows\System32\ImhxxpComm.dll
File Deleted : C:\Users\Saska\AppData\LocalLow\SkwConfig.bin
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\invalidprefs.js
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin.gif
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin.src
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-10.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-11.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-12.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-13.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-14.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-15.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-16.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-17.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-18.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-19.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-20.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-21.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-22.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-23.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-24.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-25.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-26.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-27.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-28.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-6.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-7.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-8.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\icqplugin-9.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\MyStart Search.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\MyStart.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\SweetIM Search.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\searchplugins\SweetIm.xml
File Deleted : C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\user.js

***** [ Scheduled Tasks ] *****

Task Deleted : Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mbcjjdjanpccmehilicphhmeobiljcpk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ppjemjejnnojomfekgbpbbnecicblllf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\iMesh_V11_en_Setup.exe
Key Deleted : HKLM\SOFTWARE\Classes\Applications\iMeshV11.exe
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho
Key Deleted : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho.1.0
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\FTDownloader
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
Key Deleted : HKCU\Software\5cd8f17f4086744065eb0992a09e05a2
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{40CA53B8-1422-4884-AB65-155E75B923E4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{40CA53B8-1422-4884-AB65-155E75B923E4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{40CA53B8-1422-4884-AB65-155E75B923E4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{40CA53B8-1422-4884-AB65-155E75B923E4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKCU\Software\wscontb
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\WNLT
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4F4C5E11-0612-48D2-8055-987992AAC432}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{953AA732-9AFB-49C9-84A4-7F96CA0A08DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c3e85ee9-5892-4142-b537-bceb3dac4c3d}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wxDownload Fast_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00B2-041B-0000-0000000FF1CE}
Key Deleted : [x64] HKCU\Software\WNLT
Key Deleted : [x64] HKLM\SOFTWARE\WNLT
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\237AA359BFA99C94484AF769ACA080AD
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\237AA359BFA99C94484AF769ACA080AD
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\237AA359BFA99C94484AF769ACA080AD
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7601.17514

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v34.0.5 (x86 cs)

[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "hxxp://home.sweetim.com/?barid=&UPN2=92546907672636175&src=97&did=10963&&st=23&ptr=100");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "SweetIM Search");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("extensions.3499ur3ur4hsssasasds3332s.scode", "(function(){try{if('aol.com,mail.google.com,mystart.incredibar.com,premiumreports.info,search.babylon.com,search.funmoods.com,search.gboxapp.co[...]
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=111372");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "9cfb9f9b00000000000020cf3046d4df");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.id", "9cfb9f9b00000000000020cf3046d4df");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15406");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1721:43:15");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.engineVerified", true);
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.facebookSmilesAddonShowedPopup", true);
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.firstTbRun", false);
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.geolastmodified", 1419851106);
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.history", "moravske%20ludove%20piesneazet-maildenna%20tlacg%20mailzoznam%20slovenskeho%20internetudievcenske%20lyziarky%20predamkozene%20snowboardove%20topanky%20burt[...]
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.hpChange", true);
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.icqgeo", 4201);
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.installTime", "1343238621");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.installsource", "1");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.newtab_most_visited_state", "1");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.newtab_state", "1");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.previousFFVersion", "34.0.5");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.suggestions", false);
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.uniqueID", "131895212413189523641318959464917");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1419966320);
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.userEngineApproved", true);
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.userHpApproved", true);
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.version", "1.5.3");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?src=6&barid=&UPN2=92546907672636175&&did=10963&st=23&ptr=100&q=");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.RevertDialog.enable", "false");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1419851128937");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.Visibility.enable", "true");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.cargo", "3.1010000.10005");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.cda.returnValue", "hide");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.dialogs.0.height", "335");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote ... crg=$cargo;");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.dialogs.0.width", "761");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.dialogs.1.height", "300");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.dialogs.1.width", "500");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.dialogs.2.height", "150");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.dialogs.2.width", "530");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*.*.facebook.com/.*.*.google.com/.*.*.google.co.in/.*.*.google.com.br/.*.*.google.es/.*.*.youtube.com/.*.*.yahoo.com/.*.[...]
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.mode.debug", "false");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.newtab.created", "false");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.newtab.enable", "false");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.previous.browser.newtab.url", "about:newtab");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "ICQ Search");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Google");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.google.sk/");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolba ... crg=$cargo;");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.apps.)?facebook\\.com.*");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.0.enable", "false");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.apps.)?facebook\\.com.*");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.1.enable", "false");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.2.callback", "");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*.*.bing..*.*.live..*.*.msn..*.*.yahoo..*.*.youtube.com.*.*ask.com.*.*.sweetim.com.*");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.2.enable", "false");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.search.history", "minnezota%20google,ve%C4%BEk%C3%A9%20rip%C5%88any%20potok");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "false");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.simapp_id", "{1C708F25-BC07-4A40-9A1C-E1F232DDC309}");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?st=6&barid={1C708F25-BC07-4A40-9A1C-E1F232DDC309}");
[ztu5dyjg.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.version", "1.9.0.0");

-\\ Google Chrome v39.0.2171.95

[C:\Users\Saska\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid=&&st=23&ptr=100&did=10963&UPN2=92546907672636175

*************************

AdwCleaner[R0].txt - [53817 octets] - [30/12/2014 20:41:50]
AdwCleaner[S0].txt - [53784 octets] - [30/12/2014 20:43:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [53845 octets] ##########

Re: nejde nainstalovat antivirus

Napsal: 30 pro 2014 21:47
od Rudy
Dejte nový log RSIT.

Re: nejde nainstalovat antivirus

Napsal: 30 pro 2014 21:53
od PeterZ
Logfile of random's system information tool 1.10 (written by random/random)
Run by Saska at 2014-12-30 21:51:35
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 27 GB (27%) free of 100 GB
Total RAM: 4094 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:51:38, on 30. 12. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Hitachi Software Engineering\StarBoard Driver\DGBoard.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Hitachi Software Engineering\StarBoard Driver\DGBWinTouchChg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\trend micro\Saska.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (file missing)
O2 - BHO: SMART Notebook Download Plugin - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Notebook Software\NotebookPlugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [StarBoardDriver] "C:\Program Files (x86)\Hitachi Software Engineering\StarBoard Driver\DGBoard.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [5cd8f17f4086744065eb0992a09e05a2] "C:\Users\Saska\AppData\Local\Temp\Trojan.exe" ..
O4 - HKCU\..\Run: [ICQ] ~"C:\Program Files (x86)\ICQ7.6\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [5cd8f17f4086744065eb0992a09e05a2] "C:\Users\Saska\AppData\Local\Temp\Trojan.exe" ..
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_246_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {F8E691A0-C92E-4E42-9CDA-62FC07A9483B} (nvUnifiedControl Control) - http://actiftp.hosting4less.com/ACTIGEN ... ontrol.ocx
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe (file missing)
O23 - Service: mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit (mi-raysat_3dsmax2012_64) - Unknown owner - C:\Program Files\Autodesk\3D Max\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11725 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
atieclxx
/QuitInfo:00000000000006D0;00000000000006D4; /AddRef;
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe"
"taskhost.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
taskeng.exe {427FB384-99AA-4003-9FC1-968AF2762C45}
/QuitInfo:000000000000079C;00000000000007A8; /AddRef;
/QuitInfo:0000000000000790;00000000000007B0;
"C:\Program Files\Autodesk\3D Max\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe" --autorun
/loadhooks /Parent:0000000000000774
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
C:\Windows\Explorer.EXE
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-fff3b431-a6d7-4566-a785-5144ea472e42 -SystemEventPortName:HostProcess-1bfaa32d-16f8-4928-8c31-6c8805bcd21d -IoCancelEventPortName:HostProcess-c55ca110-61d8-4f00-92f2-f378b2ba20c2 -NonStateChangingEventPortName:HostProcess-82007563-9d78-4476-95e3-049f54835290 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b85064b9-9eb5-49e5-85c9-569c2dc63cc6
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe"
ATKOSD.exe
"C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
WDC.exe
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip /h
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\CyberLink\Shared files\brs.exe"
"C:\Program Files (x86)\Hitachi Software Engineering\StarBoard Driver\DGBoard.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Hitachi Software Engineering\StarBoard Driver\DGBWinTouchChg.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
{ECB72B5B-5EE0-4321-A6B7-6D03DB50E683}
{10F2723E-DE12-4ACB-A661-C2A86EBF0FB3}
{EA6F3E30-2988-4593-86A0-7B001055FA91}
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\Windows\system32\wuauclt.exe"

taskeng.exe {5436F9D9-A691-4930-AB36-58D9EDCD566B}
"C:\Users\Saska\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DriverToolkit Autorun.job - C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe --autorun
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default

prefs.js - "browser.startup.homepage" - "http://www.google.sk/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.246 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Doplnok iTunes Detector
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.246 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{D6D05E6F-D5C1-4e03-8E33-73F92B05E262}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67BCF957-85FC-4036-8DC4-D4D80E00A77B}]
CIEDownload Object - C:\Program Files (x86)\SMART Technologies\Notebook Software\NotebookPlugin.dll [2008-07-31 558376]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-06-10 649608]
"AtherosBtStack"=C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe [2010-11-25 613536]
"AthBtTray"=C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe [2010-11-25 379040]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-13 10144288]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=~C:\Program Files (x86)\ICQ7.6\ICQ.exe silent loginmode=4 []
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
"PC Suite Tray"=C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
"AdobeBridge"= []
"5cd8f17f4086744065eb0992a09e05a2"=C:\Users\Saska\AppData\Local\Temp\Trojan.exe .. []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_246_Plugin.exe [2014-12-10 855216]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-09-21 98304]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
""= []
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2010-02-02 87336]
"BDRegion"=C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2010-08-26 75048]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
"StarBoardDriver"=C:\Program Files (x86)\Hitachi Software Engineering\StarBoard Driver\DGBoard.exe [2010-12-10 859232]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]
"5cd8f17f4086744065eb0992a09e05a2"=C:\Users\Saska\AppData\Local\Temp\Trojan.exe .. []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-12-30 20:41:45 ----D---- C:\AdwCleaner
2014-12-30 20:21:16 ----AD---- C:\.Trash-999
2014-12-30 20:09:19 ----D---- C:\Program Files\trend micro
2014-12-30 20:09:16 ----D---- C:\rsit
2014-12-30 19:59:54 ----A---- C:\TDSSKiller.2.8.13.0_30.12.2014_19.59.54_log.txt
2014-12-30 17:03:58 ----AD---- C:\$Anvi Rescue Disk$
2014-12-20 13:26:06 ----D---- C:\Program Files\CCleaner
2014-12-15 20:45:11 ----A---- C:\Windows\SYSWOW64\.tmp
2014-12-09 16:27:05 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2014-12-30 21:51:36 ----D---- C:\Windows\Temp
2014-12-30 21:00:46 ----D---- C:\Windows\system32\config
2014-12-30 20:45:47 ----D---- C:\Windows\inf
2014-12-30 20:45:07 ----D---- C:\Windows
2014-12-30 20:44:18 ----D---- C:\Windows\Prefetch
2014-12-30 20:44:03 ----D---- C:\Windows\System32
2014-12-30 20:44:01 ----SHD---- C:\Windows\Installer
2014-12-30 20:44:01 ----RD---- C:\Program Files (x86)
2014-12-30 20:44:01 ----D---- C:\Windows\SysWOW64
2014-12-30 20:44:00 ----HD---- C:\ProgramData
2014-12-30 20:09:19 ----RD---- C:\Program Files
2014-12-30 20:07:26 ----D---- C:\Windows\system32\catroot2
2014-12-30 20:07:26 ----D---- C:\Windows\system32\catroot
2014-12-30 20:07:17 ----D---- C:\Windows\winsxs
2014-12-30 20:01:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-30 19:59:55 ----D---- C:\Windows\system32\drivers
2014-12-30 19:57:39 ----SHD---- C:\System Volume Information
2014-12-30 10:55:15 ----D---- C:\Windows\system32\wbem
2014-12-30 10:55:15 ----D---- C:\Windows\registration
2014-12-29 12:07:47 ----D---- C:\Windows\Minidump
2014-12-29 11:55:30 ----SHD---- C:\Config.Msi
2014-12-29 11:55:27 ----D---- C:\Windows\system32\Tasks
2014-12-20 13:31:44 ----D---- C:\Users\Saska\AppData\Roaming\TeamViewer
2014-12-20 13:31:44 ----D---- C:\Users\Saska\AppData\Roaming\DAEMON Tools Pro
2014-12-20 13:31:44 ----D---- C:\Users\Saska\AppData\Roaming\DAEMON Tools Lite
2014-12-20 13:31:30 ----D---- C:\Users\Saska\AppData\Roaming\uTorrent
2014-12-20 13:31:30 ----D---- C:\Users\Saska\AppData\Roaming\Skype
2014-12-20 13:31:30 ----D---- C:\Program Files (x86)\PDFCreator
2014-12-20 13:31:24 ----D---- C:\Windows\Panther
2014-12-20 13:31:24 ----D---- C:\Windows\ModemLogs
2014-12-20 13:31:23 ----D---- C:\Windows\Logs
2014-12-20 13:31:23 ----D---- C:\Windows\debug
2014-12-10 23:48:22 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-09 20:06:18 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-08 14:25:24 ----D---- C:\Windows\SYSWOW64\mjcm
2014-12-08 14:25:24 ----D---- C:\Windows\system32\tprb
2014-12-07 10:10:49 ----D---- C:\Users\Saska\AppData\Roaming\vlastná fotokniha

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2011-02-01 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2011-02-01 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-14 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-09-22 7883264]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-09-22 285696]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-11-25 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-07-08 2228736]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-23 119312]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-11-25 298144]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-11-25 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-11-25 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-11-25 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-11-25 154272]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-02-01 80384]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-12-14 53800]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-01-15 98344]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2010-01-15 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-01-15 21288]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-04-13 2345760]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-08-19 143472]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits); C:\Windows\system32\DRIVERS\JME.sys [2010-10-12 131552]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 StarBoardMT;StarBoard Software Multi-touch; C:\Windows\system32\DRIVERS\StarBoardMT.sys [2011-01-26 28968]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-04-29 38528]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-09-24 116752]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-02-01 552448]
S3 dmvsc;dmvsc; C:\Windows\system32\DRIVERS\dmvsc.sys [2011-02-01 71168]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2012-01-09 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2011-02-01 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2011-02-01 20992]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2011-02-01 6656]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2011-02-01 109056]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2011-02-01 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2011-02-01 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\DRIVERS\terminpt.sys [2011-02-01 34816]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2011-02-01 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\DRIVERS\TsUsbGD.sys [2011-02-01 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2011-02-01 117248]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-08-15 54784]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2011-02-01 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\DRIVERS\vmbus.sys [2011-02-01 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2011-02-01 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2011-02-01 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-09-22 203264]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe [2010-05-24 151552]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2010-11-25 52896]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-03-11 873248]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit; C:\Program Files\Autodesk\3D Max\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [2011-02-22 86016]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2009-07-24 189728]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23 107912]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2011-12-01 85096]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-02-14 1431888]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23 107912]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe []
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-09 114800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Re: nejde nainstalovat antivirus

Napsal: 30 pro 2014 22:17
od Rudy
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Program Files\McAfee Security Scan
C:\Users\Saska\AppData\Local\Temp\Trojan.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\SYSWOW64\.tmp

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"5cd8f17f4086744065eb0992a09e05a2"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"5cd8f17f4086744065eb0992a09e05a2"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Re: nejde nainstalovat antivirus

Napsal: 30 pro 2014 22:56
od PeterZ
dávam log, ale musim poznamenat, ze po restartovani po tom skenu windows nenabehol a bootovani zmrzlo to na logu windows, safe mode taky zmrznul - presne to same se stavalo po pokusu o instalaci antivirusu. Musel sem to vyresit pres RegBack

Logfile of random's system information tool 1.10 (written by random/random)
Run by Saska at 2014-12-30 22:51:03
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 27 GB (27%) free of 100 GB
Total RAM: 4094 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:51:12, on 30. 12. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Hitachi Software Engineering\StarBoard Driver\DGBoard.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files (x86)\Hitachi Software Engineering\StarBoard Driver\DGBWinTouchChg.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Saska.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?st=6&barid={1C ... F232DDC309}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (file missing)
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (file missing)
O2 - BHO: wxDfast - {40CA53B8-1422-4884-AB65-155E75B923E4} - C:\ProgramData\wxDfast\bhoclass.dll (file missing)
O2 - BHO: SMART Notebook Download Plugin - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Notebook Software\NotebookPlugin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (file missing)
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (file missing)
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (file missing)
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (file missing)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [StarBoardDriver] "C:\Program Files (x86)\Hitachi Software Engineering\StarBoard Driver\DGBoard.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [5cd8f17f4086744065eb0992a09e05a2] "C:\Users\Saska\AppData\Local\Temp\Trojan.exe" ..
O4 - HKCU\..\Run: [ICQ] ~"C:\Program Files (x86)\ICQ7.6\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {F8E691A0-C92E-4E42-9CDA-62FC07A9483B} (nvUnifiedControl Control) - http://actiftp.hosting4less.com/ACTIGEN ... ontrol.ocx
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IBUpdaterService - Unknown owner - C:\Windows\system32\dmwu.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe (file missing)
O23 - Service: mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit (mi-raysat_3dsmax2012_64) - Unknown owner - C:\Program Files\Autodesk\3D Max\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13289 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
atieclxx
/QuitInfo:00000000000006D4;00000000000006D8; /AddRef;
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe"
"taskhost.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
/QuitInfo:0000000000000830;0000000000000834; /AddRef;
taskeng.exe {A8FA4A29-D78C-4066-9A9B-36A00B6382B1}
/QuitInfo:000000000000081C;000000000000083C;
taskeng.exe {81AC6DE2-9D59-4BD4-B445-CB72CBE7A517}
"C:\Program Files\Autodesk\3D Max\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe" --autorun
/loadhooks /Parent:0000000000000774
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
C:\Windows\Explorer.EXE
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
ATKOSD.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
WDC.exe
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip /h
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\CyberLink\Shared files\brs.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Hitachi Software Engineering\StarBoard Driver\DGBoard.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
{1B8AD0B3-7C9A-4261-B795-0803570CAEC9}
{276B9584-EF2D-41B9-A880-462F0A4C489F}
{7F1CE859-9241-4864-BE5F-80FCD19B57EC}
"C:\Program Files (x86)\Hitachi Software Engineering\StarBoard Driver\DGBWinTouchChg.exe"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-fc9b6f61-b7a4-4361-ab38-56d02a15d243 -SystemEventPortName:HostProcess-b0ddb010-dd67-4654-b157-a8cfe21005fd -IoCancelEventPortName:HostProcess-84ede625-bc7c-48ee-b60e-14bc076bcc7d -NonStateChangingEventPortName:HostProcess-61e80f9f-5bf7-4ae0-a984-0353d0860422 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:462c09ca-eb49-4cae-90e0-7b3ac7f2068d
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\Saska\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DriverToolkit Autorun.job - C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe --autorun

=========Mozilla firefox=========

ProfilePath - C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default

prefs.js - "browser.startup.homepage" - "http://www.google.sk/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.246 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Doplnok iTunes Detector
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.246 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{D6D05E6F-D5C1-4e03-8E33-73F92B05E262}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
Babylon toolbar helper - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{40CA53B8-1422-4884-AB65-155E75B923E4}]
wxDfast Class - C:\ProgramData\wxDfast\bhoclass.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67BCF957-85FC-4036-8DC4-D4D80E00A77B}]
CIEDownload Object - C:\Program Files (x86)\SMART Technologies\Notebook Software\NotebookPlugin.dll [2008-07-31 558376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll []
{98889811-442D-49dd-99D7-DC866BE87DBC} - Babylon Toolbar - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll []
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-06-10 649608]
"AtherosBtStack"=C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe [2010-11-25 613536]
"AthBtTray"=C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe [2010-11-25 379040]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-13 10144288]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=~C:\Program Files (x86)\ICQ7.6\ICQ.exe silent loginmode=4 []
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
"PC Suite Tray"=C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
"AdobeBridge"= []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-09-21 98304]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
""= []
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe []
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2010-02-02 87336]
"BDRegion"=C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2010-08-26 75048]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
"StarBoardDriver"=C:\Program Files (x86)\Hitachi Software Engineering\StarBoard Driver\DGBoard.exe [2010-12-10 859232]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe []
"Sweetpacks Communicator"=C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe []
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]
"5cd8f17f4086744065eb0992a09e05a2"=C:\Users\Saska\AppData\Local\Temp\Trojan.exe .. []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-12-30 22:21:28 ----D---- C:\_OTM
2014-12-30 20:41:45 ----D---- C:\AdwCleaner
2014-12-30 20:21:16 ----AD---- C:\.Trash-999
2014-12-30 20:09:19 ----D---- C:\Program Files\trend micro
2014-12-30 20:09:16 ----D---- C:\rsit
2014-12-30 19:59:54 ----A---- C:\TDSSKiller.2.8.13.0_30.12.2014_19.59.54_log.txt
2014-12-30 17:03:58 ----AD---- C:\$Anvi Rescue Disk$
2014-12-20 13:26:06 ----D---- C:\Program Files\CCleaner
2014-12-09 16:27:05 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2014-12-30 22:51:11 ----D---- C:\Windows\Prefetch
2014-12-30 22:51:09 ----D---- C:\Windows\Temp
2014-12-30 22:49:49 ----D---- C:\Windows\system32\config
2014-12-30 22:49:02 ----D---- C:\Windows\System32
2014-12-30 22:49:02 ----D---- C:\Windows\inf
2014-12-30 22:49:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-30 22:21:29 ----D---- C:\Windows\Tasks
2014-12-30 22:21:29 ----D---- C:\Windows\SysWOW64
2014-12-30 20:45:07 ----D---- C:\Windows
2014-12-30 20:44:01 ----SHD---- C:\Windows\Installer
2014-12-30 20:44:01 ----RD---- C:\Program Files (x86)
2014-12-30 20:44:00 ----HD---- C:\ProgramData
2014-12-30 20:09:19 ----RD---- C:\Program Files
2014-12-30 20:07:26 ----D---- C:\Windows\system32\catroot2
2014-12-30 20:07:26 ----D---- C:\Windows\system32\catroot
2014-12-30 20:07:17 ----D---- C:\Windows\winsxs
2014-12-30 19:59:55 ----D---- C:\Windows\system32\drivers
2014-12-30 19:57:39 ----SHD---- C:\System Volume Information
2014-12-30 10:55:15 ----D---- C:\Windows\system32\wbem
2014-12-30 10:55:15 ----D---- C:\Windows\registration
2014-12-29 12:07:47 ----D---- C:\Windows\Minidump
2014-12-29 11:55:30 ----SHD---- C:\Config.Msi
2014-12-29 11:55:27 ----D---- C:\Windows\system32\Tasks
2014-12-20 13:31:44 ----D---- C:\Users\Saska\AppData\Roaming\TeamViewer
2014-12-20 13:31:44 ----D---- C:\Users\Saska\AppData\Roaming\DAEMON Tools Pro
2014-12-20 13:31:44 ----D---- C:\Users\Saska\AppData\Roaming\DAEMON Tools Lite
2014-12-20 13:31:30 ----D---- C:\Users\Saska\AppData\Roaming\uTorrent
2014-12-20 13:31:30 ----D---- C:\Users\Saska\AppData\Roaming\Skype
2014-12-20 13:31:30 ----D---- C:\Program Files (x86)\PDFCreator
2014-12-20 13:31:24 ----D---- C:\Windows\Panther
2014-12-20 13:31:24 ----D---- C:\Windows\ModemLogs
2014-12-20 13:31:23 ----D---- C:\Windows\Logs
2014-12-20 13:31:23 ----D---- C:\Windows\debug
2014-12-10 23:48:22 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-09 20:06:18 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-08 14:25:24 ----D---- C:\Windows\SYSWOW64\mjcm
2014-12-08 14:25:24 ----D---- C:\Windows\system32\tprb
2014-12-07 10:10:49 ----D---- C:\Users\Saska\AppData\Roaming\vlastná fotokniha

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2011-02-01 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2011-02-01 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-14 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-09-22 7883264]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-09-22 285696]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-11-25 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-07-08 2228736]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-23 119312]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-11-25 298144]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-11-25 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-11-25 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-11-25 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-11-25 154272]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-02-01 80384]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-12-14 53800]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-01-15 98344]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2010-01-15 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-01-15 21288]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-04-13 2345760]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-08-19 143472]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits); C:\Windows\system32\DRIVERS\JME.sys [2010-10-12 131552]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 StarBoardMT;StarBoard Software Multi-touch; C:\Windows\system32\DRIVERS\StarBoardMT.sys [2011-01-26 28968]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-04-29 38528]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-09-24 116752]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-02-01 552448]
S3 dmvsc;dmvsc; C:\Windows\system32\DRIVERS\dmvsc.sys [2011-02-01 71168]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2012-01-09 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2011-02-01 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2011-02-01 20992]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2011-02-01 6656]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2011-02-01 109056]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2011-02-01 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2011-02-01 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\DRIVERS\terminpt.sys [2011-02-01 34816]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2011-02-01 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\DRIVERS\TsUsbGD.sys [2011-02-01 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2011-02-01 117248]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-08-15 54784]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2011-02-01 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\DRIVERS\vmbus.sys [2011-02-01 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2011-02-01 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2011-02-01 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-09-22 203264]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe [2010-05-24 151552]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2010-11-25 52896]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-03-11 873248]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit; C:\Program Files\Autodesk\3D Max\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [2011-02-22 86016]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2009-07-24 189728]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23 107912]
S2 IBUpdaterService;IBUpdaterService; C:\Windows\system32\dmwu.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2011-12-01 85096]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-02-14 1431888]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23 107912]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe []
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-09 114800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Re: nejde nainstalovat antivirus

Napsal: 30 pro 2014 23:02
od Rudy
Taky to bylo řádně zaplevelené. Dvouklikem na soubor C:\Program Files\trend micro\Saska.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (file missing)
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (file missing)
O2 - BHO: wxDfast - {40CA53B8-1422-4884-AB65-155E75B923E4} - C:\ProgramData\wxDfast\bhoclass.dll (file missing)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

Re: nejde nainstalovat antivirus

Napsal: 30 pro 2014 23:29
od PeterZ
udelal sem vse podle pokynu, windows po restartu znovu zmrznul, znovu sem to musel opravovat a nejsem si jistej, jestli po RegBack nevracim registry zpet nekam kde nemam, ale jinak se do windowsu nedostanu

Re: nejde nainstalovat antivirus

Napsal: 31 pro 2014 13:03
od Rudy
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Re: nejde nainstalovat antivirus

Napsal: 31 pro 2014 15:25
od PeterZ
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 31. 12. 2014
Scan Time: 13:18:33
Logfile: mbam log.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.31.02
Rootkit Database: v2014.12.30.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Saska

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 717064
Time Elapsed: 1 hr, 50 min, 49 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 89
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\APPID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}, , [2a34a7c2d5a7af87f9bd4dca5aa94ab6],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{35C1605E-438B-4D64-AAB1-8885F097A9B1}, , [2a34a7c2d5a7af87f9bd4dca5aa94ab6],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{35C1605E-438B-4D64-AAB1-8885F097A9B1}, , [2a34a7c2d5a7af87f9bd4dca5aa94ab6],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}, , [2a34a7c2d5a7af87f9bd4dca5aa94ab6],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}, , [134b3633661696a0e9cc58bf37cc57a9],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\esrv.BabylonESrvc.1, , [134b3633661696a0e9cc58bf37cc57a9],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\esrv.BabylonESrvc, , [134b3633661696a0e9cc58bf37cc57a9],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.BabylonESrvc, , [134b3633661696a0e9cc58bf37cc57a9],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.BabylonESrvc.1, , [134b3633661696a0e9cc58bf37cc57a9],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}, , [d9851752e5975bdb63568592798a7090],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\b, , [d9851752e5975bdb63568592798a7090],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\b, , [d9851752e5975bdb63568592798a7090],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}, , [cf8feb7ee09cdd59de6de13916ed59a7],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}, , [cf8feb7ee09cdd59de6de13916ed59a7],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{6C434537-053E-486D-B62A-160059D9D456}, , [cf8feb7ee09cdd59de6de13916ed59a7],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}, , [cf8feb7ee09cdd59de6de13916ed59a7],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}, , [cf8feb7ee09cdd59de6de13916ed59a7],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6C434537-053E-486D-B62A-160059D9D456}, , [cf8feb7ee09cdd59de6de13916ed59a7],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}, , [cf8feb7ee09cdd59de6de13916ed59a7],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}, , [cf8feb7ee09cdd59de6de13916ed59a7],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}, , [cf8feb7ee09cdd59de6de13916ed59a7],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\CLASSES\GenericAskToolbar.ToolbarWnd.1, , [cf8feb7ee09cdd59de6de13916ed59a7],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\CLASSES\GenericAskToolbar.ToolbarWnd, , [cf8feb7ee09cdd59de6de13916ed59a7],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\GenericAskToolbar.ToolbarWnd, , [cf8feb7ee09cdd59de6de13916ed59a7],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D4027C7F-154A-4066-A1AD-4243D8127440}, , [cf8feb7ee09cdd59de6de13916ed59a7],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\GenericAskToolbar.ToolbarWnd.1, , [cf8feb7ee09cdd59de6de13916ed59a7],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}, , [a1bd7eebe597d462b7802abae81a57a9],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\TYPELIB\{EEE6C35E-6118-11DC-9C72-001320C79847}, , [a1bd7eebe597d462b7802abae81a57a9],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\INTERFACE\{EEE6C358-6118-11DC-9C72-001320C79847}, , [a1bd7eebe597d462b7802abae81a57a9],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\INTERFACE\{EEE6C359-6118-11DC-9C72-001320C79847}, , [a1bd7eebe597d462b7802abae81a57a9],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EEE6C358-6118-11DC-9C72-001320C79847}, , [a1bd7eebe597d462b7802abae81a57a9],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EEE6C359-6118-11DC-9C72-001320C79847}, , [a1bd7eebe597d462b7802abae81a57a9],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{EEE6C35E-6118-11DC-9C72-001320C79847}, , [a1bd7eebe597d462b7802abae81a57a9],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\Toolbar3.SWEETIE.1, , [a1bd7eebe597d462b7802abae81a57a9],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\CLASSES\Toolbar3.SWEETIE, , [a1bd7eebe597d462b7802abae81a57a9],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Toolbar3.SWEETIE, , [a1bd7eebe597d462b7802abae81a57a9],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{EEE6C35C-6118-11DC-9C72-001320C79847}, , [a1bd7eebe597d462b7802abae81a57a9],
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Toolbar3.SWEETIE.1, , [a1bd7eebe597d462b7802abae81a57a9],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{6E8BF012-2C85-4834-B10A-1B31AF173D70}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{706D4A4B-184A-4434-B331-296B07493D2D}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{8BE10F21-185F-4CA0-B789-9921674C3993}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{94C0B25D-3359-4B10-B227-F96A77DB773F}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B173667F-8395-4317-8DD6-45AD1FE00047}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B32672B3-F656-46E0-B584-FE61C0BB6037}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{BFE569F7-646C-4512-969B-9BE3E580D393}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C2996524-2187-441F-A398-CD6CB6B3D020}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E047E227-5342-4D94-80F7-CFB154BF55BD}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{706D4A4B-184A-4434-B331-296B07493D2D}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{8BE10F21-185F-4CA0-B789-9921674C3993}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{94C0B25D-3359-4B10-B227-F96A77DB773F}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B173667F-8395-4317-8DD6-45AD1FE00047}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B32672B3-F656-46E0-B584-FE61C0BB6037}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BFE569F7-646C-4512-969B-9BE3E580D393}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C2996524-2187-441F-A398-CD6CB6B3D020}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E047E227-5342-4D94-80F7-CFB154BF55BD}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{6E8BF012-2C85-4834-B10A-1B31AF173D70}, , [7ce26dfc0874cd698c2b4acdb94a44bc],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}, , [035bc9a0abd1b482fdbb869124df9868],
PUP.Optional.SweetPacks.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EEE6C360-6118-11DC-9C72-001320C79847}, , [96c8aebb5626ff37193d9b7f0201d030],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\CLASSES\SweetIM_URLSearchHook.ToolbarURLSearchHook, , [7ce222471567ce687d15873834d0cb35],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\CLASSES\SweetIM_URLSearchHook.ToolbarURLSearchHook.1, , [fd611e4b97e5181e583a506fa064837d],
PUP.Optional.InstallBrain.A, HKLM\SOFTWARE\WNLT, , [fa648edb205c989e997e8041cb3917e9],
PUP.Optional.Babylon.A, HKLM\SOFTWARE\WOW6432NODE\BabylonToolbar, , [70ee9ccd59233ff7c1e4724934d0df21],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SweetIM, , [63fb2445493366d04196a7baf1125ea2],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SweetIM_URLSearchHook.ToolbarURLSearchHook, , [045a7eeb0a723bfb593929968183946c],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SweetIM_URLSearchHook.ToolbarURLSearchHook.1, , [6bf35c0d3844fd39b8da8738788c7f81],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\jcdgjdiieiljkfkdcloehkohchhpekkn, , [8dd177f290ecaa8cc8dff38ff50eae52],
Adware.InstallBrain, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IBUpdaterService, , [0559d2971666f1452ef5e9ab0df7c33d],
PUP.Optional.SweetIM.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SweetIM, , [82dc75f4fa828bab5a7cf8698083c53b],
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, , [322c1950e7956bcb74a2249de3213cc4],
PUP.Optional.WXDownload.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\wxDownload Fast_is1, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.wxDfast, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{40CA53B8-1422-4884-AB65-155E75B923E4}, , [38262e3b522a989efb878dfae421629e],
PUP.wxDfast, HKU\S-1-5-21-2472928272-1919285474-647967466-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{40CA53B8-1422-4884-AB65-155E75B923E4}, , [38262e3b522a989efb878dfae421629e],
PUP.wxDfast, HKLM\SOFTWARE\CLASSES\bhoclass.BHO.bhoclass.BHO, , [38262e3b522a989efb878dfae421629e],
PUP.wxDfast, HKLM\SOFTWARE\CLASSES\bhoclass.BHO.bhoclass.BHO.1.0, , [38262e3b522a989efb878dfae421629e],
PUP.wxDfast, HKLM\SOFTWARE\WOW6432NODE\CLASSES\bhoclass.BHO.bhoclass.BHO, , [38262e3b522a989efb878dfae421629e],
PUP.wxDfast, HKLM\SOFTWARE\WOW6432NODE\CLASSES\bhoclass.BHO.bhoclass.BHO.1.0, , [38262e3b522a989efb878dfae421629e],
PUP.wxDfast, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{40CA53B8-1422-4884-AB65-155E75B923E4}, , [38262e3b522a989efb878dfae421629e],

Registry Values: 6
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{D4027C7F-154A-4066-A1AD-4243D8127440}, , [cf8feb7ee09cdd59de6de13916ed59a7],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{D4027C7F-154A-4066-A1AD-4243D8127440}, , [a4baa8c1bac24aec3219ad6d71921ee2],
PUP.Optional.InstallBrain.A, HKLM\SOFTWARE\WNLT|PDV, [BLACKLIST=1], , [fa648edb205c989e997e8041cb3917e9]
PUP.Optional.SweetPacks.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Sweetpacks Communicator, C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe, , [df7ff5743349280ea84d397ed1337090]
Trojan.Agent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|5cd8f17f4086744065eb0992a09e05a2, "C:\Users\Saska\AppData\Local\Temp\Trojan.exe" .., , [cd91c2a7e399fb3b456dec93c93a8e72]
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, MYSTART, , [322c1950e7956bcb74a2249de3213cc4]

Registry Data: 1
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://home.sweetim.com/?st=6&barid={1C ... F232DDC309}, Good: (www.google.com), Bad: (http://home.sweetim.com/?st=6&barid={1C ... F232DDC309}),,[6ef06efb324a1323c56b5233768fe61a]

Folders: 24
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\cs, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\de, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\es, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\fr, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\hu, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\id, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\nl, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\pl, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\pt_BR, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\ru, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\tr, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\icon, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\logo, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\menubar, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\toolbar, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wxDownload Fast, , [35293d2c106c43f3c3c444fc07fcad53],
PUP.Optional.Installmate, C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}, , [49153e2b502cc57123ef50ff798a7090],
PUP.Optional.Installmate, C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\7723387C8593EA63, , [49153e2b502cc57123ef50ff798a7090],
PUP.Optional.SweetPacks.A, C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\SweetPacksToolbarData, , [b9a5b0b9bdbff3435fa7acb3ae550ff1],
PUP.Optional.SweetPacks.A, C:\Users\Saska\AppData\Roaming\Mozilla\Firefox\Profiles\ztu5dyjg.default\SweetPacksToolbarData\logs, , [b9a5b0b9bdbff3435fa7acb3ae550ff1],

Files: 133
PUP.RiskwareTool.CK, C:\Users\Saska\Documents\Adobe Illustrator CS6\Crack\64bit\amtlib.dll, , [b4aa8edb5626a096fb0cf885936f926e],
PUP.Optional.OpenCandy, C:\Users\Saska\Downloads\DTLite4453-0297.exe, , [0e50afba5a225adcbd1deabf050019e7],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\mgcommon.dll.vir, , [b2acbbae1c607abc77f43d6c6e977d83],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\mgcommunication.dll.vir, , [cf8f0366017bb5812645e2c77491e917],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\mgsimcommon.dll.vir, , [1846ea7fc0bcc27429423673ba4b58a8],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\mgxml_wrapper.dll.vir, , [80de462374080b2b62096e3b7a8be818],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe.vir, , [f36b2346f28a13231556d2d75da835cb],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\resources\sqlite\mgSqlite3.dll.vir, , [4c122e3b4d2fad89bcafd1d858ad3dc3],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mghooking.dll.vir, , [17477bee97e538fefa71d3d662a327d9],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\ContentPackagesActivationHandler.exe.vir, , [9cc205644a32ea4c2843f5b48c79748c],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll.vir, , [1c4264057a02fb3b81ea3e6b986d7e82],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgArchive.dll.vir, , [342a4b1e4e2e979fbdaebaefde2748b8],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgcommon.dll.vir, , [2d31f574f78572c48ae1a405bc4946ba],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll.vir, , [7ce279f0cbb145f178f39811808504fc],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgconfig.dll.vir, , [cf8fbdac98e453e37deed3d6d5302bd5],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll.vir, , [d589fa6fea928bab74f73178927312ee],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgICQAuto.dll.vir, , [ec72adbca4d890a62b408a1fe520fe02],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgICQMessengerAdapter.dll.vir, , [5d01f079225ab581bbb0f0b900051be5],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mglogger.dll.vir, , [c19dfc6dc9b3f73fe18ae2c7f213aa56],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgMediaPlayer.dll.vir, , [86d81851b4c8f541bbb04b5ea16440c0],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll.vir, , [c29c4425c6b645f181eab9f0b35246ba],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll.vir, , [c79752177a02a5913f2c1198d134b749],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll.vir, , [1945f475a6d6c76f600b7336a46121df],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll.vir, , [de801f4a1f5d73c358139e0b41c4f20e],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll.vir, , [ee706dfc0d6f57df77f47c2d5baad12f],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll.vir, , [15494e1bb4c8af87b1ba7f2ae61f1de3],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgYahooAuto.dll.vir, , [332b6ffae69666d0a7c4decb14f11ae6],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgYahooMessengerAdapter.dll.vir, , [124c7fea3b4140f64724a70262a3e31d],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\SweetIM.exe.vir, , [d9850267f389af878ae11d8cea1b8b75],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll.vir, , [fe609bcec5b75bdb680308a1b74e5ba5],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\ClearHist.exe.vir, , [90ce1257afcd2115fc6f298095705da3],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgcommon.dll.vir, , [9ac476f3bbc1e6507bf0dccda75eb848],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgconfig.dll.vir, , [85d92841f28ad066e487525750b5b848],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll.vir, , [fa64f673a8d4e74fadbea30638cdc838],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe.vir, , [b0ae6603ec903df9254676333dc86799],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mghooking.dll.vir, , [96c8ed7cacd063d3b3b8941529dcc63a],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mglogger.dll.vir, , [7be35712ec90bc7a93d8e8c18e778f71],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll.vir, , [2d316bfe0e6ee25483e8e3c67392f808],
PUP.Optional.SweetPacks, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll.vir, , [2c32dd8c3943a98d7a9a2089fe07c43c],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll.vir, , [500efd6c502c1f17c5a64267ae577c84],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll.vir, , [4c12a7c218643ef81358fcadb154bc44],
PUP.Optional.BabylonToolBar.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\~BabylonToolbar\~BabylonToolbar\~1.5.3.17\~uninstall.exe.vir, , [69f52a3f0c703105c4821225f110c23e],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\ProgramData\SweetIM\Messenger\update\sweetimsetup.exe.vir, , [1b43c7a2ec909b9bde8d28814db851af],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Users\Saska\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\mgHelperGCFB.dll.vir, , [6df1cd9c92ea64d2da91436631d4f50b],
PUP.RiskwareTool.CK, C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\amtlib.dll, , [e17db8b1ed8f96a0f71091ecb84a5fa1],
PUP.Optional.SweetIM, C:\Windows\Installer\20f1b1d.msi, , [ea740465fb8171c50269e3c628ddaa56],
PUP.Optional.SweetIM, C:\Windows\Installer\20f1b23.msi, , [f16d95d42c506ccad09b0f9a8085639d],
PUP.Optional.SweetIM, C:\Windows\Installer\20f1b29.msi, , [9dc1beab0e6e02345d0e179238cda060],
PUP.Optional.SweetIM, C:\Windows\Installer\20f1b2f.msi, , [4b13f97088f4cf675a11a306f70e48b8],
RiskWare.Tool.CK, D:\Sayka\Sasi-zaloha NB\CorelDRAWGraphicsSuiteX5_CZ\Keygen.exe, , [5707c5a4d9a3ac8a7db860ec33cf44bc],
RiskWare.Tool.CK, D:\Sayka\Veci do A!koly\Google_SketchUp_Pro_8.0.3117_Portable_V-Ray_1.48.89\Google_SketchUp_Pro_8.0.3117_Portable_V-Ray_1.48.89\keygen.exe, , [98c66801c1bb80b6c69cdf890df539c7],
RiskWare.Tool.CK, D:\CorelDRAWGraphicsSuiteX5_CZ\Keygen.exe, , [94ca24451e5e51e564d1d87418ea03fd],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\ChangeLog, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\ChangeLog.br, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\COPYING, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\mingwm10.dll, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\README, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\README.br, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\TODO, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\unins000.dat, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\unins000.exe, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\wxDFast.exe, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\wxdfast.ico, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\wxDFast.url, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\cs\wxDFast.mo, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\cs\wxDFast.po, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\de\wxDFast.mo, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\de\wxDFast.po, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\es\wxDFast.mo, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\es\wxDFast.po, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\fr\wxDFast.mo, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\fr\wxDFast.po, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\hu\wxDFast.mo, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\hu\wxDFast.po, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\id\wxDFast.mo, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\id\wxDFast.po, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\nl\wxDFast.mo, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\nl\wxDFast.po, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\pl\wxDFast.mo, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\pl\wxDFast.po, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\pt_BR\wxDFast.mo, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\pt_BR\wxDFast.po, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\ru\wxDFast.mo, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\ru\wxDFast.po, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\tr\wxDFast.mo, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\languages\tr\wxDFast.po, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\icon\wxdfast.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\logo\about.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\menubar\about.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\menubar\completed.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\menubar\copydata.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\menubar\copyurl.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\menubar\details.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\menubar\downloading.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\menubar\error.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\menubar\find.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\menubar\graph.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\menubar\help.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\menubar\new.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\menubar\options.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\menubar\pasteurl.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\menubar\pause.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\menubar\progressbar.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\menubar\properties.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\menubar\quit.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\menubar\remove.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\menubar\schedule.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\menubar\scheduled.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\menubar\start.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\menubar\startall.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\menubar\stop.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\menubar\stopall.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\toolbar\download_info.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\toolbar\download_move_down.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\toolbar\download_move_up.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\toolbar\download_new.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\toolbar\download_remove.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\toolbar\download_schedule.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\toolbar\download_start.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\toolbar\download_start_all.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\toolbar\download_stop.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\Program Files (x86)\wxDownload Fast\resources\RipStop\toolbar\download_stop_all.png, , [b0aea0c9522a25110f76a39d07fcdd23],
PUP.Optional.WXDownload.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wxDownload Fast\Uninstall wxDownload Fast.lnk, , [35293d2c106c43f3c3c444fc07fcad53],
PUP.Optional.WXDownload.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wxDownload Fast\wxDownload Fast on the Web.lnk, , [35293d2c106c43f3c3c444fc07fcad53],
PUP.Optional.WXDownload.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wxDownload Fast\wxDownload Fast.lnk, , [35293d2c106c43f3c3c444fc07fcad53],
PUP.Optional.Installmate, C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\0.ini, , [49153e2b502cc57123ef50ff798a7090],
PUP.Optional.Installmate, C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\20120307214241.log, , [49153e2b502cc57123ef50ff798a7090],
PUP.Optional.Installmate, C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\Setup.dat, , [49153e2b502cc57123ef50ff798a7090],
PUP.Optional.Installmate, C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\Setup.exe, , [49153e2b502cc57123ef50ff798a7090],
PUP.Optional.Installmate, C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\Setup.ico, , [49153e2b502cc57123ef50ff798a7090],
PUP.Optional.Installmate, C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\TsuDll.dll, , [49153e2b502cc57123ef50ff798a7090],
PUP.Optional.Installmate, C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\_Setup.dll, , [49153e2b502cc57123ef50ff798a7090],
PUP.Optional.Installmate, C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\_Setupx.dll, , [49153e2b502cc57123ef50ff798a7090],

Physical Sectors: 0
(No malicious items detected)


(end)

Re: nejde nainstalovat antivirus

Napsal: 31 pro 2014 18:00
od Rudy
Vše, co MBAM nalezl, smažte.

Re: nejde nainstalovat antivirus

Napsal: 31 pro 2014 19:51
od PeterZ
vse sem zmazal, po restartu skusil nainstalovat antivir Eset Endpoint Security a windows hned na zacatku instalace zmrznul, on zmrzne take pri pokusu o windows aktualizaci

Re: nejde nainstalovat antivirus

Napsal: 31 pro 2014 20:01
od Rudy
Co jste instaloval těsně před tím, než se problém objevil?

Re: nejde nainstalovat antivirus

Napsal: 31 pro 2014 20:20
od PeterZ
dnes a vcera jsem instaloval jen to co ste rikal, pokud myslite na prvotni pricinu tak segra tam stahovala nejaky warez z ulozto s keygenmi, co presne to uz nevi.
V ovladacim panelu medzi nainstalovanymi programami v prosinci vidim jen bezne programy: ccleaner, firefox, a adobe flash player plugin a adobe flash player activex
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz