Prosím o kontrolu logu Win XP

[icejack]

Po startu dlouho hrabe disk. Díky za radu.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Honza at 2014-10-22 16:48:24
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 88 GB (29%) free of 305 GB
Total RAM: 3071 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:48:33, on 22.10.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 SP3 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
c:\PROGRA~1\AVG\AVG2015\avgrsx.exe
C:\Program Files\AVG\AVG2015\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG2015\avgidsagent.exe
C:\Program Files\AVG\AVG2015\avgwdsvc.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PrintCtrl.exe
C:\Program Files\PrintSuperVision\www\bin\PSVEngine.exe
C:\Program Files\AVG\AVG2015\avgnsx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG2015\avgemcx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\PrintDisp.exe
C:\Program Files\AVG\AVG2015\avgui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Honza\Data aplikací\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Honza\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Honza.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PrintDisp] C:\WINDOWS\system32\PrintDisp.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON Stylus SX400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE /FU "C:\WINDOWS\TEMP\E_S45.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [uTorrent] "C:\Documents and Settings\Honza\Data aplikací\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 9560221859
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 9560480406
O20 - Winlogon Notify: RailNotification - Invalid registry found
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgwdsvc.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Printer Control - ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM - C:\WINDOWS\system32\PrintCtrl.exe
O23 - Service: PrintSuperVision Engine - Oki Data Americas, Inc. - C:\Program Files\PrintSuperVision\www\bin\PSVEngine.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 6578 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-HONZA-80FD6E09E-Honza.job - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe -mode=scheduled
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\SmartDefrag_Startup.job - C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe /STARTUP

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Honza\Data aplikací\Mozilla\Firefox\Profiles\w9ybq5qh.default-1402339587234

prefs.js - "browser.startup.homepage" - "about:home"
prefs.js - "keyword.URL" - ""

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


C:\Documents and Settings\Honza\Data aplikací\Mozilla\Firefox\Profiles\w9ybq5qh.default-1402339587234\searchplugins\
avg-secure-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-20 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-20 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"PrintDisp"=C:\WINDOWS\system32\PrintDisp.exe [2011-02-19 826368]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"AVG_UI"=C:\Program Files\AVG\AVG2015\avgui.exe [2014-10-16 3649040]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2013-01-31 15517472]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2013-01-31 108832]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"EPSON Stylus SX400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE [2007-12-17 188928]
"uTorrent"=C:\Documents and Settings\Honza\Data aplikací\uTorrent\uTorrent.exe [2014-04-14 398760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files\Samsung\Kies\Kies.exe /preload []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Program Files\OO Software\Defrag\oodtray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\rthdcpl.exe [2011-10-14 20064872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
c:\documents and settings\honza\data aplikací\utorrent\utorrent.exe [2014-04-14 398760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^BDARemote.lnk]
C:\PROGRA~1\USBTV~1\EM28XX\BDAREM~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"LiveUpdateSvc"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RailNotification]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
WgaLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2010-01-14 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2010-01-14 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player 2.0.7"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Documents and Settings\Honza\Data aplikací\uTorrent\uTorrent.exe"="C:\Documents and Settings\Honza\Data aplikací\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\PrintSuperVision\setup\PSVconf.exe"="C:\Program Files\PrintSuperVision\setup\PSVconf.exe:*:Enabled:Setup"
"C:\Program Files\Battle.net\Battle.net.exe"="C:\Program Files\Battle.net\Battle.net.exe:*:Enabled:Battle.net"
"C:\Program Files\Diablo III\Diablo III.exe"="C:\Program Files\Diablo III\Diablo III.exe:*:Enabled:Diablo III"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.2880\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.2880\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\Program Files\Tom Clancys Splinter Cell Conviction\src\system\Conviction_game.exe"="C:\Program Files\Tom Clancys Splinter Cell Conviction\src\system\Conviction_game.exe:*:Disabled:Conviction_game"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3109\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3109\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3182\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3182\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\Program Files\AVG\AVG2014\avgmfapx.exe"="C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\The Vanishing of Ethan Carter\Binaries\Win32\AstronautsGame-Win32-Shipping.exe"="C:\Program Files\The Vanishing of Ethan Carter\Binaries\Win32\AstronautsGame-Win32-Shipping.exe:*:Enabled:AstronautsGame-Win32-Shipping"
"C:\Hry\Mass Effect 3\Binaries\Win32\MassEffect3.exe"="C:\Hry\Mass Effect 3\Binaries\Win32\MassEffect3.exe:*:Disabled:Mass Effect(TM) 3"
"C:\Program Files\Apowersoft\Video Download Capture\Video Download Capture.exe"="C:\Program Files\Apowersoft\Video Download Capture\Video Download Capture.exe:*:Enabled:Video Download Capture"
"C:\Program Files\Apowersoft\Video Download Capture\ApowersoftSrv.dll"="C:\Program Files\Apowersoft\Video Download Capture\ApowersoftSrv.dll:*:Enabled:Video Download Capture"
"C:\Program Files\Apowersoft\Video Download Capture\ApowersoftDump.dll"="C:\Program Files\Apowersoft\Video Download Capture\ApowersoftDump.dll:*:Enabled:Video Download Capture"
"C:\Program Files\Apowersoft\Video Download Capture\ApowersoftAC.dll"="C:\Program Files\Apowersoft\Video Download Capture\ApowersoftAC.dll:*:Enabled:Video Download Capture"
"C:\Program Files\Apowersoft\Video Download Capture\ApowersoftPlayer.dll"="C:\Program Files\Apowersoft\Video Download Capture\ApowersoftPlayer.dll:*:Enabled:Video Download Capture"
"C:\Program Files\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll"="C:\Program Files\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll:*:Enabled:Video Download Capture"
"C:\Program Files\Apowersoft\Video Download Capture\ApowersoftHDSDump.dll"="C:\Program Files\Apowersoft\Video Download Capture\ApowersoftHDSDump.dll:*:Enabled:Video Download Capture"
"C:\Program Files\THQ\Company of Heroes\BugReport\BugReport.exe"="C:\Program Files\THQ\Company of Heroes\BugReport\BugReport.exe:*:Disabled:BugReport"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3286\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3286\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\Program Files\AVG\AVG2015\avgnsx.exe"="C:\Program Files\AVG\AVG2015\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG2015\avgdiagex.exe"="C:\Program Files\AVG\AVG2015\avgdiagex.exe:*:Enabled:AVG Diagnostika 2015"
"C:\Program Files\AVG\AVG2015\avgmfapx.exe"="C:\Program Files\AVG\AVG2015\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\AVG\AVG2015\avgemcx.exe"="C:\Program Files\AVG\AVG2015\avgemcx.exe:*:Enabled:Obecná kontrola pošty"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3478\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3478\Agent.exe:*:Enabled:Battle.net Update Agent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv

======List of files/folders created in the last 1 month======

2014-10-22 16:48:25 ----D---- C:\Program Files\trend micro
2014-10-22 16:48:24 ----D---- C:\rsit
2014-10-22 16:35:29 ----D---- C:\WINDOWS\LastGood
2014-10-22 16:29:49 ----SHD---- C:\Config.Msi
2014-10-22 16:29:21 ----D---- C:\Program Files\MSI Afterburner
2014-10-22 16:28:27 ----D---- C:\Program Files\CCleaner
2014-10-22 16:12:03 ----A---- C:\WINDOWS\system32\nvrszht.dll
2014-10-22 16:12:03 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2014-10-22 16:12:03 ----A---- C:\WINDOWS\system32\nvrstr.dll
2014-10-22 16:12:03 ----A---- C:\WINDOWS\system32\nvrsth.dll
2014-10-22 16:12:02 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2014-10-22 16:12:02 ----A---- C:\WINDOWS\system32\nvrssv.dll
2014-10-22 16:12:02 ----A---- C:\WINDOWS\system32\nvrssl.dll
2014-10-22 16:12:02 ----A---- C:\WINDOWS\system32\nvrssk.dll
2014-10-22 16:12:02 ----A---- C:\WINDOWS\system32\nvrsru.dll
2014-10-22 16:12:02 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2014-10-22 16:12:02 ----A---- C:\WINDOWS\system32\nvrspt.dll
2014-10-22 16:12:02 ----A---- C:\WINDOWS\system32\nvrspl.dll
2014-10-22 16:12:02 ----A---- C:\WINDOWS\system32\nvrsno.dll
2014-10-22 16:12:02 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2014-10-22 16:12:02 ----A---- C:\WINDOWS\system32\nvrsko.dll
2014-10-22 16:12:02 ----A---- C:\WINDOWS\system32\nvrsja.dll
2014-10-22 16:12:02 ----A---- C:\WINDOWS\system32\nvrsit.dll
2014-10-22 16:12:02 ----A---- C:\WINDOWS\system32\nvrshu.dll
2014-10-22 16:12:02 ----A---- C:\WINDOWS\system32\nvrshe.dll
2014-10-22 16:12:02 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2014-10-22 16:12:02 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2014-10-22 16:12:02 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2014-10-22 16:12:02 ----A---- C:\WINDOWS\system32\nvrses.dll
2014-10-22 16:12:02 ----A---- C:\WINDOWS\system32\nvrseng.dll
2014-10-22 16:12:02 ----A---- C:\WINDOWS\system32\nvrsel.dll
2014-10-22 16:12:02 ----A---- C:\WINDOWS\system32\nvrsde.dll
2014-10-22 16:12:02 ----A---- C:\WINDOWS\system32\nvrsda.dll
2014-10-22 16:12:02 ----A---- C:\WINDOWS\system32\nvrscs.dll
2014-10-22 16:12:02 ----A---- C:\WINDOWS\system32\nvrsar.dll
2014-10-22 16:12:01 ----A---- C:\WINDOWS\system32\nvmctray.dll
2014-10-22 16:12:01 ----A---- C:\WINDOWS\system32\nvcpl.dll
2014-10-22 16:12:01 ----A---- C:\WINDOWS\system32\nvcolor.exe
2014-10-22 16:11:58 ----A---- C:\WINDOWS\system32\nvwddi.dll
2014-10-22 16:11:08 ----A---- C:\WINDOWS\system32\nvopencl.dll
2014-10-22 16:11:08 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2014-10-22 16:11:08 ----A---- C:\WINDOWS\system32\nvdispgenco32.dll
2014-10-22 16:11:07 ----A---- C:\WINDOWS\system32\nvdispco32.dll
2014-10-22 16:11:07 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2014-10-22 16:11:07 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2014-10-22 16:11:07 ----A---- C:\WINDOWS\system32\nvcuda.dll
2014-10-22 16:11:05 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2014-10-22 16:11:05 ----A---- C:\WINDOWS\system32\nvapi.dll
2014-10-22 16:11:05 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2014-10-22 16:11:05 ----A---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2014-10-22 16:02:37 ----D---- C:\Documents and Settings\Honza\Data aplikací\AVG2015
2014-10-22 15:58:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG2015
2014-10-21 16:36:49 ----A---- C:\WINDOWS\WININIT.INI
2014-10-20 08:41:54 ----D---- C:\Documents and Settings\Honza\Data aplikací\Oracle
2014-10-20 08:41:27 ----D---- C:\Program Files\Common Files\Java
2014-10-20 08:41:12 ----A---- C:\WINDOWS\system32\javaws.exe
2014-10-20 08:41:01 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-10-20 08:41:01 ----A---- C:\WINDOWS\system32\javaw.exe
2014-10-20 08:41:01 ----A---- C:\WINDOWS\system32\java.exe
2014-10-20 08:40:36 ----D---- C:\Program Files\Java
2014-10-17 21:55:29 ----D---- C:\Program Files\CPUID
2014-10-17 21:54:31 ----D---- C:\Program Files\Core Temp
2014-10-16 09:23:07 ----A---- C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys
2014-10-15 19:07:18 ----D---- C:\Documents and Settings\Honza\Data aplikací\SMIGames
2014-10-15 19:04:29 ----D---- C:\Documents and Settings\Honza\Data aplikací\spidla
2014-10-15 18:57:59 ----D---- C:\Program Files\Mozilla Firefox
2014-10-14 18:40:06 ----D---- C:\Documents and Settings\Honza\Data aplikací\SpinTires
2014-10-11 16:35:26 ----D---- C:\Documents and Settings\Honza\Data aplikací\Spidla Data Processing, s.r.o
2014-10-11 16:35:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spidla Data Processing, s.r.o
2014-10-10 20:10:51 ----HD---- C:\Program Files\Common Files\EAInstaller
2014-10-08 20:54:28 ----D---- C:\Documents and Settings\Honza\Data aplikací\Origin
2014-10-08 20:53:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\Origin
2014-10-06 16:33:51 ----D---- C:\Documents and Settings\Honza\Data aplikací\Steam
2014-09-30 20:19:43 ----HD---- C:\WINDOWS\msdownld.tmp
2014-09-30 15:49:44 ----A---- C:\WINDOWS\iun6002.exe
2014-09-30 15:48:05 ----D---- C:\Program Files\WYSIWYG Web Builder 9
2014-09-30 13:34:10 ----D---- C:\Documents and Settings\Honza\Data aplikací\com.adobe.CasterFm.CasterFmApp
2014-09-30 13:34:09 ----D---- C:\Documents and Settings\Honza\Data aplikací\com.adobe.CasterFm.CasterFmApp.66540AD4D45DB36F10B0AB3E375EE887A2B47629.1
2014-09-30 13:33:55 ----D---- C:\Program Files\Common Files\Adobe AIR
2014-09-30 13:33:53 ----D---- C:\Program Files\Caster.Fm
2014-09-25 13:07:53 ----A---- C:\WINDOWS\BlendSettings.ini

======List of files/folders modified in the last 1 month======

2014-10-22 16:48:25 ----RD---- C:\Program Files
2014-10-22 16:48:10 ----D---- C:\Documents and Settings\Honza\Data aplikací\uTorrent
2014-10-22 16:43:59 ----D---- C:\WINDOWS\Temp
2014-10-22 16:42:51 ----D---- C:\Program Files\The KMPlayer
2014-10-22 16:35:30 ----D---- C:\WINDOWS\system32\ShellExt
2014-10-22 16:35:29 ----D---- C:\WINDOWS
2014-10-22 16:32:34 ----D---- C:\Documents and Settings\Honza\Data aplikací\TeamViewer
2014-10-22 16:32:33 ----D---- C:\Documents and Settings\Honza\Data aplikací\DAEMON Tools Lite
2014-10-22 16:31:41 ----D---- C:\WINDOWS\Minidump
2014-10-22 16:31:41 ----D---- C:\WINDOWS\Logs
2014-10-22 16:31:41 ----D---- C:\WINDOWS\Debug
2014-10-22 16:29:53 ----SHD---- C:\WINDOWS\Installer
2014-10-22 16:26:05 ----SD---- C:\WINDOWS\Tasks
2014-10-22 16:14:38 ----D---- C:\WINDOWS\system32\CatRoot2
2014-10-22 16:14:28 ----HD---- C:\WINDOWS\inf
2014-10-22 16:13:56 ----N---- C:\WINDOWS\SchedLgU.Txt
2014-10-22 16:12:03 ----D---- C:\WINDOWS\system32
2014-10-22 16:12:03 ----D---- C:\WINDOWS\Help
2014-10-22 16:11:57 ----D---- C:\Program Files\NVIDIA Corporation
2014-10-22 16:11:23 ----D---- C:\WINDOWS\Prefetch
2014-10-22 16:11:18 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-10-22 16:11:13 ----D---- C:\WINDOWS\system32\drivers
2014-10-22 16:06:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2014-10-22 16:02:12 ----HD---- C:\$AVG
2014-10-22 15:57:46 ----D---- C:\Program Files\AVG
2014-10-22 14:37:15 ----D---- C:\Program Files\VideoLAN
2014-10-22 14:36:51 ----D---- C:\Program Files\PolarEditOctagon1018
2014-10-22 14:35:35 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2014-10-22 14:35:11 ----D---- C:\Documents and Settings\Honza\Data aplikací\Mozilla
2014-10-22 14:33:57 ----D---- C:\Program Files\MyFree Codec
2014-10-22 14:33:38 ----D---- C:\Program Files\PC Connectivity Solution
2014-10-22 14:33:36 ----DC---- C:\WINDOWS\system32\DRVSTORE
2014-10-22 14:29:58 ----HD---- C:\Program Files\InstallShield Installation Information
2014-10-22 14:18:09 ----RSD---- C:\WINDOWS\assembly
2014-10-22 14:18:08 ----D---- C:\WINDOWS\WinSxS
2014-10-22 13:48:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-21 17:24:37 ----D---- C:\WINDOWS\system32\config
2014-10-21 16:45:35 ----RASH---- C:\boot.ini
2014-10-21 16:45:35 ----A---- C:\WINDOWS\win.ini
2014-10-21 16:45:35 ----A---- C:\WINDOWS\system.ini
2014-10-21 16:45:34 ----D---- C:\WINDOWS\pss
2014-10-21 16:36:44 ----SD---- C:\Documents and Settings\Honza\Data aplikací\Microsoft
2014-10-21 16:36:41 ----D---- C:\Program Files\Common Files
2014-10-16 10:25:32 ----D---- C:\WINDOWS\system32\DirectX
2014-10-16 06:57:07 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-10-15 22:27:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2014-10-15 22:26:26 ----D---- C:\WINDOWS\system32\MRT
2014-10-15 22:22:24 ----A---- C:\WINDOWS\system32\MRT.exe
2014-10-04 06:59:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\ProductData
2014-09-30 13:34:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2014-09-30 13:33:58 ----D---- C:\Program Files\Adobe
2014-09-29 06:45:53 ----D---- C:\Program Files\MarkAny
2014-09-28 17:15:18 ----D---- C:\Documents and Settings\Honza\Data aplikací\Samsung
2014-09-28 17:12:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\Samsung
2014-09-25 11:02:47 ----D---- C:\Program Files\GOG.com

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2014-06-18 147736]
R0 Avglogx;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avglogx.sys [2014-07-18 230680]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2014-10-05 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2014-06-18 27416]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2010-01-14 77568]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 Avgdiskx;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiskx.sys [2014-06-18 121624]
R1 AVGIDSDriverl;AVGIDSDriverl; C:\WINDOWS\system32\DRIVERS\avgidsdriverlx.sys [2014-10-07 198936]
R1 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2014-06-18 21272]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2014-08-28 192792]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2014-10-10 200984]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 rspndr;Odpovídající zařízení zjišťování topologie linkové vrstvy; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2010-01-14 62848]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2011-10-18 6439528]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2010-01-14 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-01-31 12648960]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2011-08-24 323816]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S1 DumpDrv;Crash Dump Driver; C:\WINDOWS\system32\drivers\DumpDrv.sys [2010-01-14 9472]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice; C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys [2014-04-09 26032]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdXP3.sys []
S3 catchme;catchme; C:\WINDOWS\system32\drivers\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys [2014-04-30 20032]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; C:\WINDOWS\system32\drivers\MSI_MSIBIOS_010507.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; C:\WINDOWS\system32\drivers\NTIOLib_1_0_4.sys []
S3 Ser2pl;Prolific Serial port WDMdriver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WinUSB;SAMSUNG Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2010-01-14 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2010-01-14 82944]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2010-01-14 133632]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [2014-10-16 3487248]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [2014-10-16 298080]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2013-10-30 233472]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-10-20 182696]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2013-01-31 156448]
R2 Printer Control;Printer Control; C:\WINDOWS\system32\PrintCtrl.exe [2009-10-28 65536]
R2 PrintSuperVision Engine;PrintSuperVision Engine; C:\Program Files\PrintSuperVision\www\bin\PSVEngine.exe [2014-01-17 57344]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2010-01-14 14848]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-15 114288]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2010-01-14 14848]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2010-01-14 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe []
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[cernohous13]

Zdravím, pro začátek si musíme něco objasnit

- jsi Ervin?
- jsi Honza?
- jsi serviceman?
- dokončíš téma ?(ne jako s Rudym před měsícem)

[icejack]

Ahoj jsem Honza. Ervin je kamoš, který si problém dořešil sám. Zakoupil SSD a všechno okolo zformátoval.
Moc se omlouvám, že jsem to nenapsal. Todle je počítač mého otce - jméno na něm jé mé jelikož jsem win instaloval já.
Ještě jednou sorry prostě jak řekl že si to pořešil tak jsem na to přestal myslet

[cernohous13]

OK v pohodě

Stáhni Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Ulož jej na plochu a spusť - zobrazí se licenční podminky -> start libovolnou klávesou.
Bude vytvořena záloha a proběhne skenování.
Vyskočí log (nebo je uložen zde c:\JRT jako JRT.txt) - zkopíruj jej sem

Stáhni AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Ulož nejlépe na plochu -> ukonči všechny programy -> spusť AdwCleaner -> klikni na Scan po dokončení na Clean
bude provedena oprava, restartuje se - (případně restartuj) a vypadne log C:\AdwCleaner\AdwCleaner[S?].txt , jeho obsah vložíš sem

pravděpodobně budeš nucen vypnout na tu chvíli antivir - je to čisté, prověřeno

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Po spuštění do okna vlozte skript nize

  Kód: Vybrat vše

  srinfo;
  autoclean;
  emptyclsid;
  iedefaults;
  process;
  hijackthis;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Log bude zde C:\zoek-results.log

Jak velký je adresář C:\Documents and Settings\Honza\Plocha ?

[icejack]

Posílám logy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.21.2014:1)
OS: Microsoft Windows XP x86
Ran by Honza on pá 24.10.2014 at 17:23:57,56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"



~~~ Files

Successfully deleted: [File] "C:\WINDOWS\wininit.ini"



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\Honza\Data aplikací\similarsites"
Successfully deleted: [Folder] "C:\Documents and Settings\Honza\Data aplikací\systweak"
Successfully deleted: [Folder] "C:\Program Files\myfree codec"
Successfully deleted: [Folder] "C:\WINDOWS\system32\ai_recyclebin"



~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\Honza\Data aplikací\mozilla\firefox\profiles\w9ybq5qh.default-1402339587234\searchplugins\avg-secure-search.xml





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on pá 24.10.2014 at 17:27:20,59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


# AdwCleaner v4.001 - Report created 24/10/2014 at 17:30:52
# DB v
# Updated 20/10/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Honza - HONZA-80FD6E09E
# Running from : C:\Documents and Settings\Honza\Dokumenty\Stažené soubory\adwcleaner_4.001.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
Folder Deleted : C:\Documents and Settings\Honza\Local Settings\Data aplikací\AlawarWrapper

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\WINDOWS\system32\muzapp.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\THQ\Company of Heroes\BugReport\BugReport.exe]
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\systweak

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v33.0 (x86 cs)


*************************

AdwCleaner[R0].txt - [2396 octets] - [24/10/2014 17:29:31]
AdwCleaner[S0].txt - [2352 octets] - [24/10/2014 17:30:52]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2412 octets] ##########


Zoek.exe v5.0.0.0 Updated 19-10-2014
Tool run by Honza on pá 24.10.2014 at 17:35:47,28.
Systém Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Honza\Plocha\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

24.10.2014 17:37:18 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully

==== Running Processes ======================

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG2015\avgwdsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PrintCtrl.exe
C:\Program Files\PrintSuperVision\www\bin\PSVEngine.exe
C:\WINDOWS\system32\PrintDisp.exe
C:\Program Files\AVG\AVG2015\avgui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Honza\Plocha\zoek.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\DOCUME~1\ALLUSE~1\DATAAP~1\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\Program Files\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml deleted
C:\Program Files\ComPlus Applications deleted
C:\Documents and Settings\Honza\Data aplikací\temp.ini deleted
C:\Documents and Settings\Honza\Data aplikací\AlawarEntertainment deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\ProductData deleted
C:\WINDOWS\system32\GroupPolicy\Adm deleted

======== System Restore Points ========

RP359: 26.7.2014 9:49:46 - Kontrolní bod systému
RP360: 29.7.2014 9:53:26 - Kontrolní bod systému
RP361: 3.8.2014 19:11:36 - Kontrolní bod systému
RP362: 5.8.2014 8:56:53 - Removed Java 7 Update 65
RP363: 5.8.2014 20:09:26 - Nainstalováno: NVIDIA PhysX
RP364: 8.8.2014 21:18:04 - Nainstalováno AVG 2014
RP365: 10.8.2014 14:13:11 - Kontrolní bod systému
RP366: 11.8.2014 18:43:08 - Kontrolní bod systému
RP367: 13.8.2014 12:56:49 - Kontrolní bod systému
RP368: 13.8.2014 13:10:51 - Software Distribution Service 3.0
RP369: 14.8.2014 18:29:39 - Kontrolní bod systému
RP370: 16.8.2014 10:04:57 - Kontrolní bod systému
RP371: 18.8.2014 11:47:56 - Kontrolní bod systému
RP372: 19.8.2014 12:09:23 - Installed Samsung Kies
RP373: 19.8.2014 12:14:36 - Installed Samsung Kies
RP374: 20.8.2014 17:44:24 - Kontrolní bod systému
RP375: 21.8.2014 12:03:21 - Installed GTA San Andreas
RP376: 22.8.2014 17:51:09 - Kontrolní bod systému
RP377: 25.8.2014 18:01:28 - Kontrolní bod systému
RP378: 27.8.2014 8:21:47 - Kontrolní bod systému
RP379: 28.8.2014 14:58:23 - Kontrolní bod systému
RP380: 30.8.2014 12:16:29 - Kontrolní bod systému
RP381: 30.8.2014 21:43:44 - Installed Medal of Honor Allied Assault
RP382: 30.8.2014 21:49:52 - Removed Medal of Honor Allied Assault UK & US 1.11 Patch
RP383: 30.8.2014 21:50:08 - Installed Medal of Honor Allied Assault(tm) Spearhead
RP384: 31.8.2014 8:48:39 - Removed Medal of Honor Allied Assault
RP385: 31.8.2014 8:49:59 - Removed Medal of Honor Allied Assault(tm) Spearhead
RP386: 31.8.2014 8:50:16 - Removed Medal of Honor Allied Assault(tm) Spearhead
RP387: 1.9.2014 18:16:57 - Kontrolní bod systému
RP388: 5.9.2014 10:11:00 - Kontrolní bod systému
RP389: 6.9.2014 12:55:43 - Kontrolní bod systému
RP390: 6.9.2014 18:39:53 - Instalováno Vietcong & Vietcong: Fist Alpha
RP391: 6.9.2014 21:06:11 - Odstraněno Vietcong & Vietcong: Fist Alpha
RP392: 10.9.2014 16:34:23 - Kontrolní bod systému
RP393: 12.9.2014 6:34:50 - Software Distribution Service 3.0
RP394: 13.9.2014 18:26:22 - Removed GTA San Andreas
RP395: 13.9.2014 18:29:05 - Odebráno: Nokia Connectivity Cable Driver
RP396: 13.9.2014 20:02:29 - Installed Video Edit Master
RP397: 13.9.2014 20:19:04 - Removed Video Edit Master
RP398: 15.9.2014 17:30:16 - Kontrolní bod systému
RP399: 17.9.2014 18:54:03 - Kontrolní bod systému
RP400: 20.9.2014 20:55:59 - Kontrolní bod systému
RP401: 22.9.2014 15:14:06 - Kontrolní bod systému
RP402: 23.9.2014 17:38:49 - Kontrolní bod systému
RP403: 25.9.2014 11:47:26 - Kontrolní bod systému
RP404: 25.9.2014 12:22:44 - Installed Oblivion
RP405: 25.9.2014 12:22:56 - Ovladače rozhraní DirectX
RP406: 28.9.2014 17:07:32 - Removed Samsung Kies
RP407: 29.9.2014 17:53:26 - Kontrolní bod systému
RP408: 30.9.2014 15:43:58 - Removed Oblivion
RP409: 30.9.2014 15:51:10 - Removed The Settlers 7 - Paths to a Kingdom
RP410: 2.10.2014 15:21:18 - Kontrolní bod systému
RP411: 4.10.2014 8:36:10 - Kontrolní bod systému
RP412: 5.10.2014 15:49:09 - Kontrolní bod systému
RP413: 5.10.2014 19:46:09 - Removed O&O Defrag Professional
RP414: 7.10.2014 18:56:18 - Kontrolní bod systému
RP415: 9.10.2014 17:45:21 - Kontrolní bod systému
RP416: 10.10.2014 18:46:38 - Kontrolní bod systému
RP417: 10.10.2014 20:08:58 - Nainstalováno rozhraní DirectX
RP418: 13.10.2014 8:28:02 - Kontrolní bod systému
RP419: 15.10.2014 18:03:49 - Kontrolní bod systému
RP420: 15.10.2014 22:22:17 - Software Distribution Service 3.0
RP421: 16.10.2014 10:24:36 - Installed Company of Heroes.
RP422: 17.10.2014 10:59:20 - Kontrolní bod systému
RP423: 18.10.2014 14:30:55 - Kontrolní bod systému
RP424: 20.10.2014 8:39:56 - Removed Java 7 Update 67
RP425: 21.10.2014 10:38:41 - Instalováno USB Video Driver
RP426: 21.10.2014 10:38:58 - Installed ATI AVIVO Codecs
RP427: 21.10.2014 16:36:38 - Removed ATI AVIVO Codecs
RP428: 21.10.2014 16:47:39 - Instalováno ATI Catalyst Control Center
RP429: 22.10.2014 14:17:23 - Odstraněno ATI Catalyst Control Center
RP430: 22.10.2014 14:23:49 - Removed Company of Heroes.
RP431: 22.10.2014 14:26:13 - Odstraněno USB Video Driver
RP432: 22.10.2014 14:26:33 - Removed Visual Studio 2012 x86 Redistributables
RP433: 22.10.2014 14:29:03 - Odstraněno Zaklínač rozšířená edice
RP434: 22.10.2014 14:29:56 - Removed Ubisoft Game Launcher
RP435: 22.10.2014 14:32:36 - Removed PL-2303 USB-to-Serial
RP436: 22.10.2014 14:33:33 - Odebráno: PC Connectivity Solution
RP437: 22.10.2014 14:35:09 - Removed Google Talk Plugin
RP438: 22.10.2014 14:37:35 - Removed Steam
RP439: 22.10.2014 15:57:44 - Nainstalováno AVG 2015
RP440: 22.10.2014 15:58:24 - Nainstalováno AVG 2015
RP441: 23.10.2014 19:10:44 - Kontrolní bod systému
RP442: 24.10.2014 17:37:18 - zoek.exe restore point

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [01.12.2011 15:16]

==== Firefox Extensions ======================

ProfilePath: C:\Documents and Settings\Honza\Data aplikací\Mozilla\Firefox\Profiles\w9ybq5qh.default-1402339587234
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\Honza\Data aplikací\Mozilla\Firefox\Profiles\w9ybq5qh.default-1402339587234
40AAE0A1A4F664828DF5A95875AEA1C8 - C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll - Google Update
BBF0479C2D30519A2E746D12CAE54B43 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U71
1ED046D972B98E0ADEC4D4D61BF37695 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.710.14
DFC9460CC37E5C414DC4680B10C19E7A - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash
F51ECBBA611C75E47578295D5241630F - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat
D654525C0902C21118AD29217E4ECB49 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
893BF7D2261C56C24F813405D9D018E0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In
5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
7E54D1EC87CE306CB1A26CE59AFE6E37 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
D33D39A318AEA70691CED7530E2D9DF9 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
CFBC726A1712BD8DC9914EA06DBCE20B - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
8DA2ED6B04EA33F2EAE8BA883F903729 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.cz/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.cz/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{A3B40F55-E4A1-4869-838D-10854012B54E} Google Url="http://www.google.com/search?q={searchT ... utEncoding?}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray deleted successfully

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PrintDisp] C:\WINDOWS\system32\PrintDisp.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON Stylus SX400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE /FU "C:\WINDOWS\TEMP\E_S45.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [uTorrent] "C:\Documents and Settings\Honza\Data aplikací\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 9560221859
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 9560480406
O20 - Winlogon Notify: RailNotification - Invalid registry found
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgwdsvc.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Printer Control - ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM - C:\WINDOWS\system32\PrintCtrl.exe
O23 - Service: PrintSuperVision Engine - Oki Data Americas, Inc. - C:\Program Files\PrintSuperVision\www\bin\PSVEngine.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==== Empty IE Cache ======================

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Honza\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=83 folders=35 25329837 bytes)

==== Empty Temp Folders ======================

C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully
C:\Documents and Settings\Honza\Local Settings\Temp will be emptied at reboot
C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\Honza\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Honza\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on pá 24.10.2014 at 17:48:31,70 ======================


adresář plocha má 36,3Gb - 107tis. složek

[cernohous13]

Plocha - doporučuji vytvořit mimo plochu novou složku a přesunout tam vše mimo zástupců
na ploše nech jen zástupce přesouvaných souborů.
Brzdí to start protože se těch 36G musí při startu načíst

Stáhni a nainstaluj MBAM zde http://www.bleepingcomputer.com/downloa ... re/dl/241/ verzi 1.75
Při aktualizaci ti jako první nabídne instalaci nové verze - dáš Storno - bude aktualizována jen databáze
Po instalaci Spustit -> na 1.záložce "Kontrolor" -> Úplná kontrola -> Prohledat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení a program nezavírej

[icejack]

Dobrý den,
plochu jsem pročistil - aktuálně 233kB

Zde posílám log:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2014.10.25.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Honza :: HONZA-80FD6E09E [administrátor]

25.10.2014 18:59:07
MBAM-log-2014-10-25 (20-06-45).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 391712
Uplynulý čas: 1 hodin, 6 minut, 18 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowHelp (PUM.Hijack.StartMenu) -> Špatný: (0) Dobrý: (1) -> Nebyla provedena žádná instrukce.

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 3
C:\System Volume Information\_restore{BE9FCB7D-B58A-4C26-BF6D-4D9C239B432E}\RP397\A0229117.exe (HackTool.GamesCheat.Gen) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{BE9FCB7D-B58A-4C26-BF6D-4D9C239B432E}\RP443\A0255904.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{BE9FCB7D-B58A-4C26-BF6D-4D9C239B432E}\RP443\A0256506.exe (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.

(konec)

[cernohous13]

v MBAM nech vše odstranit a pak jej odinstaluj http://downloads.malwarebytes.org/file/mbam_clean

jaký je současný stav PC

[icejack]

PC šlape jako hodinky. Strašně moc pomohlo to vyčištění plochy.

Díky moc za vše.

[cernohous13]

Tak ještě úklid

Stáhni a spusť T-cleaner http://tharifas.sweb.cz/T-Cleaner.exe
nebo http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
- uklidí po použitých čističích.
Po spuštění ignoruj případné varování antiviru - je to v pořádku
Po provedení akce T-cleaner smažeš

Stáhni TempFolderCleaner http://oldtimer.geekstogo.com/TFC.exe
Zavři všechny programy a spusť. Po ukončení akce bude PC restartován.
Pokud ne, restartuj sám.
(čistí Temp složky , nečistí URL, historii, prefetch ani cookies)

Mohu doporučit kontrolu a vyčištění Ccleanerem

Stáhni Ccleaner - http://www.filehippo.com/download_ccleaner
Při instalaci vyhodit fajfku u nabízených toolbarů
Můžeš nastavit potřebný jazyk
zavřít Internetový prohlížeč a
spustit "Čistič" > "Spustit Ccleaner" - odstraní nepotřebné
spustit "Registry" > "Hledej problémy" > "Opravit vybrané problémy"
souhlas se zálohou registrů - opakovat dokud nebudou registry čisté.
spustit "Nástroje" > "Start" - tady můžeš zkusit deaktivovat procesy, které při spuštění nepotřebuješ (pokud by ti potom něco nechodilo, stejným způsobem je povolíš)

Návod:http://jnp.zive.cz/Clanky/Prirucka-do-k ... fault.aspx

Ten si můžeš nechat i na budoucí občasné čištění.

Po vyčištění by se hodila defragmentace
http://www.filehippo.com/download_defraggler

A jestli nejsou problémy tak máme hotovo

A nemáš zač - jsme tady i příště

[icejack]

Zdravím, ještě mám dotaz k Ccleaneru, které procesy mohu vypnout?
Posílám odkaz na screenshoty. Nevím co je potřeba ponechat a co není důležité. Např. záložka IE, který nepoužívám můžu úplně vypnout?

http://www.nahraj-obrazek.cz/?di=1141443261010
http://www.nahraj-obrazek.cz/?di=1514144326119
http://www.nahraj-obrazek.cz/?di=3141443261211
http://www.nahraj-obrazek.cz/?di=4141443261312
http://www.nahraj-obrazek.cz/?di=1014144326135

Díky za info

[cernohous13]

Tak vyzkoušej vypnout

Naplánované úlohy - vše
Windows - uTorrent, Adobe ARM, KernelFaultCheck, NvCplDaemon, SunJavaUpdateSched
Firefox - Google Update
IE - vše

obnovení je pak jednoduché