kontrola logu -RogueKiller

[frantkurina]

dobrý den-prosím o kontrolu logu z RogueKiller-děkuji-franta

RogueKiller V8.5.2 [Feb 23 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Uživatelský [Omezená práva]
Mód : Kontrola -- Datum : 03/05/2013 17:39:17
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 1 ¤¤¤
[HOSTS] HKLM\[...]\Parameters : DataBasePath () -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 http://www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 http://www.008k.com
127.0.0.1 008k.com
127.0.0.1 http://www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 http://www.032439.com
127.0.0.1 032439.com
127.0.0.1 http://www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 http://www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 http://www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 http://www.100888290cs.com
127.0.0.1 http://www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]


¤¤¤ Kontrola MBR: ¤¤¤

Dokončeno : << RKreport[1]_S_03052013_02d1739.txt >>
RKreport[1]_S_03052013_02d1739.txt

[vyosek]

Zdravim

Proc spoustite RK na uctu s omezenymi pravy?? To pak nema sanci byt 100% ucinny

[frantkurina]

spustím znovu jako admin a pošlu-franta

[frantkurina]

děkuji za upozornění-to je ale rozdíl-tady je nový log.

RogueKiller V8.5.0 [Feb 9 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Franta [Práva správce]
Mód : Kontrola -- Datum : 03/05/2013 18:13:13
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
SSDT[25] : NtClose @ 0x80567B6D -> HOOKED (Unknown @ 0xF7BD8CD4)
SSDT[37] : NtCreateFile @ 0x8056F8E4 -> HOOKED (\SystemRoot\system32\Drivers\fwdrv.sys @ 0xF5AEB62B)
SSDT[41] : NtCreateKey @ 0x805737EF -> HOOKED (TfSysMon.sys @ 0xF7456A1C)
SSDT[47] : NtCreateProcess @ 0x805B0242 -> HOOKED (\SystemRoot\system32\Drivers\fwdrv.sys @ 0xF5AEBC92)
SSDT[48] : NtCreateProcessEx @ 0x8058304C -> HOOKED (\SystemRoot\system32\Drivers\fwdrv.sys @ 0xF5AEBC17)
SSDT[50] : NtCreateSection @ 0x805653B3 -> HOOKED (Unknown @ 0xF7BD8CDE)
SSDT[53] : NtCreateThread @ 0x8057888D -> HOOKED (Unknown @ 0xF7BD8C84)
SSDT[63] : NtDeleteKey @ 0x80595A22 -> HOOKED (TfSysMon.sys @ 0xF7456C10)
SSDT[65] : NtDeleteValueKey @ 0x80593642 -> HOOKED (TfSysMon.sys @ 0xF7456CB6)
SSDT[68] : NtDuplicateObject @ 0x80574942 -> HOOKED (Unknown @ 0xF7BD8CCF)
SSDT[98] : NtLoadKey @ 0x805ADC1B -> HOOKED (Unknown @ 0xF7BD8CA2)
SSDT[119] : NtOpenKey @ 0x80568FE8 -> HOOKED (TfSysMon.sys @ 0xF745690C)
SSDT[122] : NtOpenProcess @ 0x80574B29 -> HOOKED (Unknown @ 0xF7BD8C70)
SSDT[128] : NtOpenThread @ 0x80590C64 -> HOOKED (Unknown @ 0xF7BD8C75)
SSDT[193] : NtReplaceKey @ 0x8064FF50 -> HOOKED (Unknown @ 0xF7BD8CAC)
SSDT[204] : NtRestoreKey @ 0x8064FAE5 -> HOOKED (Unknown @ 0xF7BD8CA7)
SSDT[213] : NtSetContextThread @ 0x8062E75B -> HOOKED (Unknown @ 0xF7BD8CE3)
SSDT[247] : NtSetValueKey @ 0x8057DA5B -> HOOKED (TfSysMon.sys @ 0xF7456E52)
SSDT[257] : NtTerminateProcess @ 0x805857B9 -> HOOKED (TfSysMon.sys @ 0xF7458B30)
S_SSDT[549] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0xF7BD8CE8)
S_SSDT[552] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0xF7BD8CED)

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD800BB-00FJA0 +++++
--- User ---
[MBR] 5d6f4ae04b5b7792231a2d5ede737249
[BSP] bc49191abe2ec9186fa73231910b5619 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 61443 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 125837145 | Size: 14872 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_03052013_02d1813.txt >>
RKreport[1]_S_03052013_02d1813.txt

[vyosek]

Spustte znovu RogueKiller

• Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
• Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
• Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte

[frantkurina]

zde jsou-

RogueKiller V8.5.0 [Feb 9 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Franta [Práva správce]
Mód : Odebrat -- Datum : 03/05/2013 18:29:01
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
SSDT[25] : NtClose @ 0x80567B6D -> HOOKED (Unknown @ 0xF7BD8CD4)
SSDT[37] : NtCreateFile @ 0x8056F8E4 -> HOOKED (\SystemRoot\system32\Drivers\fwdrv.sys @ 0xF5AEB62B)
SSDT[41] : NtCreateKey @ 0x805737EF -> HOOKED (TfSysMon.sys @ 0xF7456A1C)
SSDT[47] : NtCreateProcess @ 0x805B0242 -> HOOKED (\SystemRoot\system32\Drivers\fwdrv.sys @ 0xF5AEBC92)
SSDT[48] : NtCreateProcessEx @ 0x8058304C -> HOOKED (\SystemRoot\system32\Drivers\fwdrv.sys @ 0xF5AEBC17)
SSDT[50] : NtCreateSection @ 0x805653B3 -> HOOKED (Unknown @ 0xF7BD8CDE)
SSDT[53] : NtCreateThread @ 0x8057888D -> HOOKED (Unknown @ 0xF7BD8C84)
SSDT[63] : NtDeleteKey @ 0x80595A22 -> HOOKED (TfSysMon.sys @ 0xF7456C10)
SSDT[65] : NtDeleteValueKey @ 0x80593642 -> HOOKED (TfSysMon.sys @ 0xF7456CB6)
SSDT[68] : NtDuplicateObject @ 0x80574942 -> HOOKED (Unknown @ 0xF7BD8CCF)
SSDT[98] : NtLoadKey @ 0x805ADC1B -> HOOKED (Unknown @ 0xF7BD8CA2)
SSDT[119] : NtOpenKey @ 0x80568FE8 -> HOOKED (TfSysMon.sys @ 0xF745690C)
SSDT[122] : NtOpenProcess @ 0x80574B29 -> HOOKED (Unknown @ 0xF7BD8C70)
SSDT[128] : NtOpenThread @ 0x80590C64 -> HOOKED (Unknown @ 0xF7BD8C75)
SSDT[193] : NtReplaceKey @ 0x8064FF50 -> HOOKED (Unknown @ 0xF7BD8CAC)
SSDT[204] : NtRestoreKey @ 0x8064FAE5 -> HOOKED (Unknown @ 0xF7BD8CA7)
SSDT[213] : NtSetContextThread @ 0x8062E75B -> HOOKED (Unknown @ 0xF7BD8CE3)
SSDT[247] : NtSetValueKey @ 0x8057DA5B -> HOOKED (TfSysMon.sys @ 0xF7456E52)
SSDT[257] : NtTerminateProcess @ 0x805857B9 -> HOOKED (TfSysMon.sys @ 0xF7458B30)
S_SSDT[549] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0xF7BD8CE8)
S_SSDT[552] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0xF7BD8CED)

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD800BB-00FJA0 +++++
--- User ---
[MBR] 5d6f4ae04b5b7792231a2d5ede737249
[BSP] bc49191abe2ec9186fa73231910b5619 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 61443 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 125837145 | Size: 14872 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[3]_D_03052013_02d1829.txt >>
RKreport[1]_S_03052013_02d1813.txt ; RKreport[2]_S_03052013_02d1827.txt ; RKreport[3]_D_03052013_02d1829.txt



RogueKiller V8.5.0 [Feb 9 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Franta [Práva správce]
Mód : Oprava HOSTS -- Datum : 03/05/2013 18:31:01
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[4]_H_03052013_02d1831.txt >>
RKreport[1]_S_03052013_02d1813.txt ; RKreport[2]_S_03052013_02d1827.txt ; RKreport[3]_D_03052013_02d1829.txt ; RKreport[4]_H_03052013_02d1831.txt

[vyosek]

Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/

• Ulozte nejlepe na Plochu a rozbalte
• Spustte kliknutim na mbanr
• Nyni postupne kliknete na Next a Update
• Po dokonceni update (aktualizace) databaze kliknete opet na Next
• Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
• Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
• Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
• Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
• PC bude restartovan
• Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

[frantkurina]

zde je log


Malwarebytes Anti-Rootkit BETA 1.01.0.1021
www.malwarebytes.org

Database version: v2013.03.06.11

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: FRANTA-DE2FB6E6 [administrator]

6.3.2013 17:32:38
mbar-log-2013-03-06 (17-32-38).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 24985
Time elapsed: 13 minute(s), 28 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

[vyosek]

Fajn, jeste poprosim o log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=105895

[frantkurina]

zde je log z Rsit


Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2013-03-06 19:47:49
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 51 GB (83%) free of 61 GB
Total RAM: 767 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:48:36, on 6.3.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Kerio\Personal Firewall\persfw.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Documents and Settings\Uživatelský\Plocha\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\RunOnce: [Z1] cmd /c "C:\Documents and Settings\Uživatelský\Plocha\mbar-1.01.0.1021\mbar\mbar.exe" /cleanup /s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1708537768-1592454029-1801674531-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Uživatelský')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs:
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall\persfw.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 5791 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-02-20 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-02-20 170912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2004-07-01 4112384]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2004-07-01 81920]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2013-02-20 281768]
"WinPatrol"=C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [2012-07-13 384232]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Z1"=cmd /c C:\Documents and Settings\Uživatelský\Plocha\mbar-1.01.0.1021\mbar\mbar.exe /cleanup /s []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2013-03-05 549760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"HonorAutorunSetting"=1
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-03-06 19:47:50 ----D---- C:\Program Files\trend micro
2013-03-06 19:47:49 ----D---- C:\rsit
2013-03-06 17:39:05 ----D---- C:\Documents and Settings\Administrator.FRANTA-DE2FB6E6\Data aplikací\WinPatrol
2013-03-06 17:38:51 ----D---- C:\Program Files\BillP Studios
2013-03-06 17:38:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\InstallMate
2013-03-06 17:18:45 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2013-03-05 19:22:52 ----D---- C:\Program Files\SUPERAntiSpyware
2013-03-05 19:22:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2013-03-02 12:28:35 ----N---- C:\WINDOWS\system32\drivers\FWDRV.SYS
2013-03-02 09:44:34 ----D---- C:\Program Files\Kerio
2013-03-01 18:06:19 ----D---- C:\Documents and Settings\Administrator.FRANTA-DE2FB6E6\Data aplikací\Adobe
2013-03-01 17:51:22 ----D---- C:\Documents and Settings\Administrator.FRANTA-DE2FB6E6\Data aplikací\TuneUp Software
2013-02-27 10:51:33 ----HD---- C:\WINDOWS\system32\GroupPolicy
2013-02-22 17:29:31 ----D---- C:\WINDOWS\system32\NtmsData
2013-02-20 10:57:21 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2013-02-20 10:56:01 ----D---- C:\Program Files\Common Files\PC Tools
2013-02-20 10:40:36 ----A---- C:\WINDOWS\system32\drivers\ssmdrv.sys
2013-02-20 10:40:34 ----A---- C:\WINDOWS\system32\drivers\avipbb.sys
2013-02-20 10:40:34 ----A---- C:\WINDOWS\system32\drivers\avgntmgr.sys
2013-02-20 10:40:34 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys
2013-02-20 10:40:34 ----A---- C:\WINDOWS\system32\drivers\avgntdd.sys
2013-02-20 10:40:32 ----D---- C:\Program Files\Avira
2013-02-20 10:40:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avira
2013-02-20 09:22:51 ----A---- C:\WINDOWS\system32\javaws.exe
2013-02-20 09:22:09 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-02-20 09:22:09 ----A---- C:\WINDOWS\system32\javaw.exe
2013-02-20 09:22:09 ----A---- C:\WINDOWS\system32\java.exe
2013-02-20 09:21:42 ----D---- C:\Program Files\Java
2013-02-20 09:08:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Tools
2013-02-20 09:08:17 ----D---- C:\Program Files\ThreatFire
2013-02-20 09:07:59 ----D---- C:\Program Files\Spybot - Search & Destroy
2013-02-20 09:07:59 ----D---- C:\Program Files\Auslogics
2013-02-20 09:07:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2013-02-20 09:07:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-02-20 09:07:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\IObit
2013-02-19 09:44:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2013-02-19 09:20:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2013-02-19 08:58:59 ----DC---- C:\WINDOWS\$NtUninstallKB2778344$
2013-02-19 08:58:34 ----DC---- C:\WINDOWS\$NtUninstallKB2799494$
2013-02-19 08:58:19 ----DC---- C:\WINDOWS\$NtUninstallKB2802968$
2013-02-19 08:58:05 ----DC---- C:\WINDOWS\$NtUninstallKB2780091$
2013-02-19 08:57:43 ----DC---- C:\WINDOWS\$NtUninstallKB2757638$
2013-02-19 08:53:54 ----A---- C:\WINDOWS\imsins.BAK
2013-02-18 16:47:41 ----A---- C:\WINDOWS\ntbtlog.txt
2013-02-14 17:01:23 ----A---- C:\WINDOWS\system32\drivers\sfi.dat
2013-02-14 16:40:15 ----A---- C:\WINDOWS\system32\drivers\TfSysMon.sys
2013-02-14 16:40:15 ----A---- C:\WINDOWS\system32\drivers\TfNetMon.sys
2013-02-14 16:40:15 ----A---- C:\WINDOWS\system32\drivers\TfFsMon.sys
2013-02-14 12:55:22 ----A---- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2013-02-14 09:53:58 ----ASH---- C:\Documents and Settings\Administrator.FRANTA-DE2FB6E6\Data aplikací\desktop.ini
2013-02-14 09:53:57 ----SD---- C:\Documents and Settings\Administrator.FRANTA-DE2FB6E6\Data aplikací\Microsoft

======List of files/folders modified in the last 1 month======

2013-03-06 19:47:50 ----RD---- C:\Program Files
2013-03-06 19:33:19 ----D---- C:\WINDOWS\Temp
2013-03-06 19:32:51 ----D---- C:\WINDOWS\system32\CatRoot2
2013-03-06 17:44:26 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-03-06 17:32:46 ----D---- C:\WINDOWS\system32\drivers
2013-03-03 20:05:40 ----D---- C:\Program Files\Pale Moon
2013-03-03 20:01:12 ----D---- C:\Documents and Settings
2013-03-02 12:28:33 ----HD---- C:\Program Files\InstallShield Installation Information
2013-03-02 12:09:14 ----D---- C:\Program Files\SeaMonkey
2013-02-27 18:14:08 ----SHD---- C:\System Volume Information
2013-02-27 17:27:27 ----D---- C:\WINDOWS\Registration
2013-02-27 16:40:16 ----SHD---- C:\WINDOWS\Installer
2013-02-27 16:40:16 ----HD---- C:\Config.Msi
2013-02-27 16:40:16 ----A---- C:\WINDOWS\ODBC.INI
2013-02-27 11:39:12 ----SHD---- C:\RECYCLER
2013-02-27 11:23:43 ----D---- C:\WINDOWS\system32
2013-02-27 11:23:40 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-02-26 13:24:06 ----D---- C:\WINDOWS\system32\config
2013-02-24 18:01:59 ----D---- C:\Portable programy
2013-02-23 17:14:18 ----A---- C:\WINDOWS\win.ini
2013-02-22 20:01:11 ----D---- C:\WINDOWS
2013-02-22 19:57:35 ----HD---- C:\WINDOWS\inf
2013-02-22 17:29:29 ----D---- C:\WINDOWS\repair
2013-02-20 10:57:10 ----D---- C:\WINDOWS\system32\CatRoot
2013-02-20 10:56:01 ----D---- C:\Program Files\Common Files
2013-02-20 10:38:33 ----D---- C:\WINDOWS\WinSxS
2013-02-20 09:21:48 ----A---- C:\WINDOWS\system32\npDeployJava1.dll
2013-02-20 09:21:48 ----A---- C:\WINDOWS\system32\deployJava1.dll
2013-02-20 09:10:24 ----D---- C:\WINDOWS\system32\wbem
2013-02-20 09:07:21 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-02-20 09:07:21 ----D---- C:\Program Files\Internet Explorer
2013-02-20 08:45:29 ----SD---- C:\WINDOWS\Tasks
2013-02-19 10:36:42 ----D---- C:\Program Files\Ashampoo
2013-02-19 09:49:38 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-02-19 08:59:40 ----D---- C:\WINDOWS\ie8updates
2013-02-19 08:59:36 ----HD---- C:\WINDOWS\$hf_mig$
2013-02-19 08:46:54 ----D---- C:\WINDOWS\SoftwareDistribution
2013-02-18 17:14:20 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-02-17 16:41:32 ----D---- C:\WINDOWS\twain_32
2013-02-14 12:10:25 ----SH---- C:\boot.ini
2013-02-14 11:48:25 ----A---- C:\WINDOWS\wininit.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 TfFsMon;TfFsMon; C:\WINDOWS\system32\drivers\TfFsMon.sys [2010-01-14 51984]
R0 TfSysMon;TfSysMon; C:\WINDOWS\system32\drivers\TfSysMon.sys [2010-01-14 59664]
R0 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-14 42240]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 27904]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2013-02-20 138192]
R1 fwdrv;Kerio Personal Firewall Driver; C:\WINDOWS\system32\Drivers\fwdrv.sys [2002-04-15 102912]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2013-02-20 66616]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-03 11868]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-07-24 403968]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-07-24 461312]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-03 1041536]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-03 220032]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-07-01 2459840]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-03 685056]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 mbamchameleon;mbamchameleon; \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys []
S3 TfNetMon;TfNetMon; \??\C:\WINDOWS\system32\drivers\TfNetMon.sys []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2013-03-05 116608]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2013-02-20 269480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2013-02-20 136360]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-02-20 170912]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2004-07-01 114755]
R2 PersFw;Kerio Personal Firewall; C:\Program Files\Kerio\Personal Firewall\persfw.exe [2002-04-29 393216]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-27 251248]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]
S3 ThreatFire;ThreatFire; C:\Program Files\ThreatFire\TFService.exe [2010-01-14 70928]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2013-01-13 306432]

-----------------EOF-----------------

[vyosek]

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

[frantkurina]

děkuji mnohokrát za pomoc,Pc pracuje,ale chtěl bych se zeptat,jaký firewall a antivir ve free verzi by jste mi doporučil na tento starší PC -CPU2,53GHz cerelon + ram 768 +VGA GALAXY GF FX 5200 128MB DDR
díky franta

[vyosek]

Z free antiviru bud MSE, Aviru ci Avast...Firewall bych tam asi necpal z duvodu male RAM

Jinak nemate zac, rad jsem pomohl