Velké využití CPU

Zpráva

Sichi · #1 Příspěvek od **Sichi** » 14 bře 2014 01:45

Dobrý den, můj problém spočívá v tom, že můj procesor pracuje skoro pořád na 80-100%. Sice je už trochu starší, ale myslím si, že při úplně banálních činnostech, jako je třeba prohlížení webu, je to docela dost. Co mám dělat?

Předem děkuji za pomoc.

#2 Příspěvek od **vyosek** » 14 bře 2014 02:06

Zdravim

A budeme vesit z kristalove koule nebo logru od kafe

Aspon log z RSIT nebo FRST mi dejte, nahore je takovej veeelkej oranzovej obdelnik...

Sichi · #3 Příspěvek od **Sichi** » 14 bře 2014 02:13

Omlouvám se, nevšiml jsem si

zde je log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Owner at 2014-03-14 02:15:18
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 48 GB (62%) free of 77 GB
Total RAM: 2047 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:15:25, on 14.3.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\IObit\Advanced SystemCare 7\Asc.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Owner\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Owner.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchya.com/?f=1&a=syd72&cd ... 673505&ir=
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkID=131658
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\8.5\iobitappsToolbarIE.dll
O2 - BHO: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\8.5\iobitappsToolbarIE.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: ValueApps Loader - {93DBF2BB-A2B3-4683-A92E-57E60751F346} - C:\Program Files\Conduit\ValueApps\IE\ValueAppsLoader.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\8.5\iobitappsToolbarIE.dll
O3 - Toolbar: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [AdminWorks Tray] "C:\Acer\Empowering Technology\awtray.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\Owner\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

--
End of file - 7859 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\ASC7_PerformanceMonitor.job
C:\WINDOWS\tasks\Driver Booster Scan.job
C:\WINDOWS\tasks\Driver Booster Update.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-306829412-3668169067-3135776419-1003Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-306829412-3668169067-3135776419-1003UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-306829412-3668169067-3135776419-1003.job
C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-306829412-3668169067-3135776419-1003.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\4f1qi6qf.default

prefs.js - "keyword.URL" - "http://search.yahoo.com/search?ei=utf-8 ... &ilc=12&p="

"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"=C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1204144.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
"Path"=C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
"Path"=C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Peppe rFlash Video Shim Plug-In
"Path"=C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51]
"Description"=RealPlayer Download Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@realnetworks.com/npdlplugin;version=1]
"Description"=RealDownloader Plugin
"Path"=C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\4f1qi6qf.default\searchplugins\
yahoo_ff.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
IObit Apps Toolbar - C:\Program Files\IObit Apps Toolbar\IE\8.5\iobitappsToolbarIE.dll [2013-12-13 1398080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2014-01-05 752448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14 542376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-11 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93DBF2BB-A2B3-4683-A92E-57E60751F346}]
ValueApps - C:\Program Files\Conduit\ValueApps\IE\ValueAppsLoader.dll [2013-12-22 127264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-11 194128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll [2013-10-10 1001936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-11-25 665408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-11 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-11 194128]
{03EB0E9C-7A91-4381-A220-9B52B641CDB1} - IObit Apps Toolbar - C:\Program Files\IObit Apps Toolbar\IE\8.5\iobitappsToolbarIE.dll [2013-12-13 1398080]
{10921475-03CE-4E04-90CE-E2E7EF20C814} - ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2014-01-05 752448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2013-08-22 295512]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2013-12-13 1383232]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-06-08 14565376]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"ntiMUI"=c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"LaunchApp"=Alaunch []
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\Monitor.exe [2005-08-16 368640]
"ADMTray.exe"=C:\Acer\Empowering Technology\admtray.exe [2005-08-18 2460672]
"AdminWorks Tray"=C:\Acer\Empowering Technology\awtray.exe [2005-08-18 1304576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2013-08-22 39408]
"Advanced SystemCare 7"=C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2013-12-09 2285344]
"Facebook Update"=C:\Documents and Settings\Owner\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [2014-02-08 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SkypeUpdate"=2
"RealNetworks Downloader Resolver Service"=2
"PnkBstrA"=2
"LiveUpdateSvc"=2
"JavaQuickStarterService"=2
"gusvc"=3
"gupdatem"=3
"gupdate"=2
"AWService"=2
"ATI Smart"=2
"Ati HotKey Poller"=2
"Application Updater"=2
"AdvancedSystemCareService7"=2
"AdobeFlashPlayerUpdateSvc"=3

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-10-17 122880]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"D:\SindicateM2 - Kopie (6)\client.bin"="D:\SindicateM2 - Kopie (6)\client.bin:*:Enabled:client"
"D:\QuadCoreM2\pack\core.bin"="D:\QuadCoreM2\pack\core.bin:*:Enabled:core"
"C:\Documents and Settings\Owner\Data aplikací\BitTorrent\BitTorrent.exe"="C:\Documents and Settings\Owner\Data aplikací\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.2380\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.2380\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.beta.2581\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.beta.2581\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\Documents and Settings\Owner\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\Owner\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======List of files/folders created in the last 1 month======

2014-03-14 02:15:19 ----D---- C:\Program Files\trend micro
2014-03-14 02:15:18 ----D---- C:\rsit
2014-03-14 01:26:00 ----D---- C:\Program Files\Combined Community Codec Pack
2014-03-14 01:14:05 ----D---- C:\Program Files\ValueApps
2014-03-14 01:14:04 ----A---- C:\WINDOWS\system32\tmpresp.tmp
2014-03-14 01:12:03 ----D---- C:\Program Files\ATI
2014-03-14 01:11:08 ----D---- C:\AMD
2014-03-13 03:15:20 ----D---- C:\Program Files\Mozilla Firefox
2014-03-13 02:56:02 ----D---- C:\Documents and Settings\Owner\Data aplikací\Mozilla
2014-03-13 02:55:58 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-03-13 02:55:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Mozilla
2014-03-13 02:41:00 ----D---- C:\Documents and Settings\Owner\Data aplikací\Media Player Classic
2014-02-26 19:37:27 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2014-02-25 22:14:27 ----A---- C:\WINDOWS\uninst.exe
2014-02-24 18:42:22 ----D---- C:\Program Files\Rockstar Games
2014-02-22 13:25:42 ----D---- C:\Program Files\Game Dev Tycoon v1.3.2

======List of files/folders modified in the last 1 month======

2014-03-14 02:15:19 ----RD---- C:\Program Files
2014-03-14 02:15:00 ----D---- C:\WINDOWS\Prefetch
2014-03-14 02:05:19 ----D---- C:\WINDOWS\temp
2014-03-14 02:05:18 ----SHD---- C:\System Volume Information
2014-03-14 02:05:18 ----D---- C:\WINDOWS\system32\Restore
2014-03-14 02:05:11 ----AD---- C:\WINDOWS
2014-03-14 02:04:50 ----D---- C:\Qoobox
2014-03-14 01:35:02 ----D---- C:\WINDOWS\system32\CatRoot2
2014-03-14 01:32:36 ----D---- C:\WINDOWS\system32\config
2014-03-14 01:28:14 ----AD---- C:\WINDOWS\system32
2014-03-14 01:28:14 ----A---- C:\WINDOWS\system32\eRLog.ini
2014-03-14 01:28:05 ----D---- C:\WINDOWS\system32\Lang
2014-03-14 01:26:26 ----D---- C:\WINDOWS\system32\wbem
2014-03-14 01:26:25 ----D---- C:\WINDOWS\Registration
2014-03-14 01:26:15 ----SHD---- C:\WINDOWS\Installer
2014-03-14 01:26:14 ----AD---- C:\WINDOWS\system32\drivers
2014-03-14 01:26:12 ----RSHD---- C:\WINDOWS\system32\dllcache
2014-03-14 01:26:06 ----D---- C:\Config.Msi
2014-03-14 01:25:57 ----N---- C:\WINDOWS\SchedLgU.Txt
2014-03-14 01:15:37 ----HD---- C:\WINDOWS\inf
2014-03-14 01:12:54 ----DC---- C:\WINDOWS\system32\DRVSTORE
2014-03-14 00:12:27 ----D---- C:\Documents and Settings\Owner\Data aplikací\Skype
2014-03-13 00:36:52 ----D---- C:\Documents and Settings\Owner\Data aplikací\vlc
2014-03-12 11:04:15 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-03-04 17:20:43 ----D---- C:\Program Files\Opera
2014-03-01 20:47:25 ----D---- C:\Program Files\Steam
2014-02-26 19:26:15 ----HD---- C:\Program Files\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 m5287;m5287; C:\WINDOWS\system32\drivers\m5287.sys [2005-02-05 85888]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2014-01-31 320120]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 OsaFsLoc;OsaFsLoc; \??\C:\WINDOWS\system32\drivers\OsaFsLoc.sys []
R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
R2 osaio;osaio; \??\C:\WINDOWS\system32\drivers\osaio.sys []
R2 osanbm;osanbm; \??\C:\WINDOWS\system32\drivers\osanbm.sys []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-10-17 2642944]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-06-08 3160576]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2005-09-08 6144]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2005-06-27 234752]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cpuz130;cpuz130; C:\WINDOWS\system32\drivers\cpuz130.sys []
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisFilt;OSA NdisFilter Protocol; C:\WINDOWS\System32\Drivers\NdisFilt.sys [2004-06-07 5035]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NETMNT;Acer NetMonitor Protocol; C:\WINDOWS\system32\DRIVERS\NETMNT.sys [2005-05-02 9600]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-22 116648]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-22 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-13 118896]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S4 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [2013-12-09 881440]
S4 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2013-12-13 807800]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-10-17 495616]
S4 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-10-16 593920]
S4 AWService;AdminWorks Agent X6; C:\Acer\Empowering Technology\awServ.exe [2005-08-18 86528]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S4 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-08-22 194032]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-01-11 182696]
S4 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2014-01-17 76888]
S4 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]

-----------------EOF-----------------

#4 Příspěvek od **vyosek** » 14 bře 2014 02:22

Vy jste tam spoustel dneska ComboFix co??

Sichi · #5 Příspěvek od **Sichi** » 14 bře 2014 02:25

No, už jsem s ním jednou pracoval, ale zapomněl jsem ho vymazat, tak jsem ho dneska jen smazal, ale nespouštěl.

#6 Příspěvek od **vyosek** » 14 bře 2014 02:26

Odinstalujte Advanced SystemCare a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Sichi · #7 Příspěvek od **Sichi** » 14 bře 2014 02:35

Za moment přidám druhý log.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Microsoft Windows XP x86
Ran by Owner on pá 14.03.2014 at 2:35:12,65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

Successfully stopped: [Service] application updater
Successfully deleted: [Service] application updater

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\searchsettings
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\search settings
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\application updater
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\defaulttab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{1B2C4996-C50D-56D3-C853-546F85F4FDCE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{1B2C4996-C50D-56D3-C853-546F85F4FDCE}

~~~ Files

Successfully deleted: [File] "C:\end"

~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\Owner\Data aplikací\babylon"
Successfully deleted: [Folder] "C:\Documents and Settings\Owner\Data aplikací\search settings"
Successfully deleted: [Folder] "C:\Program Files\application updater"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\mypc backup"
Failed to delete: [Folder] "C:\Program Files\Common Files\spigot"
Successfully deleted: [Folder] "C:\WINDOWS\system32\ai_recyclebin"

~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\Owner\Data aplikací\mozilla\firefox\profiles\4f1qi6qf.default\user.js

~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on pá 14.03.2014 at 2:39:13,51
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Sichi · #8 Příspěvek od **Sichi** » 14 bře 2014 02:41

Druhý log.

# AdwCleaner v3.022 - Report created 14/03/2014 at 02:43:06
# Updated 13/03/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Owner - ACER-6212E367EE
# Running from : C:\Documents and Settings\Owner\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Deleted : C:\Program Files\BitLord 2
Folder Deleted : C:\Program Files\IObit Apps Toolbar
Folder Deleted : C:\Program Files\ValueApps
Folder Deleted : C:\Program Files\Common Files\Spigot
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Data aplikací\Conduit
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Data aplikací\SearchProtect
Folder Deleted : C:\Documents and Settings\Owner\Data aplikací\BitLord
Folder Deleted : C:\Documents and Settings\Owner\Data aplikací\SearchYa
Folder Deleted : C:\Documents and Settings\Owner\Data aplikací\ValueApps
Folder Deleted : C:\Documents and Settings\Owner\Dokumenty\BitLord
[!] Folder Deleted : C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
[!] Folder Deleted : C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
[!] Folder Deleted : C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
[!] Folder Deleted : C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
[!] Folder Deleted : C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
File Deleted : C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage
File Deleted : C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage
File Deleted : C:\WINDOWS\Tasks\Driver Booster Update.job

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{15F6BCB7-BB0F-4A66-8762-4765B05597EB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1973277F-87B0-4EA3-9ED2-470A91D284CF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F63AAEDC-3602-49EF-AA45-262380A98980}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{819DC4CA-4FFF-4C2E-800D-F346471D99BC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\searchya
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044

***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.5512

-\\ Mozilla Firefox v27.0.1 (cs)

[ File : C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\4f1qi6qf.default\prefs.js ]

-\\ Google Chrome v33.0.1750.146

[ File : C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : icon_url
Deleted : search_url
Deleted : keyword

*************************

AdwCleaner[R0].txt - [5174 octets] - [14/03/2014 02:41:54]
AdwCleaner[S0].txt - [5189 octets] - [14/03/2014 02:43:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5249 octets] ##########

#9 Příspěvek od **vyosek** » 14 bře 2014 02:42

Supr, jdeme dale

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Sichi · #10 Příspěvek od **Sichi** » 14 bře 2014 02:53

Log zde:

Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by Owner on p 14.03.2014 at 2:49:42,23.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Owner\Plocha\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

14.3.2014 2:50:15 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-306829412-3668169067-3135776419-1003\Software\Microsoft\Internet Explorer\Approved Extensions\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\DOCUME~1\ALLUSE~1\DATAAP~1\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted
C:\search.sqlite deleted
C:\FOUND.000 deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\ProductData deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\Package Cache deleted
C:\WINDOWS\wininit.ini deleted
C:\prefs.js deleted
C:\WINDOWS\System32\tmpresp.tmp deleted
"C:\WINDOWS\Installer\7c6f45.msi" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\Documents and Settings\All Users\Data aplikacˇ\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [22.08.2013 16:43]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\Documents and Settings\All Users\Data aplikacˇ\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14.08.2013 14:24]
nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx[12.10.2013 13:04]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com/ie"
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\30E8FF2323343D445B5E0AF4D1960D1E deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\ValueApps deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{32FF8E03-4332-44D3-B5E5-A04F1D69D0E1} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\30E8FF2323343D445B5E0AF4D1960D1E deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Owner\Local Settings\temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=9 folders=5 1610977 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\Owner\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on p 14.03.2014 at 2:57:12,57 ======================

#11 Příspěvek od **vyosek** » 14 bře 2014 03:03

Supr, poprosim nyni o log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Sichi · #12 Příspěvek od **Sichi** » 14 bře 2014 03:13

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01
Ran by Owner (administrator) on ACER-6212E367EE on 14-03-2014 03:15:05
Running from C:\Documents and Settings\Owner\Plocha
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 6
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\update\realsched.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(acer Inc.) C:\Acer\Empowering Technology\eRecovery\Monitor.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(forum.viry.cz) C:\Documents and Settings\Owner\Plocha\FRSTLauncher.exe
(Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
(Adobe Systems Incorporated) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
(Microsoft Corporation) C:\WINDOWS\system32\ping.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\update\realsched.exe [295512 2013-08-22] (RealNetworks, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [14565376 2005-06-08] (Realtek Semiconductor Corp.)
HKLM\...\Run: [RemoteControl] - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [32768 2004-11-02] (Cyberlink Corp.)
HKLM\...\Run: [PHIME2002ASync] - C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2004-08-18] (Microsoft Corporation)
HKLM\...\Run: [PHIME2002A] - C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2004-08-18] (Microsoft Corporation)
HKLM\...\Run: [ntiMUI] - c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [45056 2005-05-11] ()
HKLM\...\Run: [MSPY2002] - C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [59392 2004-08-18] ()
HKLM\...\Run: [LaunchApp] - Alaunch
HKLM\...\Run: [IMJPMIG8.1] - C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [208952 2004-08-18] (Microsoft Corporation)
HKLM\...\Run: [High Definition Audio Property Page Shortcut] - C:\WINDOWS\system32\HDAShCut.exe [61952 2005-01-07] (Windows (R) Server 2003 DDK provider)
HKLM\...\Run: [eRecoveryService] - C:\Acer\Empowering Technology\eRecovery\Monitor.exe [368640 2005-08-16] (acer Inc.)
HKLM\...\Run: [ADMTray.exe] - C:\Acer\Empowering Technology\admtray.exe [2460672 2005-08-18] (Avocent Inc.)
HKLM\...\Run: [AdminWorks Tray] - C:\Acer\Empowering Technology\awtray.exe [1304576 2005-08-18] (OSA Technologies, An Avocent Company)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\S-1-5-21-306829412-3668169067-3135776419-1003\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-08-22] (Google Inc.)
HKU\S-1-5-21-306829412-3668169067-3135776419-1003\...\Run: [Facebook Update] - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [138096 2014-02-08] (Facebook Inc.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
ShortcutTarget: Adobe Reader Speed Launch.lnk -> C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)

==================== Internet (Whitelisted) ====================

ProxyServer: :0
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\4f1qi6qf.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Keyword.URL: hxxp://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=198484&ilc=12&p=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\4f1qi6qf.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Adblock Plus - C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\4f1qi6qf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-13]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-08-22]

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchProvider: SearchYa!
CHR DefaultSearchURL: http://www.google.com
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Adobe Acrobat) - c:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealDownloader Plugin) - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
CHR Extension: (YouTube) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-22]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-22]
CHR Extension: (AdBlock) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-08-22]
CHR Extension: (Value apps) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon [2013-12-25]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2013-08-22]
CHR Extension: (Peněženka Google) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-22]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx [2014-01-05]

========================== Services (Whitelisted) =================

S3 AppMgmt; C:\WINDOWS\system32\svchost.exe [14336 2008-04-14] (Microsoft Corporation)
S4 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2007-10-16] ()
S4 AWService; C:\Acer\Empowering Technology\awServ.exe [86528 2005-08-18] (OSA Technologies Inc., An Avocent Company)
S4 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-01-11] (Oracle Corporation)
S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
S4 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76888 2014-01-17] ()
S4 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()

==================== Drivers (Whitelisted) ====================

R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43008 2006-07-01] (Advanced Micro Devices)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 HdAudAddService; C:\WINDOWS\System32\drivers\HdAudio.sys [145920 2005-01-07] (Windows (R) Server 2003 DDK provider)
R2 int15.sys; C:\Acer\Empowering Technology\eRecovery\int15.sys [69632 2005-01-13] ()
R0 m5287; C:\WINDOWS\System32\drivers\m5287.sys [85888 2005-02-05] (ULi Electronics Inc.)
S3 NdisFilt; C:\WINDOWS\System32\Drivers\NdisFilt.sys [5035 2004-06-07] (OSA Technologies)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 NETMNT; C:\WINDOWS\System32\DRIVERS\NETMNT.sys [9600 2005-05-02] ()
R1 OsaFsLoc; C:\WINDOWS\system32\drivers\OsaFsLoc.sys [11978 2005-07-19] (OSA Technologies)
R2 osaio; C:\WINDOWS\system32\drivers\osaio.sys [7296 2005-06-30] (OSA Technologies, An Avocent Company)
R2 osanbm; C:\WINDOWS\system32\drivers\osanbm.sys [4010 2005-01-14] (Windows (R) 2000 DDK provider)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [320120 2014-01-31] (Duplex Secure Ltd.)
R1 UBHelper; C:\WINDOWS\system32\Drivers\UBHelper.sys [13952 2004-12-17] ()
R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [234752 2005-06-27] (Marvell)
S3 cpuz130; No ImagePath
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TlntSvr;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-03-14 03:15 - 2014-03-14 03:15 - 00017852 _____ () C:\Documents and Settings\Owner\Plocha\FRST.txt
2014-03-14 03:13 - 2014-03-14 03:15 - 00000000 ____D () C:\FRST
2014-03-14 03:13 - 2014-03-14 03:13 - 00029696 _____ () C:\Documents and Settings\Owner\Local Settings\Data aplikací\MSGBOX.EXE
2014-03-14 03:13 - 2014-03-14 03:13 - 00015327 _____ () C:\Documents and Settings\Owner\Plocha\LM.bat
2014-03-14 03:12 - 2014-03-14 03:12 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Owner\Plocha\FRSTLauncher.exe
2014-03-14 03:11 - 2014-03-14 03:11 - 01145856 _____ (Farbar) C:\Documents and Settings\Owner\Plocha\FRST.exe
2014-03-14 02:56 - 2014-03-14 02:49 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2014-03-14 02:50 - 2014-03-14 02:57 - 00007435 _____ () C:\zoek-results.log
2014-03-14 02:49 - 2014-03-14 02:54 - 00000000 ____D () C:\zoek_backup
2014-03-14 02:48 - 2014-03-14 02:48 - 01285120 _____ () C:\Documents and Settings\Owner\Plocha\zoek.exe
2014-03-14 02:45 - 2014-03-14 02:57 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-14 02:45 - 2014-03-14 02:57 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-03-14 02:45 - 2014-03-14 02:45 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-03-14 02:44 - 2014-03-14 02:56 - 00005334 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-14 02:41 - 2014-03-14 02:43 - 00000000 ____D () C:\AdwCleaner
2014-03-14 02:41 - 2014-03-14 02:41 - 01950720 _____ () C:\Documents and Settings\Owner\Plocha\adwcleaner.exe
2014-03-14 02:35 - 2014-03-14 02:35 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-14 02:34 - 2014-03-14 02:34 - 01037734 _____ (Thisisu) C:\Documents and Settings\Owner\Plocha\JRT.exe
2014-03-14 02:33 - 2014-03-14 02:33 - 00000000 ____D () C:\WINDOWS\Tasks\ImCleanDisabled
2014-03-14 02:15 - 2014-03-14 02:15 - 00000000 ____D () C:\rsit
2014-03-14 02:15 - 2014-03-14 02:15 - 00000000 ____D () C:\Program Files\trend micro
2014-03-14 01:26 - 2014-03-14 01:26 - 00000000 ____D () C:\Program Files\Combined Community Codec Pack
2014-03-14 01:26 - 2014-03-14 01:26 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Combined Community Codec Pack
2014-03-14 01:26 - 2014-03-14 01:26 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Catalyst Control Center
2014-03-14 01:12 - 2014-03-14 01:12 - 00000000 ____D () C:\Program Files\ATI
2014-03-14 01:11 - 2014-03-14 01:11 - 00000000 ____D () C:\AMD
2014-03-13 03:15 - 2014-03-13 03:15 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-13 03:01 - 2014-03-14 03:12 - 00000000 ____D () C:\Documents and Settings\Owner\Dokumenty\Stažené soubory
2014-03-13 02:56 - 2014-03-13 02:56 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Data aplikací\Mozilla
2014-03-13 02:56 - 2014-03-13 02:56 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\Mozilla
2014-03-13 02:55 - 2014-03-14 01:27 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-13 02:55 - 2014-03-13 02:55 - 24501312 _____ (Mozilla) C:\Documents and Settings\Owner\Dokumenty\Firefox Setup 27.0.exe
2014-03-13 02:55 - 2014-03-13 02:55 - 00000734 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
2014-03-13 02:55 - 2014-03-13 02:55 - 00000728 _____ () C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
2014-03-13 02:55 - 2014-03-13 02:55 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Mozilla
2014-03-13 02:41 - 2014-03-14 01:35 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\Media Player Classic
2014-03-13 02:35 - 2014-03-13 02:35 - 09357880 _____ (CCCP Project ) C:\Documents and Settings\Owner\Dokumenty\Combined-Community-Codec-Pack-2013-04-20.exe
2014-03-01 16:28 - 2014-03-01 16:28 - 00000874 _____ () C:\Documents and Settings\Owner\Plocha\San Andreas Multiplayer.lnk
2014-03-01 16:28 - 2014-03-01 16:28 - 00000000 ____D () C:\Documents and Settings\Owner\Nabídka Start\Programy\San Andreas Multiplayer
2014-03-01 16:27 - 2014-03-01 16:28 - 11990847 _____ () C:\Documents and Settings\Owner\Dokumenty\sa-mp-0.3z-R1-install.exe
2014-03-01 14:17 - 2014-03-05 23:19 - 00202752 _____ () C:\Documents and Settings\Owner\Plocha\GTASAsf1.b
2014-02-26 19:39 - 2014-02-26 19:39 - 01191753 _____ () C:\Documents and Settings\Owner\Dokumenty\gtasa120cz.zip
2014-02-26 19:38 - 2014-03-01 16:28 - 00000000 ____D () C:\Documents and Settings\Owner\Dokumenty\GTA San Andreas User Files
2014-02-26 19:37 - 2014-02-26 19:37 - 00098304 _____ (Sony DADC Austria AG.) C:\WINDOWS\system32\CmdLineExt.dll
2014-02-26 19:26 - 2014-02-26 19:26 - 00001591 _____ () C:\Documents and Settings\All Users\Plocha\GTA San Andreas.lnk
2014-02-25 22:14 - 2014-02-25 22:14 - 00000000 ____D () C:\Documents and Settings\Owner\WINDOWS
2014-02-25 22:14 - 1998-02-06 21:37 - 00299520 _____ (InstallShield Corporation, Inc.) C:\WINDOWS\uninst.exe
2014-02-24 19:21 - 2014-02-24 19:46 - 00000000 ____D () C:\Documents and Settings\Owner\Dokumenty\Max Payne 2 Savegames
2014-02-24 19:20 - 2014-02-24 19:20 - 01486848 _____ (Remedy Entertainment) C:\Documents and Settings\Owner\Dokumenty\Max-Payne-2-crack-(alik).exe
2014-02-24 19:16 - 2014-02-26 19:26 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Rockstar Games
2014-02-24 18:54 - 2014-02-24 18:55 - 38542610 _____ () C:\Documents and Settings\Owner\Dokumenty\MaxPayne2CZ_komplet.exe
2014-02-24 18:52 - 2014-02-24 18:52 - 00001757 _____ () C:\Documents and Settings\Owner\Plocha\Max Payne 2.lnk
2014-02-24 18:42 - 2014-02-26 19:26 - 00000000 ____D () C:\Program Files\Rockstar Games
2014-02-22 13:28 - 2014-02-23 18:55 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Data aplikací\Game Dev Tycoon
2014-02-22 13:25 - 2014-02-22 13:25 - 00000633 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Game Dev Tycoon v1.3.2.lnk
2014-02-22 13:25 - 2014-02-22 13:25 - 00000627 _____ () C:\Documents and Settings\All Users\Plocha\Game Dev Tycoon v1.3.2.lnk
2014-02-22 13:25 - 2014-02-22 13:25 - 00000000 ____D () C:\Program Files\Game Dev Tycoon v1.3.2
2014-02-22 13:25 - 2013-04-29 23:19 - 00000000 ____D () C:\Documents and Settings\Owner\Dokumenty\Game.Dev.Tycoon-ALiAS
2014-02-22 13:07 - 2014-02-22 13:20 - 115532320 _____ () C:\Documents and Settings\Owner\Dokumenty\Game.Dev.Tycoon-ALiAS.rar
2014-02-15 14:14 - 2014-02-15 14:20 - 00000000 ____D () C:\Documents and Settings\Owner\Plocha\Flashka

==================== One Month Modified Files and Folders =======

2014-03-14 03:15 - 2014-03-14 03:15 - 00017852 _____ () C:\Documents and Settings\Owner\Plocha\FRST.txt
2014-03-14 03:15 - 2014-03-14 03:13 - 00000000 ____D () C:\FRST
2014-03-14 03:15 - 2013-10-03 15:34 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-14 03:15 - 2005-09-08 10:20 - 00000000 ____D () C:\Documents and Settings\Owner\Plocha
2014-03-14 03:13 - 2014-03-14 03:13 - 00029696 _____ () C:\Documents and Settings\Owner\Local Settings\Data aplikací\MSGBOX.EXE
2014-03-14 03:13 - 2014-03-14 03:13 - 00015327 _____ () C:\Documents and Settings\Owner\Plocha\LM.bat
2014-03-14 03:13 - 2005-09-08 10:20 - 00000000 ___HD () C:\Documents and Settings\Owner\Local Settings\Data aplikací
2014-03-14 03:12 - 2014-03-14 03:12 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Owner\Plocha\FRSTLauncher.exe
2014-03-14 03:12 - 2014-03-13 03:01 - 00000000 ____D () C:\Documents and Settings\Owner\Dokumenty\Stažené soubory
2014-03-14 03:11 - 2014-03-14 03:11 - 01145856 _____ (Farbar) C:\Documents and Settings\Owner\Plocha\FRST.exe
2014-03-14 02:57 - 2014-03-14 02:50 - 00007435 _____ () C:\zoek-results.log
2014-03-14 02:57 - 2014-03-14 02:45 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-14 02:57 - 2014-03-14 02:45 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-03-14 02:57 - 2013-12-24 12:39 - 00000270 _____ () C:\WINDOWS\Tasks\Driver Booster Scan.job
2014-03-14 02:57 - 2013-08-22 16:43 - 00000278 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-306829412-3668169067-3135776419-1003.job
2014-03-14 02:57 - 2013-08-22 16:42 - 00000934 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-14 02:57 - 2013-08-22 15:45 - 00000739 _____ () C:\WINDOWS\system32\eRLog.ini
2014-03-14 02:57 - 2005-09-08 10:55 - 00000000 ____D () C:\WINDOWS\system32\Lang
2014-03-14 02:57 - 2005-09-08 10:20 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-14 02:56 - 2014-03-14 02:44 - 00005334 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-14 02:56 - 2013-08-22 18:18 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2014-03-14 02:56 - 2005-09-08 10:20 - 00000178 ___SH () C:\Documents and Settings\Owner\ntuser.ini
2014-03-14 02:56 - 2005-09-08 10:16 - 00358925 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-14 02:54 - 2014-03-14 02:49 - 00000000 ____D () C:\zoek_backup
2014-03-14 02:54 - 2005-09-08 10:13 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2014-03-14 02:52 - 2013-08-22 16:42 - 00000938 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-14 02:49 - 2014-03-14 02:56 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2014-03-14 02:48 - 2014-03-14 02:48 - 01285120 _____ () C:\Documents and Settings\Owner\Plocha\zoek.exe
2014-03-14 02:45 - 2014-03-14 02:45 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-03-14 02:43 - 2014-03-14 02:41 - 00000000 ____D () C:\AdwCleaner
2014-03-14 02:43 - 2005-09-08 10:20 - 00000000 __RHD () C:\Documents and Settings\Owner\Data aplikací
2014-03-14 02:41 - 2014-03-14 02:41 - 01950720 _____ () C:\Documents and Settings\Owner\Plocha\adwcleaner.exe
2014-03-14 02:35 - 2014-03-14 02:35 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-14 02:34 - 2014-03-14 02:34 - 01037734 _____ (Thisisu) C:\Documents and Settings\Owner\Plocha\JRT.exe
2014-03-14 02:34 - 2005-09-08 10:20 - 00000000 ___RD () C:\Documents and Settings\Owner\Nabídka Start
2014-03-14 02:34 - 2005-09-08 10:13 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-03-14 02:34 - 2005-09-08 10:13 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2014-03-14 02:33 - 2014-03-14 02:33 - 00000000 ____D () C:\WINDOWS\Tasks\ImCleanDisabled
2014-03-14 02:33 - 2013-08-22 21:51 - 00000000 ____D () C:\Program Files\IObit
2014-03-14 02:23 - 2014-02-08 20:18 - 00000992 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-306829412-3668169067-3135776419-1003UA.job
2014-03-14 02:15 - 2014-03-14 02:15 - 00000000 ____D () C:\rsit
2014-03-14 02:15 - 2014-03-14 02:15 - 00000000 ____D () C:\Program Files\trend micro
2014-03-14 02:05 - 2005-09-08 10:20 - 00000000 ____D () C:\Documents and Settings\Owner
2014-03-14 02:05 - 2005-09-08 10:15 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-03-14 02:04 - 2013-11-16 22:40 - 00000000 ____D () C:\Qoobox
2014-03-14 01:35 - 2014-03-13 02:41 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\Media Player Classic
2014-03-14 01:32 - 2013-12-23 18:43 - 19988480 _____ () C:\WINDOWS\system32\config\SOFTWARE.iobit
2014-03-14 01:32 - 2013-12-23 18:43 - 00253952 _____ () C:\WINDOWS\system32\config\DEFAULT.iobit
2014-03-14 01:32 - 2013-12-23 18:43 - 00053248 _____ () C:\WINDOWS\system32\config\SECURITY.iobit
2014-03-14 01:32 - 2013-12-23 18:43 - 00024576 _____ () C:\WINDOWS\system32\config\SAM.iobit
2014-03-14 01:32 - 2005-09-08 10:20 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-03-14 01:32 - 2005-09-08 10:20 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-03-14 01:27 - 2014-03-13 02:55 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-14 01:26 - 2014-03-14 01:26 - 00000000 ____D () C:\Program Files\Combined Community Codec Pack
2014-03-14 01:26 - 2014-03-14 01:26 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Combined Community Codec Pack
2014-03-14 01:26 - 2014-03-14 01:26 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Catalyst Control Center
2014-03-14 01:26 - 2005-09-08 10:15 - 00000000 ____D () C:\WINDOWS\Registration
2014-03-14 01:12 - 2014-03-14 01:12 - 00000000 ____D () C:\Program Files\ATI
2014-03-14 01:11 - 2014-03-14 01:11 - 00000000 ____D () C:\AMD
2014-03-14 00:12 - 2013-08-22 21:02 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\Skype
2014-03-13 20:23 - 2014-02-08 20:18 - 00000970 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-306829412-3668169067-3135776419-1003Core.job
2014-03-13 18:22 - 2013-08-22 16:43 - 00000286 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-306829412-3668169067-3135776419-1003.job
2014-03-13 03:20 - 2013-11-02 15:33 - 00000000 ___RD () C:\Documents and Settings\Owner\Plocha\Hudba
2014-03-13 03:15 - 2014-03-13 03:15 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-13 03:01 - 2005-09-08 10:20 - 00000000 ___RD () C:\Documents and Settings\Owner\Dokumenty
2014-03-13 02:56 - 2014-03-13 02:56 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Data aplikací\Mozilla
2014-03-13 02:56 - 2014-03-13 02:56 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\Mozilla
2014-03-13 02:55 - 2014-03-13 02:55 - 24501312 _____ (Mozilla) C:\Documents and Settings\Owner\Dokumenty\Firefox Setup 27.0.exe
2014-03-13 02:55 - 2014-03-13 02:55 - 00000734 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
2014-03-13 02:55 - 2014-03-13 02:55 - 00000728 _____ () C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
2014-03-13 02:55 - 2014-03-13 02:55 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Mozilla
2014-03-13 02:35 - 2014-03-13 02:35 - 09357880 _____ (CCCP Project ) C:\Documents and Settings\Owner\Dokumenty\Combined-Community-Codec-Pack-2013-04-20.exe
2014-03-13 00:36 - 2013-09-01 18:18 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\vlc
2014-03-12 17:54 - 2014-02-11 18:40 - 00002283 _____ () C:\Documents and Settings\All Users\Plocha\Skype.lnk
2014-03-12 11:04 - 2013-10-03 15:34 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-03-12 11:04 - 2013-10-03 15:34 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-03-11 11:41 - 2013-10-23 22:46 - 00000000 ____D () C:\Documents and Settings\Owner\Dokumenty\POjuwqJUh85
2014-03-06 23:20 - 2013-11-02 15:33 - 00000000 ____D () C:\Documents and Settings\Owner\Plocha\Obrázky
2014-03-05 23:19 - 2014-03-01 14:17 - 00202752 _____ () C:\Documents and Settings\Owner\Plocha\GTASAsf1.b
2014-03-04 18:04 - 2013-08-22 16:42 - 00001817 _____ () C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2014-03-04 17:20 - 2013-10-03 15:30 - 00000000 ____D () C:\Program Files\Opera
2014-03-04 17:18 - 2005-09-08 10:09 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2014-03-02 14:24 - 2014-02-07 18:55 - 19881984 _____ () C:\WINDOWS\system32\config\SOFTWARE.iodefrag.bak
2014-03-02 14:24 - 2014-02-07 18:55 - 00253952 _____ () C:\WINDOWS\system32\config\DEFAULT.iodefrag.bak
2014-03-02 14:24 - 2014-02-07 18:55 - 00053248 _____ () C:\WINDOWS\system32\config\SECURITY.iodefrag.bak
2014-03-02 14:24 - 2014-02-07 18:55 - 00024576 _____ () C:\WINDOWS\system32\config\SAM.iodefrag.bak
2014-03-01 20:47 - 2014-01-19 16:13 - 00000000 ____D () C:\Program Files\Steam
2014-03-01 20:47 - 2013-08-24 17:25 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\League of Legends
2014-03-01 16:28 - 2014-03-01 16:28 - 00000874 _____ () C:\Documents and Settings\Owner\Plocha\San Andreas Multiplayer.lnk
2014-03-01 16:28 - 2014-03-01 16:28 - 00000000 ____D () C:\Documents and Settings\Owner\Nabídka Start\Programy\San Andreas Multiplayer
2014-03-01 16:28 - 2014-03-01 16:27 - 11990847 _____ () C:\Documents and Settings\Owner\Dokumenty\sa-mp-0.3z-R1-install.exe
2014-03-01 16:28 - 2014-02-26 19:38 - 00000000 ____D () C:\Documents and Settings\Owner\Dokumenty\GTA San Andreas User Files
2014-03-01 16:28 - 2005-09-08 10:20 - 00000000 ___RD () C:\Documents and Settings\Owner\Nabídka Start\Programy
2014-02-26 19:39 - 2014-02-26 19:39 - 01191753 _____ () C:\Documents and Settings\Owner\Dokumenty\gtasa120cz.zip
2014-02-26 19:37 - 2014-02-26 19:37 - 00098304 _____ (Sony DADC Austria AG.) C:\WINDOWS\system32\CmdLineExt.dll
2014-02-26 19:26 - 2014-02-26 19:26 - 00001591 _____ () C:\Documents and Settings\All Users\Plocha\GTA San Andreas.lnk
2014-02-26 19:26 - 2014-02-24 19:16 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Rockstar Games
2014-02-26 19:26 - 2014-02-24 18:42 - 00000000 ____D () C:\Program Files\Rockstar Games
2014-02-26 19:26 - 2005-09-08 10:24 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-02-25 22:21 - 2005-09-08 10:13 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start
2014-02-25 22:14 - 2014-02-25 22:14 - 00000000 ____D () C:\Documents and Settings\Owner\WINDOWS
2014-02-24 19:46 - 2014-02-24 19:21 - 00000000 ____D () C:\Documents and Settings\Owner\Dokumenty\Max Payne 2 Savegames
2014-02-24 19:20 - 2014-02-24 19:20 - 01486848 _____ (Remedy Entertainment) C:\Documents and Settings\Owner\Dokumenty\Max-Payne-2-crack-(alik).exe
2014-02-24 18:55 - 2014-02-24 18:54 - 38542610 _____ () C:\Documents and Settings\Owner\Dokumenty\MaxPayne2CZ_komplet.exe
2014-02-24 18:52 - 2014-02-24 18:52 - 00001757 _____ () C:\Documents and Settings\Owner\Plocha\Max Payne 2.lnk
2014-02-23 18:55 - 2014-02-22 13:28 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Data aplikací\Game Dev Tycoon
2014-02-22 13:25 - 2014-02-22 13:25 - 00000633 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Game Dev Tycoon v1.3.2.lnk
2014-02-22 13:25 - 2014-02-22 13:25 - 00000627 _____ () C:\Documents and Settings\All Users\Plocha\Game Dev Tycoon v1.3.2.lnk
2014-02-22 13:25 - 2014-02-22 13:25 - 00000000 ____D () C:\Program Files\Game Dev Tycoon v1.3.2
2014-02-22 13:20 - 2014-02-22 13:07 - 115532320 _____ () C:\Documents and Settings\Owner\Dokumenty\Game.Dev.Tycoon-ALiAS.rar
2014-02-15 14:20 - 2014-02-15 14:14 - 00000000 ____D () C:\Documents and Settings\Owner\Plocha\Flashka
2014-02-15 14:14 - 2013-12-08 21:06 - 00011264 _____ () C:\Documents and Settings\Owner\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some content of TEMP:
====================
C:\Documents and Settings\Owner\Local Settings\Temp\jre-7u51-windows-i586-iftw.exe

==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2005-09-08 10:08] - [2008-04-14 07:52] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\WINDOWS\system32\winlogon.exe
[2005-09-08 10:09] - [2008-04-14 07:52] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\WINDOWS\system32\svchost.exe
[2005-09-08 10:09] - [2008-04-14 07:52] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\WINDOWS\system32\services.exe
[2013-08-22 16:59] - [2008-04-14 07:52] - 0108544 ____A (Microsoft Corporation) f0d2ae69035092bf22dad6b50fab85c2

C:\WINDOWS\system32\User32.dll
[2005-09-08 10:09] - [2008-04-14 07:52] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\WINDOWS\system32\userinit.exe
[2013-08-22 16:59] - [2008-04-14 07:52] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\WINDOWS\system32\rpcss.dll
[2005-09-08 10:09] - [2008-04-14 07:51] - 0399360 ____A (Microsoft Corporation) c868f3ae15cf71a93f2aa3a32856d839

ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2013-08-22 16:59] - [2008-04-14 06:42] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1

==================== End Of Log ============================

Sichi · #13 Příspěvek od **Sichi** » 14 bře 2014 03:14

zde ještě Addition

#14 Příspěvek od **vyosek** » 14 bře 2014 03:16

Nasledujici soubory otestujte na VirusTotalu https://www.virustotal.com/cs/

C:\WINDOWS\system32\rpcss.dll
Kliknete na Choose file
Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
Kliknete na Scan It
Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
Vysledek analyzy sem vlozte (jako odkaz)

Sichi · #15 Příspěvek od **Sichi** » 14 bře 2014 03:22

https://www.virustotal.com/cs/file/7f08 ... 394764017/

VIRY.CZ

Velké využití CPU

Velké využití CPU

Re: Velké využití CPU

Re: Velké využití CPU

Re: Velké využití CPU

Re: Velké využití CPU

Re: Velké využití CPU

Re: Velké využití CPU

Re: Velké využití CPU

Re: Velké využití CPU

Re: Velké využití CPU

Re: Velké využití CPU

Re: Velké využití CPU

Re: Velké využití CPU

Re: Velké využití CPU

Re: Velké využití CPU