Nečekaně několikrát modrá smrt

[Slick-ace]

Dobrý den, v NTB mi několikrát nečekaně spadnul systém. Nestihl jsem bohužel opsat problém z modré obrazovky, složka Minidump je prázdná. Nevíte v čem je problém? Děkuji za pomoc.

Kód: Vybrat vše

Logfile of random's system information tool 1.06 (written by random/random)
Run by Owner at 2014-03-15 16:58:52
Microsoft Windows XP Home Edition Service Pack 3
System drive E: has 6 GB (19%) free of 30 GB
Total RAM: 1919 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:59:11, on 15.3.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21371)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\csrss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\AVAST Software\Avast\AvastSvc.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Java\jre7\bin\jqs.exe
E:\Program Files\Common Files\LightScribe\LSSrvc.exe
E:\Program Files\CyberLink\Shared Files\RichVideo.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\ATK0100\HControl.exe
E:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
E:\WINDOWS\RTHDCPL.EXE
E:\WINDOWS\sm56hlpr.exe
E:\WINDOWS\ATK0100\ATKOSD.exe
E:\Program Files\Wireless Console 2\wcourier.exe
E:\Program Files\Atheros\ACU.exe
E:\Program Files\AVAST Software\Avast\AvastUI.exe
E:\Program Files\Common Files\Java\Java Update\jusched.exe
E:\Program Files\ASUS\WLAN Card Utilities\Center.exe
E:\WINDOWS\system32\ASUSTPE.exe
E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\DAEMON Tools Lite\DTLite.exe
E:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
E:\WINDOWS\System32\alg.exe
E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
E:\instal\totalcmd\TOTALCMD.EXE
E:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
E:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
E:\Program Files\PC Connectivity Solution\Transports\NclToBTSrv.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\instal\RSIT.exe
E:\WINDOWS\system32\wbem\wmiprvse.exe
E:\Program Files\HijackThis\Owner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=ST9160821AS_5MA44GCSXXXX5MA44GCS&ts=1377336172
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=ST9160821AS_5MA44GCSXXXX5MA44GCS&ts=1377336172
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: 88.208.121.58 grower.cz
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - E:\instal\SkypePortable\App\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HControl] E:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [RemoteControl] "E:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SMSERIAL] E:\WINDOWS\sm56hlpr.exe
O4 - HKLM\..\Run: [Wireless Console 2] E:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [ACU] "E:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [Adobe ARM] "E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "E:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AvastUI.exe] "E:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Control Center] E:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKCU\..\Run: [ASUSTPE] E:\WINDOWS\system32\ASUSTPE.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [PC Suite Tray] "E:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Seagate NA4ME34E Product Registration.lnk = ?
O4 - Global Startup: WDSmartWare.lnk.disabled
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://E:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\instal\SkypePortable\App\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\instal\SkypePortable\App\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1363515334145
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos-beta/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - E:\instal\SkypePortable\App\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - E:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:  
O23 - Service: Atheros Configuration Service (ACS) - Atheros - E:\WINDOWS\system32\acs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - E:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Comodo Application Agent (CmdAgent) - Unknown owner - E:\Program Files\Comodo\Firewall\cmdagent.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - E:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - E:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - E:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - E:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - E:\instal\SkypePortable\App\Skype\Updater\Updater.exe

--
End of file - 10647 bytes

======Scheduled tasks folder======

E:\WINDOWS\tasks\avast! Emergency Update.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - E:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - E:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - E:\Program Files\Java\jre7\bin\ssv.dll [2014-01-19 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-07 1143168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - E:\instal\SkypePortable\App\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-08-16 3942048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - E:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-19 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-07 1143168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControl"=E:\WINDOWS\ATK0100\HControl.exe [2006-10-14 110592]
"RemoteControl"=E:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]
"RTHDCPL"=E:\WINDOWS\RTHDCPL.EXE [2006-10-30 16269312]
"SkyTel"=E:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"SMSERIAL"=E:\WINDOWS\sm56hlpr.exe [2006-03-21 544768]
"Wireless Console 2"=E:\Program Files\Wireless Console 2\wcourier.exe [2005-10-17 987136]
"ACU"=E:\Program Files\Atheros\ACU.exe [2006-11-17 348249]
"Adobe ARM"=E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"BCSSync"=E:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"AvastUI.exe"=E:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-07 3767096]
"SunJavaUpdateSched"=E:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"Control Center"=E:\Program Files\ASUS\WLAN Card Utilities\Center.exe [2006-11-10 1725440]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ASUSTPE"=E:\WINDOWS\system32\ASUSTPE.exe [2006-10-14 69632]
"SpybotSD TeaTimer"=E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"ctfmon.exe"=E:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=E:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"PC Suite Tray"=E:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]

E:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
WDSmartWare.lnk.disabled - E:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

E:\Documents and Settings\Owner\Nabídka Start\Programy\Po spuštění
Seagate NA4ME34E Product Registration.lnk - E:\Documents and Settings\Owner\Data aplikací\Leadertech\PowerRegister\Seagate NA4ME34E Product Registration.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
E:\WINDOWS\system32\Ati2evxx.dll [2007-02-02 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=E:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=0
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Program Files\QIP\qip.exe"="E:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"F:\games\CS 1.6\hl.exe"="F:\games\CS 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\WINDOWS\system32\dpvsetup.exe"="E:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"E:\instal\totalcmd\TOTALCMD.EXE"="E:\instal\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"E:\Program Files\CesarFTP\Server.exe"="E:\Program Files\CesarFTP\Server.exe:*:Enabled:Server"
"F:\games\CS 1.6\cstrike.exe"="F:\games\CS 1.6\cstrike.exe:*:Enabled:Counter-Strike Launcher"
"E:\Program Files\Mozilla Firefox\firefox.exe"="E:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"E:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe"="E:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\SkypePortable\App\Skype\Phone\Skype.exe"="C:\SkypePortable\App\Skype\Phone\Skype.exe:*:Enabled:Skype "
"E:\instal\JDownloader v0.9581\JDownloader.exe"="E:\instal\JDownloader v0.9581\JDownloader.exe:*:Enabled:JDownloader Launcher v4"
"H:\E\instal\JDownloader v0.9581\JDownloader.exe"="H:\E\instal\JDownloader v0.9581\JDownloader.exe:*:Enabled:JDownloader Launcher v4"
"E:\instal\JDownloader_v0.9581\JDownloader v0.9581\JDownloader.exe"="E:\instal\JDownloader_v0.9581\JDownloader v0.9581\JDownloader.exe:*:Enabled:JDownloader Launcher v4"
"E:\instal\SkypePortable\App\Skype\Phone\Skype.exe"="E:\instal\SkypePortable\App\Skype\Phone\Skype.exe:*:Enabled:Skype "
"E:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="E:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"E:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="E:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"E:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="E:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"E:\WINDOWS\KMSEmulator.exe"="E:\WINDOWS\KMSEmulator.exe:*:Enabled:KMSEmulator"
"E:\Program Files\Java\jre7\launch4j-tmp\frd.exe"="E:\Program Files\Java\jre7\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"F:\games\SF III\SFC3.exe"="F:\games\SF III\SFC3.exe:*:Enabled:Starfleet Command III - TNG"
"H:\dokumenty\IRC\ychat_ghey_portable_edition\X-Chat 2.8.6-2 Portable for Windows-HiGH\X-Chat 2.exe"="H:\dokumenty\IRC\ychat_ghey_portable_edition\X-Chat 2.8.6-2 Portable for Windows-HiGH\X-Chat 2.exe:*:Enabled:X-Chat IRC Client"
"E:\instal\ychat_ghey_portable_edition\X-Chat 2.8.6-2 Portable for Windows-HiGH\X-Chat 2.exe"="E:\instal\ychat_ghey_portable_edition\X-Chat 2.8.6-2 Portable for Windows-HiGH\X-Chat 2.exe:*:Enabled:X-Chat IRC Client"
"F:\games\CS 1.6\cstrike\hltv.exe"="F:\games\CS 1.6\cstrike\hltv.exe:*:Enabled:HLTV Launcher"
"F:\games\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe"="F:\games\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)"
"F:\games\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe"="F:\games\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0cc0873a-2254-11e0-ab42-001d60078c14}]
shell\AutoRun\command - "I:\WD SmartWare.exe" autoplay=true


======List of files/folders created in the last 1 months======

2014-03-15 11:12:40 ----A---- E:\WINDOWS\system32\CmdLineExt.dll
2014-03-15 11:10:16 ----A---- E:\WINDOWS\system32\xactengine2_5.dll
2014-03-15 11:10:16 ----A---- E:\WINDOWS\system32\d3dx9_32.dll
2014-03-15 11:10:15 ----A---- E:\WINDOWS\system32\xactengine2_4.dll
2014-03-15 11:10:15 ----A---- E:\WINDOWS\system32\x3daudio1_1.dll
2014-03-15 11:10:14 ----A---- E:\WINDOWS\system32\xinput1_2.dll
2014-03-15 11:10:14 ----A---- E:\WINDOWS\system32\xactengine2_3.dll
2014-03-15 11:10:13 ----A---- E:\WINDOWS\system32\xactengine2_2.dll
2014-03-15 11:10:12 ----A---- E:\WINDOWS\system32\xinput1_1.dll
2014-03-15 11:10:12 ----A---- E:\WINDOWS\system32\xactengine2_1.dll
2014-03-15 11:09:58 ----A---- E:\WINDOWS\system32\xactengine2_0.dll
2014-03-15 11:09:57 ----A---- E:\WINDOWS\system32\x3daudio1_0.dll
2014-03-15 11:09:57 ----A---- E:\WINDOWS\system32\d3dx9_29.dll
2014-03-15 11:09:55 ----A---- E:\WINDOWS\system32\xinput9_1_0.dll
2014-03-15 11:09:55 ----A---- E:\WINDOWS\system32\d3dx9_27.dll
2014-03-15 11:09:54 ----A---- E:\WINDOWS\system32\d3dx9_26.dll
2014-03-15 11:09:53 ----A---- E:\WINDOWS\system32\d3dx9_25.dll
2014-03-15 11:09:51 ----A---- E:\WINDOWS\system32\d3dx9_24.dll

======List of files/folders modified in the last 1 months======

2014-03-15 16:58:55 ----D---- E:\Program Files\HijackThis
2014-03-15 16:58:54 ----D---- E:\WINDOWS\Prefetch
2014-03-15 16:53:40 ----D---- E:\WINDOWS\Temp
2014-03-15 16:53:29 ----A---- E:\WINDOWS\wincmd.ini
2014-03-15 16:52:52 ----D---- E:\WINDOWS\system32\ias
2014-03-15 16:52:46 ----A---- E:\ASWL2K.ini
2014-03-15 16:48:24 ----A---- E:\WINDOWS\SchedLgU.Txt
2014-03-15 16:47:55 ----D---- E:\WINDOWS
2014-03-15 12:51:52 ----D---- E:\WINDOWS\system32
2014-03-15 12:51:52 ----A---- E:\WINDOWS\wininit.ini
2014-03-15 12:51:49 ----RD---- E:\Program Files
2014-03-15 12:51:40 ----D---- E:\Documents and Settings\All Users\Data aplikací\YoutubeAdblocker
2014-03-15 12:27:02 ----D---- E:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2014-03-15 12:26:30 ----D---- E:\Documents and Settings\Owner\Data aplikací\Media Player Classic
2014-03-15 12:24:23 ----D---- E:\WINDOWS\Debug
2014-03-15 12:22:09 ----D---- E:\Program Files\CCleaner
2014-03-15 11:16:38 ----HD---- E:\Program Files\InstallShield Installation Information
2014-03-15 11:16:34 ----SHD---- E:\WINDOWS\Installer
2014-03-15 11:16:33 ----D---- E:\Config.Msi
2014-03-15 11:10:19 ----D---- E:\WINDOWS\system32\DirectX
2014-03-15 11:10:17 ----HD---- E:\WINDOWS\inf
2014-03-15 11:10:11 ----RSD---- E:\WINDOWS\assembly
2014-03-15 11:10:01 ----D---- E:\WINDOWS\Microsoft.NET
2014-03-15 11:09:51 ----D---- E:\WINDOWS\system32\CatRoot2
2014-03-14 23:39:05 ----D---- E:\Program Files\Microsoft Silverlight
2014-03-14 23:19:19 ----RSHDC---- E:\WINDOWS\system32\dllcache
2014-03-14 23:19:08 ----D---- E:\Program Files\Internet Explorer
2014-03-14 23:18:27 ----D---- E:\WINDOWS\system32\cs-cz
2014-03-14 23:17:38 ----D---- E:\WINDOWS\ie7updates
2014-02-25 20:16:44 ----SD---- E:\WINDOWS\Tasks
2014-02-25 20:16:36 ----A---- E:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-25 20:12:30 ----D---- E:\Program Files\Mozilla Maintenance Service
2014-02-25 20:08:52 ----D---- E:\Program Files\SearchNewTab
2014-02-23 21:27:56 ----D---- E:\instal
2014-02-22 15:46:00 ----A---- E:\WINDOWS\NeroDigital.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; \??\E:\WINDOWS\system32\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; \??\E:\WINDOWS\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; \??\E:\WINDOWS\system32\drivers\aswSP.sys []
R1 aswTdi;aswTdi; \??\E:\WINDOWS\system32\drivers\aswTdi.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; E:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-01-25 218688]
R1 intelppm;Řadič procesoru Intel; E:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; E:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; E:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-09-17 20747]
R2 aswMonFlt;aswMonFlt; \??\E:\WINDOWS\system32\drivers\aswMonFlt.sys []
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\E:\WINDOWS\system32\ASNDIS5.SYS []
R3 AtcL002;NDIS Miniport Driver for Attansic L2 Fast Ethernet Adapter; E:\WINDOWS\system32\DRIVERS\atl02_xp.sys [2006-08-14 27776]
R3 ati2mtag;ati2mtag; E:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-02-02 1975296]
R3 BCM43XX;Ovladač síťového adaptéru ASUS 802.11; E:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-10-12 604928]
R3 CmBatt;Microsoft AC Adapter Driver; E:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; E:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); E:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-03 4394496]
R3 MODEMCSA;Unimodem Streaming Filter Device; E:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Ovladač myši standardu HID; E:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; E:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; E:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-02 5888]
R3 smserial;smserial; E:\WINDOWS\system32\DRIVERS\smserial.sys [2006-03-21 889472]
R3 SynMini;USB2.0 1.3M WebCam; E:\WINDOWS\System32\Drivers\SynMini.sys [2006-08-09 1116544]
R3 SynScan;USB2.0 1.3M WebCam Still Image; E:\WINDOWS\System32\Drivers\SynScan.sys [2006-08-09 7808]
R3 tosporte;Bluetooth Port Driver from Toshiba; E:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-04-19 47488]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; E:\WINDOWS\system32\DRIVERS\usbehci.sys [2009-03-18 30336]
R3 usbhub;Ovladač standardního rozbočovače USB; E:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S1 CmdMon;Comodo Application Engine; E:\WINDOWS\System32\DRIVERS\cmdmon.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; E:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 catchme;catchme; \??\E:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; E:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 dtscsi;dtscsi; E:\WINDOWS\System32\Drivers\dtscsi.sys [2007-09-14 223128]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\E:\download\everest\EVEREST Ultimate.Edition.5.30.1964\everestultimate_build_1964_p2djkdk8ytx\kerneld.wnt []
S3 k750bus;Sony Ericsson 750 driver (WDM); E:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; E:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2005-02-11 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; E:\WINDOWS\system32\DRIVERS\k750mdm.sys [2005-02-11 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; E:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2005-02-11 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; E:\WINDOWS\system32\DRIVERS\k750obex.sys [2005-02-11 79488]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\E:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; E:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; E:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; E:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; E:\WINDOWS\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; E:\WINDOWS\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; E:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-06-11 19072]
S3 RTSTOR;USB Mass Stroage Device; E:\WINDOWS\system32\drivers\RTSTOR.SYS []
S3 Ser2pl;CA-422 Serial port driver; E:\WINDOWS\system32\DRIVERS\ser2pl.sys [2005-03-19 43264]
S3 SLIP;BDA Slip De-Framer; E:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; E:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; E:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; E:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-05-18 110976]
S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; E:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-03-16 37632]
S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; E:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2006-05-09 62848]
S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; E:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; E:\WINDOWS\system32\drivers\TosRfSnd.sys [2006-03-15 52864]
S3 Tosrfusb;Bluetooth USB Controller; E:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-05-09 40192]
S3 upperdev;upperdev; E:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; E:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; E:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbser;USB Modem Driver; E:\WINDOWS\system32\drivers\usbser.sys [2013-08-29 26240]
S3 UsbserFilt;UsbserFilt; E:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 WDC_SAM;WD SCSI Pass Thru driver; E:\WINDOWS\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 Wdf01000;Kernel Mode Driver Frameworks service; E:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; E:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSIMD;wsimd Service; E:\WINDOWS\system32\DRIVERS\wsimd.sys [2006-07-20 54432]
S3 WSTCODEC;Dálnopisný kodek světového standardu; E:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 IntelIde;IntelIde; E:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; E:\WINDOWS\system32\Ati2evxx.exe [2007-02-02 446464]
R2 avast! Antivirus;avast! Antivirus; E:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-02-07 50344]
R2 JavaQuickStarterService;Java Quick Starter; E:\Program Files\Java\jre7\bin\jqs.exe [2014-01-19 182696]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; E:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); E:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-09-29 266343]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 ServiceLayer;ServiceLayer; E:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S2 ACS;Atheros Configuration Service; E:\WINDOWS\system32\acs.exe [2006-11-17 360533]
S2 CmdAgent;Comodo Application Agent; E:\Program Files\Comodo\Firewall\cmdagent.exe []
S2 SkypeUpdate;Skype Updater; E:\instal\SkypePortable\App\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 aspnet_state;ASP.NET State Service; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; E:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; E:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; E:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-14 118896]
S3 NBService;NBService; E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-03-26 779824]
S3 NMIndexingService;NMIndexingService; E:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-26 267824]
S3 ose;Office  Source Engine; E:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; E:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Rudy]

Zdravím!
Zkusíme NB vyčistit, nicméně se domnívám, že na vámi popisovanou závadu to nebude mít vliv. Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

NB se nepřehřívá?

[Slick-ace]

Díky. Přehřívání jsem nezaznamenal, větráček byl v době událostí po čištění od prachu a potichu, čistím ho pravidleně. Teploty z everestu: CPU: 49°C, HDD 51°C.

Zde je log:

Kód: Vybrat vše

# AdwCleaner v3.022 - Report created 15/03/2014 at 17:52:43
# Updated 13/03/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Owner - MU-85E3362A2036
# Running from : E:\Documents and Settings\Owner\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : E:\Documents and Settings\All Users\Data aplikací\QuickSet
Folder Deleted : E:\Documents and Settings\All Users\Data aplikací\Tarma Installer
[!] Folder Deleted : E:\Documents and Settings\All Users\Data aplikací\YoutubeAdblocker
Folder Deleted : E:\Documents and Settings\All Users\Data aplikací\BrowSoe2asaaveey
Folder Deleted : E:\Documents and Settings\All Users\Data aplikací\surf and KKEep
[!] Folder Deleted : E:\Documents and Settings\All Users\Data aplikací\YoutubeAdblocker
Folder Deleted : E:\Program Files\icqtoolbar
Folder Deleted : E:\Program Files\Minibar
Folder Deleted : E:\Documents and Settings\Owner\Local Settings\Data aplikací\Minibar
Folder Deleted : E:\Documents and Settings\Owner\Data aplikací\SkypEmoticons
Folder Deleted : E:\Documents and Settings\Owner\Data aplikací\Systweak
Folder Deleted : E:\Documents and Settings\Owner\Data aplikací\Web Cake
Folder Deleted : E:\Documents and Settings\Owner\Data aplikací\WinZipper
Folder Deleted : E:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\ee4b5d4m.default\Extensions\staged
Folder Deleted : E:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\ee4b5d4m.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
Folder Deleted : E:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\m5kplfhl.default-1377473544669\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
Folder Deleted : E:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\ee4b5d4m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
Folder Deleted : E:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\m5kplfhl.default-1377473544669\Extensions\eyai@yutqu.com
File Deleted : E:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\ee4b5d4m.default\user.js

***** [ Shortcuts ] *****

Shortcut Disinfected : E:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
Shortcut Disinfected : E:\Documents and Settings\Owner\Nabídka Start\Programy\Příslušenství\Systémové nástroje\Internet Explorer (bez doplňků).lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Key Deleted : HKLM\SOFTWARE\Classes\SearchNewTab.SearchNewTab
Key Deleted : HKLM\SOFTWARE\Classes\SearchNewTab.SearchNewTab.1.0
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\webcakeupdater
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{53290D38-BDA7-9B8F-6DAE-44C447785F06}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ICQToolbar
Key Deleted : HKCU\Software\LiveSupport
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\delta-homesSoftware
Key Deleted : HKLM\Software\hdcode
Key Deleted : HKLM\Software\Minibar
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\Software\winzipersvc
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AppsHat Mobile Apps
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AppsHat Mobile Apps
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Desk 365
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\LiveSupport_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SkypEmoticons_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\winzipper

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6000.21371

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v27.0.1 (cs)

[ File : E:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\ee4b5d4m.default\prefs.js ]

Line Deleted : user_pref("extensions.5161c7bdbed93.scode", "(function(){try{if('aol.com,mail.google.com,premiumreports.info,search.babylon.com,search.gboxapp.com'.indexOf(window.self.location.hostname)>-1) return;}c[...]
Line Deleted : user_pref("extensions.illimitux.ilx_pref_pt_veoh", true);
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
Line Deleted : user_pref("extentions.webcake.defaultEnableAppsList", "layers/banner,layers/inline,layers/search,layers/shopping,newOffers/wc");
Line Deleted : user_pref("extentions.webcake.installId", "b73aa2c9-ccc2-48af-a0b2-020502496fa9");

[ File : E:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\m5kplfhl.default-1377473544669\prefs.js ]


[ File : E:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qetrwxgm.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [12174 octets] - [15/03/2014 17:51:32]
AdwCleaner[S0].txt - [9195 octets] - [15/03/2014 17:52:43]

########## EOF - E:\AdwCleaner\AdwCleaner[S0].txt - [9255 octets] ##########

[Rudy]

Dejte nový log RSIT.

[Slick-ace]

Kód: Vybrat vše

Logfile of random's system information tool 1.06 (written by random/random)
Run by Owner at 2014-03-15 18:37:58
Microsoft Windows XP Home Edition Service Pack 3
System drive E: has 6 GB (19%) free of 30 GB
Total RAM: 1919 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:38:14, on 15.3.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21371)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\csrss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\Program Files\AVAST Software\Avast\AvastSvc.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Java\jre7\bin\jqs.exe
E:\Program Files\Common Files\LightScribe\LSSrvc.exe
E:\Program Files\CyberLink\Shared Files\RichVideo.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\ATK0100\HControl.exe
E:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
E:\WINDOWS\RTHDCPL.EXE
E:\WINDOWS\sm56hlpr.exe
E:\Program Files\Wireless Console 2\wcourier.exe
E:\Program Files\Atheros\ACU.exe
E:\Program Files\AVAST Software\Avast\AvastUI.exe
E:\Program Files\Common Files\Java\Java Update\jusched.exe
E:\Program Files\ASUS\WLAN Card Utilities\Center.exe
E:\WINDOWS\system32\ASUSTPE.exe
E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\DAEMON Tools Lite\DTLite.exe
E:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
E:\WINDOWS\ATK0100\ATKOSD.exe
E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
E:\WINDOWS\System32\alg.exe
E:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
E:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
E:\Program Files\PC Connectivity Solution\Transports\NclToBTSrv.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\instal\totalcmd\TOTALCMD.EXE
E:\download\everest\EVEREST Ultimate.Edition.5.30.1964\everestultimate_build_1964_p2djkdk8ytx\everest.exe
E:\Program Files\Mozilla Firefox\plugin-container.exe
E:\instal\RSIT.exe
E:\WINDOWS\system32\wbem\wmiprvse.exe
E:\Program Files\HijackThis\Owner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: 88.208.121.58 grower.cz
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HControl] E:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [RemoteControl] "E:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SMSERIAL] E:\WINDOWS\sm56hlpr.exe
O4 - HKLM\..\Run: [Wireless Console 2] E:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [ACU] "E:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [Adobe ARM] "E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "E:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AvastUI.exe] "E:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Control Center] E:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKCU\..\Run: [ASUSTPE] E:\WINDOWS\system32\ASUSTPE.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [PC Suite Tray] "E:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Seagate NA4ME34E Product Registration.lnk = ?
O4 - Global Startup: WDSmartWare.lnk.disabled
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://E:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\instal\SkypePortable\App\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\instal\SkypePortable\App\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1363515334145
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos-beta/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - E:\instal\SkypePortable\App\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - E:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:  
O23 - Service: Atheros Configuration Service (ACS) - Atheros - E:\WINDOWS\system32\acs.exe
O23 - Service: ASWLSVC - Unknown owner - E:\WINDOWS\system32\ASWLSVC.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - E:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Comodo Application Agent (CmdAgent) - Unknown owner - E:\Program Files\Comodo\Firewall\cmdagent.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - E:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - E:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - E:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - E:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - E:\instal\SkypePortable\App\Skype\Updater\Updater.exe

--
End of file - 10336 bytes

======Scheduled tasks folder======

E:\WINDOWS\tasks\avast! Emergency Update.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - E:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - E:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - E:\Program Files\Java\jre7\bin\ssv.dll [2014-01-19 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-07 1143168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - E:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-19 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-07 1143168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControl"=E:\WINDOWS\ATK0100\HControl.exe [2006-10-14 110592]
"RemoteControl"=E:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]
"RTHDCPL"=E:\WINDOWS\RTHDCPL.EXE [2006-10-30 16269312]
"SkyTel"=E:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"SMSERIAL"=E:\WINDOWS\sm56hlpr.exe [2006-03-21 544768]
"Wireless Console 2"=E:\Program Files\Wireless Console 2\wcourier.exe [2005-10-17 987136]
"ACU"=E:\Program Files\Atheros\ACU.exe [2006-11-17 348249]
"Adobe ARM"=E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"BCSSync"=E:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"AvastUI.exe"=E:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-07 3767096]
"SunJavaUpdateSched"=E:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"Control Center"=E:\Program Files\ASUS\WLAN Card Utilities\Center.exe [2006-11-10 1725440]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ASUSTPE"=E:\WINDOWS\system32\ASUSTPE.exe [2006-10-14 69632]
"SpybotSD TeaTimer"=E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"ctfmon.exe"=E:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=E:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"PC Suite Tray"=E:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]

E:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
WDSmartWare.lnk.disabled - E:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

E:\Documents and Settings\Owner\Nabídka Start\Programy\Po spuštění
Seagate NA4ME34E Product Registration.lnk - E:\Documents and Settings\Owner\Data aplikací\Leadertech\PowerRegister\Seagate NA4ME34E Product Registration.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
E:\WINDOWS\system32\Ati2evxx.dll [2007-02-02 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=E:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=0
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Program Files\QIP\qip.exe"="E:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"F:\games\CS 1.6\hl.exe"="F:\games\CS 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\WINDOWS\system32\dpvsetup.exe"="E:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"E:\instal\totalcmd\TOTALCMD.EXE"="E:\instal\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"E:\Program Files\CesarFTP\Server.exe"="E:\Program Files\CesarFTP\Server.exe:*:Enabled:Server"
"F:\games\CS 1.6\cstrike.exe"="F:\games\CS 1.6\cstrike.exe:*:Enabled:Counter-Strike Launcher"
"E:\Program Files\Mozilla Firefox\firefox.exe"="E:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"E:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe"="E:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\SkypePortable\App\Skype\Phone\Skype.exe"="C:\SkypePortable\App\Skype\Phone\Skype.exe:*:Enabled:Skype "
"E:\instal\JDownloader v0.9581\JDownloader.exe"="E:\instal\JDownloader v0.9581\JDownloader.exe:*:Enabled:JDownloader Launcher v4"
"H:\E\instal\JDownloader v0.9581\JDownloader.exe"="H:\E\instal\JDownloader v0.9581\JDownloader.exe:*:Enabled:JDownloader Launcher v4"
"E:\instal\JDownloader_v0.9581\JDownloader v0.9581\JDownloader.exe"="E:\instal\JDownloader_v0.9581\JDownloader v0.9581\JDownloader.exe:*:Enabled:JDownloader Launcher v4"
"E:\instal\SkypePortable\App\Skype\Phone\Skype.exe"="E:\instal\SkypePortable\App\Skype\Phone\Skype.exe:*:Enabled:Skype "
"E:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="E:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"E:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="E:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"E:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="E:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"E:\WINDOWS\KMSEmulator.exe"="E:\WINDOWS\KMSEmulator.exe:*:Enabled:KMSEmulator"
"E:\Program Files\Java\jre7\launch4j-tmp\frd.exe"="E:\Program Files\Java\jre7\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"F:\games\SF III\SFC3.exe"="F:\games\SF III\SFC3.exe:*:Enabled:Starfleet Command III - TNG"
"H:\dokumenty\IRC\ychat_ghey_portable_edition\X-Chat 2.8.6-2 Portable for Windows-HiGH\X-Chat 2.exe"="H:\dokumenty\IRC\ychat_ghey_portable_edition\X-Chat 2.8.6-2 Portable for Windows-HiGH\X-Chat 2.exe:*:Enabled:X-Chat IRC Client"
"E:\instal\ychat_ghey_portable_edition\X-Chat 2.8.6-2 Portable for Windows-HiGH\X-Chat 2.exe"="E:\instal\ychat_ghey_portable_edition\X-Chat 2.8.6-2 Portable for Windows-HiGH\X-Chat 2.exe:*:Enabled:X-Chat IRC Client"
"F:\games\CS 1.6\cstrike\hltv.exe"="F:\games\CS 1.6\cstrike\hltv.exe:*:Enabled:HLTV Launcher"
"F:\games\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe"="F:\games\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)"
"F:\games\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe"="F:\games\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0cc0873a-2254-11e0-ab42-001d60078c14}]
shell\AutoRun\command - "I:\WD SmartWare.exe" autoplay=true


======List of files/folders created in the last 1 months======

2014-03-15 17:51:23 ----D---- E:\AdwCleaner
2014-03-15 11:12:40 ----A---- E:\WINDOWS\system32\CmdLineExt.dll
2014-03-15 11:10:16 ----A---- E:\WINDOWS\system32\xactengine2_5.dll
2014-03-15 11:10:16 ----A---- E:\WINDOWS\system32\d3dx9_32.dll
2014-03-15 11:10:15 ----A---- E:\WINDOWS\system32\xactengine2_4.dll
2014-03-15 11:10:15 ----A---- E:\WINDOWS\system32\x3daudio1_1.dll
2014-03-15 11:10:14 ----A---- E:\WINDOWS\system32\xinput1_2.dll
2014-03-15 11:10:14 ----A---- E:\WINDOWS\system32\xactengine2_3.dll
2014-03-15 11:10:13 ----A---- E:\WINDOWS\system32\xactengine2_2.dll
2014-03-15 11:10:12 ----A---- E:\WINDOWS\system32\xinput1_1.dll
2014-03-15 11:10:12 ----A---- E:\WINDOWS\system32\xactengine2_1.dll
2014-03-15 11:09:58 ----A---- E:\WINDOWS\system32\xactengine2_0.dll
2014-03-15 11:09:57 ----A---- E:\WINDOWS\system32\x3daudio1_0.dll
2014-03-15 11:09:57 ----A---- E:\WINDOWS\system32\d3dx9_29.dll
2014-03-15 11:09:55 ----A---- E:\WINDOWS\system32\xinput9_1_0.dll
2014-03-15 11:09:55 ----A---- E:\WINDOWS\system32\d3dx9_27.dll
2014-03-15 11:09:54 ----A---- E:\WINDOWS\system32\d3dx9_26.dll
2014-03-15 11:09:53 ----A---- E:\WINDOWS\system32\d3dx9_25.dll
2014-03-15 11:09:51 ----A---- E:\WINDOWS\system32\d3dx9_24.dll

======List of files/folders modified in the last 1 months======

2014-03-15 18:38:01 ----D---- E:\Program Files\HijackThis
2014-03-15 17:59:28 ----A---- E:\WINDOWS\wincmd.ini
2014-03-15 17:56:30 ----D---- E:\WINDOWS\Prefetch
2014-03-15 17:56:01 ----D---- E:\WINDOWS\Temp
2014-03-15 17:55:59 ----D---- E:\WINDOWS\system32\ias
2014-03-15 17:55:52 ----A---- E:\ASWL2K.ini
2014-03-15 17:53:12 ----A---- E:\WINDOWS\SchedLgU.Txt
2014-03-15 17:52:45 ----RD---- E:\Program Files
2014-03-15 16:47:55 ----D---- E:\WINDOWS
2014-03-15 12:51:52 ----D---- E:\WINDOWS\system32
2014-03-15 12:51:52 ----A---- E:\WINDOWS\wininit.ini
2014-03-15 12:27:02 ----D---- E:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2014-03-15 12:26:30 ----D---- E:\Documents and Settings\Owner\Data aplikací\Media Player Classic
2014-03-15 12:24:23 ----D---- E:\WINDOWS\Debug
2014-03-15 12:22:09 ----D---- E:\Program Files\CCleaner
2014-03-15 11:16:38 ----HD---- E:\Program Files\InstallShield Installation Information
2014-03-15 11:16:34 ----SHD---- E:\WINDOWS\Installer
2014-03-15 11:16:33 ----D---- E:\Config.Msi
2014-03-15 11:10:19 ----D---- E:\WINDOWS\system32\DirectX
2014-03-15 11:10:17 ----HD---- E:\WINDOWS\inf
2014-03-15 11:10:11 ----RSD---- E:\WINDOWS\assembly
2014-03-15 11:10:01 ----D---- E:\WINDOWS\Microsoft.NET
2014-03-15 11:09:51 ----D---- E:\WINDOWS\system32\CatRoot2
2014-03-14 23:39:05 ----D---- E:\Program Files\Microsoft Silverlight
2014-03-14 23:19:19 ----RSHDC---- E:\WINDOWS\system32\dllcache
2014-03-14 23:19:08 ----D---- E:\Program Files\Internet Explorer
2014-03-14 23:18:27 ----D---- E:\WINDOWS\system32\cs-cz
2014-03-14 23:17:38 ----D---- E:\WINDOWS\ie7updates
2014-02-25 20:16:44 ----SD---- E:\WINDOWS\Tasks
2014-02-25 20:16:36 ----A---- E:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-25 20:12:30 ----D---- E:\Program Files\Mozilla Maintenance Service
2014-02-25 20:08:52 ----D---- E:\Program Files\SearchNewTab
2014-02-23 21:27:56 ----D---- E:\instal
2014-02-22 15:46:00 ----A---- E:\WINDOWS\NeroDigital.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; \??\E:\WINDOWS\system32\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; \??\E:\WINDOWS\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; \??\E:\WINDOWS\system32\drivers\aswSP.sys []
R1 aswTdi;aswTdi; \??\E:\WINDOWS\system32\drivers\aswTdi.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; E:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-01-25 218688]
R1 intelppm;Řadič procesoru Intel; E:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; E:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; E:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-09-17 20747]
R2 aswMonFlt;aswMonFlt; \??\E:\WINDOWS\system32\drivers\aswMonFlt.sys []
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\E:\WINDOWS\system32\ASNDIS5.SYS []
R3 AtcL002;NDIS Miniport Driver for Attansic L2 Fast Ethernet Adapter; E:\WINDOWS\system32\DRIVERS\atl02_xp.sys [2006-08-14 27776]
R3 ati2mtag;ati2mtag; E:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-02-02 1975296]
R3 BCM43XX;Ovladač síťového adaptéru ASUS 802.11; E:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-10-12 604928]
R3 CmBatt;Microsoft AC Adapter Driver; E:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\E:\download\everest\EVEREST Ultimate.Edition.5.30.1964\everestultimate_build_1964_p2djkdk8ytx\kerneld.wnt []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; E:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); E:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-03 4394496]
R3 MODEMCSA;Unimodem Streaming Filter Device; E:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Ovladač myši standardu HID; E:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; E:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; E:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-02 5888]
R3 smserial;smserial; E:\WINDOWS\system32\DRIVERS\smserial.sys [2006-03-21 889472]
R3 SynMini;USB2.0 1.3M WebCam; E:\WINDOWS\System32\Drivers\SynMini.sys [2006-08-09 1116544]
R3 SynScan;USB2.0 1.3M WebCam Still Image; E:\WINDOWS\System32\Drivers\SynScan.sys [2006-08-09 7808]
R3 tosporte;Bluetooth Port Driver from Toshiba; E:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-04-19 47488]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; E:\WINDOWS\system32\DRIVERS\usbehci.sys [2009-03-18 30336]
R3 usbhub;Ovladač standardního rozbočovače USB; E:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S1 CmdMon;Comodo Application Engine; E:\WINDOWS\System32\DRIVERS\cmdmon.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; E:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 catchme;catchme; \??\E:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; E:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 dtscsi;dtscsi; E:\WINDOWS\System32\Drivers\dtscsi.sys [2007-09-14 223128]
S3 k750bus;Sony Ericsson 750 driver (WDM); E:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; E:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2005-02-11 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; E:\WINDOWS\system32\DRIVERS\k750mdm.sys [2005-02-11 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; E:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2005-02-11 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; E:\WINDOWS\system32\DRIVERS\k750obex.sys [2005-02-11 79488]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\E:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; E:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; E:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; E:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; E:\WINDOWS\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; E:\WINDOWS\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; E:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-06-11 19072]
S3 RTSTOR;USB Mass Stroage Device; E:\WINDOWS\system32\drivers\RTSTOR.SYS []
S3 Ser2pl;CA-422 Serial port driver; E:\WINDOWS\system32\DRIVERS\ser2pl.sys [2005-03-19 43264]
S3 SLIP;BDA Slip De-Framer; E:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; E:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; E:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; E:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-05-18 110976]
S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; E:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-03-16 37632]
S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; E:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2006-05-09 62848]
S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; E:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; E:\WINDOWS\system32\drivers\TosRfSnd.sys [2006-03-15 52864]
S3 Tosrfusb;Bluetooth USB Controller; E:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-05-09 40192]
S3 upperdev;upperdev; E:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; E:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; E:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbser;USB Modem Driver; E:\WINDOWS\system32\drivers\usbser.sys [2013-08-29 26240]
S3 UsbserFilt;UsbserFilt; E:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 WDC_SAM;WD SCSI Pass Thru driver; E:\WINDOWS\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 Wdf01000;Kernel Mode Driver Frameworks service; E:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; E:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSIMD;wsimd Service; E:\WINDOWS\system32\DRIVERS\wsimd.sys [2006-07-20 54432]
S3 WSTCODEC;Dálnopisný kodek světového standardu; E:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 IntelIde;IntelIde; E:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; E:\WINDOWS\system32\Ati2evxx.exe [2007-02-02 446464]
R2 avast! Antivirus;avast! Antivirus; E:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-02-07 50344]
R2 JavaQuickStarterService;Java Quick Starter; E:\Program Files\Java\jre7\bin\jqs.exe [2014-01-19 182696]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; E:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); E:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-09-29 266343]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 ServiceLayer;ServiceLayer; E:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S2 ACS;Atheros Configuration Service; E:\WINDOWS\system32\acs.exe [2006-11-17 360533]
S2 ASWLSVC;ASWLSVC; E:\WINDOWS\system32\ASWLSVC.exe [2004-05-06 496640]
S2 CmdAgent;Comodo Application Agent; E:\Program Files\Comodo\Firewall\cmdagent.exe []
S2 SkypeUpdate;Skype Updater; E:\instal\SkypePortable\App\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 aspnet_state;ASP.NET State Service; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; E:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; E:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; E:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-14 118896]
S3 NBService;NBService; E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-03-26 779824]
S3 NMIndexingService;NMIndexingService; E:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-26 267824]
S3 ose;Office  Source Engine; E:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; E:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
E:\instal\SkypePortable\App\Skype\Toolbars

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0cc0873a-2254-11e0-ab42-001d60078c14}]

:commands
[Purity]
[Emptytemp]
[Emptyflash]
[Resethosts]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

[Slick-ace]

Kód: Vybrat vše

All processes killed
========== FILES ==========
E:\instal\SkypePortable\App\Skype\Toolbars\Shared folder moved successfully.
E:\instal\SkypePortable\App\Skype\Toolbars\Internet Explorer folder moved successfully.
E:\instal\SkypePortable\App\Skype\Toolbars folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0cc0873a-2254-11e0-ab42-001d60078c14}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0cc0873a-2254-11e0-ab42-001d60078c14}\ not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 0 bytes
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 32969 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Owner
->Temp folder emptied: 2536294 bytes
->Temporary Internet Files folder emptied: 1425465 bytes
->Java cache emptied: 1389811 bytes
->FireFox cache emptied: 141770449 bytes
->Flash cache emptied: 3448 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1500538 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 639018 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 43248204 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 184,00 mb
 
 
[EMPTYFLASH]
 
User: Administrator
 
User: All Users
 
User: Default User
 
User: LocalService
 
User: NetworkService
 
User: Owner
->Flash cache emptied: 0 bytes
 
Total Flash Files Cleaned = 0,00 mb
 
E:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTM by OldTimer - Version 3.1.21.0 log created on 03152014_230222

Files moved on Reboot...
File move failed. E:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Kód: Vybrat vše

Logfile of random's system information tool 1.06 (written by random/random)
Run by Owner at 2014-03-15 23:09:31
Microsoft Windows XP Home Edition Service Pack 3
System drive E: has 6 GB (19%) free of 30 GB
Total RAM: 1919 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:09:47, on 15.3.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21371)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\csrss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\Program Files\AVAST Software\Avast\AvastSvc.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Java\jre7\bin\jqs.exe
E:\Program Files\Common Files\LightScribe\LSSrvc.exe
E:\Program Files\CyberLink\Shared Files\RichVideo.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\wuauclt.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\System32\alg.exe
E:\WINDOWS\notepad.exe
E:\WINDOWS\ATK0100\HControl.exe
E:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
E:\WINDOWS\ATK0100\ATKOSD.exe
E:\WINDOWS\RTHDCPL.EXE
E:\WINDOWS\sm56hlpr.exe
E:\Program Files\Wireless Console 2\wcourier.exe
E:\Program Files\Atheros\ACU.exe
E:\Program Files\AVAST Software\Avast\AvastUI.exe
E:\Program Files\ASUS\WLAN Card Utilities\Center.exe
E:\WINDOWS\system32\ASUSTPE.exe
E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\DAEMON Tools Lite\DTLite.exe
E:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
E:\WINDOWS\system32\wscntfy.exe
E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
E:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
E:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
E:\Program Files\PC Connectivity Solution\Transports\NclToBTSrv.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\instal\totalcmd\TOTALCMD.EXE
E:\instal\RSIT.exe
E:\WINDOWS\system32\wbem\wmiprvse.exe
E:\Program Files\HijackThis\Owner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HControl] E:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [RemoteControl] "E:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SMSERIAL] E:\WINDOWS\sm56hlpr.exe
O4 - HKLM\..\Run: [Wireless Console 2] E:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [ACU] "E:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [Adobe ARM] "E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "E:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AvastUI.exe] "E:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Control Center] E:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKCU\..\Run: [ASUSTPE] E:\WINDOWS\system32\ASUSTPE.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [PC Suite Tray] "E:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Seagate NA4ME34E Product Registration.lnk = ?
O4 - Global Startup: WDSmartWare.lnk.disabled
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://E:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\instal\SkypePortable\App\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\instal\SkypePortable\App\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1363515334145
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos-beta/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - E:\instal\SkypePortable\App\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - E:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:  
O23 - Service: Atheros Configuration Service (ACS) - Atheros - E:\WINDOWS\system32\acs.exe
O23 - Service: ASWLSVC - Unknown owner - E:\WINDOWS\system32\ASWLSVC.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - E:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Comodo Application Agent (CmdAgent) - Unknown owner - E:\Program Files\Comodo\Firewall\cmdagent.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - E:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - E:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - E:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - E:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - E:\instal\SkypePortable\App\Skype\Updater\Updater.exe

--
End of file - 10173 bytes

======Scheduled tasks folder======

E:\WINDOWS\tasks\avast! Emergency Update.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - E:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - E:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - E:\Program Files\Java\jre7\bin\ssv.dll [2014-01-19 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-07 1143168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - E:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-19 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-07 1143168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControl"=E:\WINDOWS\ATK0100\HControl.exe [2006-10-14 110592]
"RemoteControl"=E:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]
"RTHDCPL"=E:\WINDOWS\RTHDCPL.EXE [2006-10-30 16269312]
"SkyTel"=E:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"SMSERIAL"=E:\WINDOWS\sm56hlpr.exe [2006-03-21 544768]
"Wireless Console 2"=E:\Program Files\Wireless Console 2\wcourier.exe [2005-10-17 987136]
"ACU"=E:\Program Files\Atheros\ACU.exe [2006-11-17 348249]
"Adobe ARM"=E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"BCSSync"=E:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"AvastUI.exe"=E:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-07 3767096]
"Control Center"=E:\Program Files\ASUS\WLAN Card Utilities\Center.exe [2006-11-10 1725440]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ASUSTPE"=E:\WINDOWS\system32\ASUSTPE.exe [2006-10-14 69632]
"SpybotSD TeaTimer"=E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"ctfmon.exe"=E:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=E:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"PC Suite Tray"=E:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]

E:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
WDSmartWare.lnk.disabled - E:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

E:\Documents and Settings\Owner\Nabídka Start\Programy\Po spuštění
Seagate NA4ME34E Product Registration.lnk - E:\Documents and Settings\Owner\Data aplikací\Leadertech\PowerRegister\Seagate NA4ME34E Product Registration.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
E:\WINDOWS\system32\Ati2evxx.dll [2007-02-02 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=E:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=0
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Program Files\QIP\qip.exe"="E:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"F:\games\CS 1.6\hl.exe"="F:\games\CS 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\WINDOWS\system32\dpvsetup.exe"="E:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"E:\instal\totalcmd\TOTALCMD.EXE"="E:\instal\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"E:\Program Files\CesarFTP\Server.exe"="E:\Program Files\CesarFTP\Server.exe:*:Enabled:Server"
"F:\games\CS 1.6\cstrike.exe"="F:\games\CS 1.6\cstrike.exe:*:Enabled:Counter-Strike Launcher"
"E:\Program Files\Mozilla Firefox\firefox.exe"="E:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"E:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe"="E:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\SkypePortable\App\Skype\Phone\Skype.exe"="C:\SkypePortable\App\Skype\Phone\Skype.exe:*:Enabled:Skype "
"E:\instal\JDownloader v0.9581\JDownloader.exe"="E:\instal\JDownloader v0.9581\JDownloader.exe:*:Enabled:JDownloader Launcher v4"
"H:\E\instal\JDownloader v0.9581\JDownloader.exe"="H:\E\instal\JDownloader v0.9581\JDownloader.exe:*:Enabled:JDownloader Launcher v4"
"E:\instal\JDownloader_v0.9581\JDownloader v0.9581\JDownloader.exe"="E:\instal\JDownloader_v0.9581\JDownloader v0.9581\JDownloader.exe:*:Enabled:JDownloader Launcher v4"
"E:\instal\SkypePortable\App\Skype\Phone\Skype.exe"="E:\instal\SkypePortable\App\Skype\Phone\Skype.exe:*:Enabled:Skype "
"E:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="E:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"E:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="E:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"E:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="E:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"E:\WINDOWS\KMSEmulator.exe"="E:\WINDOWS\KMSEmulator.exe:*:Enabled:KMSEmulator"
"E:\Program Files\Java\jre7\launch4j-tmp\frd.exe"="E:\Program Files\Java\jre7\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"F:\games\SF III\SFC3.exe"="F:\games\SF III\SFC3.exe:*:Enabled:Starfleet Command III - TNG"
"H:\dokumenty\IRC\ychat_ghey_portable_edition\X-Chat 2.8.6-2 Portable for Windows-HiGH\X-Chat 2.exe"="H:\dokumenty\IRC\ychat_ghey_portable_edition\X-Chat 2.8.6-2 Portable for Windows-HiGH\X-Chat 2.exe:*:Enabled:X-Chat IRC Client"
"E:\instal\ychat_ghey_portable_edition\X-Chat 2.8.6-2 Portable for Windows-HiGH\X-Chat 2.exe"="E:\instal\ychat_ghey_portable_edition\X-Chat 2.8.6-2 Portable for Windows-HiGH\X-Chat 2.exe:*:Enabled:X-Chat IRC Client"
"F:\games\CS 1.6\cstrike\hltv.exe"="F:\games\CS 1.6\cstrike\hltv.exe:*:Enabled:HLTV Launcher"
"F:\games\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe"="F:\games\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)"
"F:\games\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe"="F:\games\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2014-03-15 23:02:22 ----D---- E:\_OTM
2014-03-15 17:51:23 ----D---- E:\AdwCleaner
2014-03-15 11:12:40 ----A---- E:\WINDOWS\system32\CmdLineExt.dll
2014-03-15 11:10:16 ----A---- E:\WINDOWS\system32\xactengine2_5.dll
2014-03-15 11:10:16 ----A---- E:\WINDOWS\system32\d3dx9_32.dll
2014-03-15 11:10:15 ----A---- E:\WINDOWS\system32\xactengine2_4.dll
2014-03-15 11:10:15 ----A---- E:\WINDOWS\system32\x3daudio1_1.dll
2014-03-15 11:10:14 ----A---- E:\WINDOWS\system32\xinput1_2.dll
2014-03-15 11:10:14 ----A---- E:\WINDOWS\system32\xactengine2_3.dll
2014-03-15 11:10:13 ----A---- E:\WINDOWS\system32\xactengine2_2.dll
2014-03-15 11:10:12 ----A---- E:\WINDOWS\system32\xinput1_1.dll
2014-03-15 11:10:12 ----A---- E:\WINDOWS\system32\xactengine2_1.dll
2014-03-15 11:09:58 ----A---- E:\WINDOWS\system32\xactengine2_0.dll
2014-03-15 11:09:57 ----A---- E:\WINDOWS\system32\x3daudio1_0.dll
2014-03-15 11:09:57 ----A---- E:\WINDOWS\system32\d3dx9_29.dll
2014-03-15 11:09:55 ----A---- E:\WINDOWS\system32\xinput9_1_0.dll
2014-03-15 11:09:55 ----A---- E:\WINDOWS\system32\d3dx9_27.dll
2014-03-15 11:09:54 ----A---- E:\WINDOWS\system32\d3dx9_26.dll
2014-03-15 11:09:53 ----A---- E:\WINDOWS\system32\d3dx9_25.dll
2014-03-15 11:09:51 ----A---- E:\WINDOWS\system32\d3dx9_24.dll

======List of files/folders modified in the last 1 months======

2014-03-15 23:09:33 ----D---- E:\Program Files\HijackThis
2014-03-15 23:09:21 ----A---- E:\WINDOWS\wincmd.ini
2014-03-15 23:06:15 ----D---- E:\WINDOWS\Prefetch
2014-03-15 23:05:58 ----A---- E:\ASWL2K.ini
2014-03-15 23:05:53 ----D---- E:\WINDOWS\Temp
2014-03-15 23:04:50 ----D---- E:\WINDOWS\system32\ias
2014-03-15 23:02:57 ----A---- E:\WINDOWS\SchedLgU.Txt
2014-03-15 23:02:44 ----D---- E:\WINDOWS
2014-03-15 17:52:45 ----RD---- E:\Program Files
2014-03-15 12:51:52 ----D---- E:\WINDOWS\system32
2014-03-15 12:51:52 ----A---- E:\WINDOWS\wininit.ini
2014-03-15 12:27:02 ----D---- E:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2014-03-15 12:26:30 ----D---- E:\Documents and Settings\Owner\Data aplikací\Media Player Classic
2014-03-15 12:24:23 ----D---- E:\WINDOWS\Debug
2014-03-15 12:22:09 ----D---- E:\Program Files\CCleaner
2014-03-15 11:16:38 ----HD---- E:\Program Files\InstallShield Installation Information
2014-03-15 11:16:34 ----SHD---- E:\WINDOWS\Installer
2014-03-15 11:16:33 ----D---- E:\Config.Msi
2014-03-15 11:10:19 ----D---- E:\WINDOWS\system32\DirectX
2014-03-15 11:10:17 ----HD---- E:\WINDOWS\inf
2014-03-15 11:10:11 ----RSD---- E:\WINDOWS\assembly
2014-03-15 11:10:01 ----D---- E:\WINDOWS\Microsoft.NET
2014-03-15 11:09:51 ----D---- E:\WINDOWS\system32\CatRoot2
2014-03-14 23:39:05 ----D---- E:\Program Files\Microsoft Silverlight
2014-03-14 23:19:19 ----RSHDC---- E:\WINDOWS\system32\dllcache
2014-03-14 23:19:08 ----D---- E:\Program Files\Internet Explorer
2014-03-14 23:18:27 ----D---- E:\WINDOWS\system32\cs-cz
2014-03-14 23:17:38 ----D---- E:\WINDOWS\ie7updates
2014-02-25 20:16:44 ----SD---- E:\WINDOWS\Tasks
2014-02-25 20:16:36 ----A---- E:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-25 20:12:30 ----D---- E:\Program Files\Mozilla Maintenance Service
2014-02-25 20:08:52 ----D---- E:\Program Files\SearchNewTab
2014-02-23 21:27:56 ----D---- E:\instal
2014-02-22 15:46:00 ----A---- E:\WINDOWS\NeroDigital.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; \??\E:\WINDOWS\system32\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; \??\E:\WINDOWS\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; \??\E:\WINDOWS\system32\drivers\aswSP.sys []
R1 aswTdi;aswTdi; \??\E:\WINDOWS\system32\drivers\aswTdi.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; E:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-01-25 218688]
R1 intelppm;Řadič procesoru Intel; E:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; E:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; E:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-09-17 20747]
R2 aswMonFlt;aswMonFlt; \??\E:\WINDOWS\system32\drivers\aswMonFlt.sys []
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\E:\WINDOWS\system32\ASNDIS5.SYS []
R3 AtcL002;NDIS Miniport Driver for Attansic L2 Fast Ethernet Adapter; E:\WINDOWS\system32\DRIVERS\atl02_xp.sys [2006-08-14 27776]
R3 ati2mtag;ati2mtag; E:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-02-02 1975296]
R3 BCM43XX;Ovladač síťového adaptéru ASUS 802.11; E:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-10-12 604928]
R3 CmBatt;Microsoft AC Adapter Driver; E:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; E:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); E:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-03 4394496]
R3 MODEMCSA;Unimodem Streaming Filter Device; E:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Ovladač myši standardu HID; E:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; E:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; E:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-02 5888]
R3 smserial;smserial; E:\WINDOWS\system32\DRIVERS\smserial.sys [2006-03-21 889472]
R3 SynMini;USB2.0 1.3M WebCam; E:\WINDOWS\System32\Drivers\SynMini.sys [2006-08-09 1116544]
R3 SynScan;USB2.0 1.3M WebCam Still Image; E:\WINDOWS\System32\Drivers\SynScan.sys [2006-08-09 7808]
R3 tosporte;Bluetooth Port Driver from Toshiba; E:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-04-19 47488]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; E:\WINDOWS\system32\DRIVERS\usbehci.sys [2009-03-18 30336]
R3 usbhub;Ovladač standardního rozbočovače USB; E:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S1 CmdMon;Comodo Application Engine; E:\WINDOWS\System32\DRIVERS\cmdmon.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; E:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 catchme;catchme; \??\E:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; E:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 dtscsi;dtscsi; E:\WINDOWS\System32\Drivers\dtscsi.sys [2007-09-14 223128]
S3 k750bus;Sony Ericsson 750 driver (WDM); E:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; E:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2005-02-11 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; E:\WINDOWS\system32\DRIVERS\k750mdm.sys [2005-02-11 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; E:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2005-02-11 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; E:\WINDOWS\system32\DRIVERS\k750obex.sys [2005-02-11 79488]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\E:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; E:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; E:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; E:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; E:\WINDOWS\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; E:\WINDOWS\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; E:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-06-11 19072]
S3 RTSTOR;USB Mass Stroage Device; E:\WINDOWS\system32\drivers\RTSTOR.SYS []
S3 Ser2pl;CA-422 Serial port driver; E:\WINDOWS\system32\DRIVERS\ser2pl.sys [2005-03-19 43264]
S3 SLIP;BDA Slip De-Framer; E:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; E:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; E:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; E:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-05-18 110976]
S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; E:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-03-16 37632]
S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; E:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2006-05-09 62848]
S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; E:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; E:\WINDOWS\system32\drivers\TosRfSnd.sys [2006-03-15 52864]
S3 Tosrfusb;Bluetooth USB Controller; E:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-05-09 40192]
S3 upperdev;upperdev; E:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; E:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; E:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbser;USB Modem Driver; E:\WINDOWS\system32\drivers\usbser.sys [2013-08-29 26240]
S3 UsbserFilt;UsbserFilt; E:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 WDC_SAM;WD SCSI Pass Thru driver; E:\WINDOWS\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 Wdf01000;Kernel Mode Driver Frameworks service; E:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; E:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSIMD;wsimd Service; E:\WINDOWS\system32\DRIVERS\wsimd.sys [2006-07-20 54432]
S3 WSTCODEC;Dálnopisný kodek světového standardu; E:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 IntelIde;IntelIde; E:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; E:\WINDOWS\system32\Ati2evxx.exe [2007-02-02 446464]
R2 avast! Antivirus;avast! Antivirus; E:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-02-07 50344]
R2 JavaQuickStarterService;Java Quick Starter; E:\Program Files\Java\jre7\bin\jqs.exe [2014-01-19 182696]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; E:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); E:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-09-29 266343]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 ServiceLayer;ServiceLayer; E:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S2 ACS;Atheros Configuration Service; E:\WINDOWS\system32\acs.exe [2006-11-17 360533]
S2 ASWLSVC;ASWLSVC; E:\WINDOWS\system32\ASWLSVC.exe [2004-05-06 496640]
S2 CmdAgent;Comodo Application Agent; E:\Program Files\Comodo\Firewall\cmdagent.exe []
S2 SkypeUpdate;Skype Updater; E:\instal\SkypePortable\App\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 aspnet_state;ASP.NET State Service; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; E:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; E:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; E:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-14 118896]
S3 NBService;NBService; E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-03-26 779824]
S3 NMIndexingService;NMIndexingService; E:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-26 267824]
S3 ose;Office  Source Engine; E:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; E:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Rudy]

Dvouklikem na soubor E:\Program Files\HijackThis\Owner.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.bing.com
O2 - BHO: (no name) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - (no file)
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\instal\SkypePortable\App\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\instal\SkypePortable\App\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - E:\instal\SkypePortable\App\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O20 - AppInit_DLLs:

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

[Slick-ace]

Hotovo, žádný kontrolní log mi tu nevyskočil.

[Rudy]

Tady žádný nevyskočí. Teď otevřte adresář E:\windows\minidump, jeho obsah zabalte do raru a přilložte k vašemu příštímu postu.

[Slick-ace]

Ok, přiloženo:

[Rudy]

Adresář je prázdný. Hlídejte teď chod PC a v případě nějaké anomálie se ozvěte.

[Slick-ace]

Ok, díky moc za váš čas a pomoc.

[Rudy]

Rádo se stalo!