Prosím o kontrolu-Pomalý PC

[BloodLuke]

Ahoj,prosím vás jestli byste mi nepomohli,mám problémy,když hraji hru TF2.Když hru zapnu a opět vypnu PC je hodně zabržděné např. při otvírání prohlížeče musím počkat až 1-2 min. něž se zpamatuje.MYslím,že mám něco s PC anebo je hra velmi náročná.Včera jsem jsi dal test Avastu a měl jsem 3 viry. A už mi cca týden dva blbne připojení internetu. (vysoký ping)

Zde je Log s RSITu:

Logfile of random's system information tool 1.09 (written by random/random)
Run by BoodLuke at 2014-04-17 13:55:44
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 215 GB (45%) free of 477 GB
Total RAM: 3583 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:55:51, on 17.4.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Google\Update\1.3.23.9\GoogleCrashHandler.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\WINDOWS\vVX1000.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Surftastic\bin\utilSurftastic.exe
C:\Program Files\Surftastic\bin\Surftastic.BrowserAdapter.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Surftastic\bin\FilterApp_C.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Surftastic\updateSurftastic.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\BoodLuke\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\BoodLuke.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_s ... 3&tsp=5187
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MI1933~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MI1933~1\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Surftastic - {c6673938-a52b-4dc6-af05-783e7e2c8b65} - C:\Program Files\Surftastic\Surftasticbho.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [XFast LAN] C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MI1933~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP1\RpcAgentSrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Update Surftastic - Unknown owner - C:\Program Files\Surftastic\updateSurftastic.exe
O23 - Service: Util Surftastic - Unknown owner - C:\Program Files\Surftastic\bin\utilSurftastic.exe

--
End of file - 7122 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AmiUpdXp.job
C:\WINDOWS\tasks\Auslogics Disk Defrag Prof Task {00000001-46EC-44A7-9B6B-6777D338F665} for BoodLuke.job
C:\WINDOWS\tasks\Auslogics Disk Defrag Prof Task {00000001-9B89-48AF-A87B-53413E3B5CA9} for BoodLuke.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\BoodLuke\Data aplikací\Mozilla\Firefox\Profiles\8il94vqn.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.buenosearch.com/?babsrc=HP_s ... 3&tsp=5187"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
"ext@MediaWatchV1home9180.net"=C:\Program Files\MediaWatchV1\MediaWatchV1home9180\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1210150.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\npNxGameeu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.449]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]
"Description"=6.0.12.448
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsJSRealPlayerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll
nppl3260.dll
nprpjplug.dll
npwachk.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Documents and Settings\BoodLuke\Data aplikací\Mozilla\Firefox\Profiles\8il94vqn.default\extensions\
ascsurfingprotection@iobit.com
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Documents and Settings\BoodLuke\Data aplikací\Mozilla\Firefox\Profiles\8il94vqn.default\searchplugins\
yahoo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MI1933~1\Office14\GROOVEEX.DLL [2013-03-09 4171464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MI1933~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-11-25 665408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c6673938-a52b-4dc6-af05-783e7e2c8b65}]
Surftastic - C:\Program Files\Surftastic\Surftasticbho.dll [2014-03-28 249632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"XFast LAN"=C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [2011-10-19 1202560]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2014-02-07 311616]
"VX1000"=C:\WINDOWS\vVX1000.exe [2010-05-20 762736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-02-10 20922016]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2014-02-07 1564992]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2013-06-07 774680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\20131121]
C:\Program Files\AVAST Software\Avast\setup\emupdate\0bbbe67a-3659-4e7e-ba02-40257a75237f.exe [2013-11-25 180184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]
C:\WINDOWS\AutoKMS.exe [2014-01-15 615936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cFosSpeed]
C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [2011-10-19 1202560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Documents and Settings\BoodLuke\Data aplikací\Seznam.cz\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Documents and Settings\BoodLuke\Data aplikací\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Program Files\Origin\Origin.exe [2013-10-22 3561816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX100 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE [2008-02-05 188928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Documents and Settings\BoodLuke\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [2013-07-23 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GB_UPDATE]
C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe [2013-06-05 2051688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2013-05-31 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
C:\Program Files\Microsoft LifeCam\LifeExp.exe [2010-05-20 119152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2013-10-01 2345296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-09-24 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\steam.exe [2014-02-25 1821888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000]
C:\WINDOWS\vVX1000.exe [2010-05-20 762736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2013-06-07 774680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Wireless Utility.lnk]
C:\PROGRA~1\Edimax\Common\RaUI.exe [2010-01-13 1638400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^BoodLuke^Nabídka Start^Programy^Po spuštění^hamachi.lnk]
C:\PROGRA~1\Hamachi\hamachi.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^BoodLuke^Nabídka Start^Programy^Po spuštění^PSPdisp.lnk]
C:\PROGRA~1\PSPdisp\bin\app\PSPdisp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TeamViewer8"=2
"SwitchBoard"=3
"SkypeUpdate"=2
"RalinkRegistryWriter"=2
"PnkBstrB"=2
"PnkBstrA"=3
"NAUpdate"=2
"MSCamSvc"=2
"MozillaMaintenance"=3
"iPod Service"=3
"idsvc"=3
"IDriverT"=3
"Hamachi2Svc"=3
"gupdatem"=3
"gupdate"=2
"cFosSpeedS"=2
"Bonjour Service"=2
"Ati HotKey Poller"=2
"Apple Mobile Device"=2
"AdobeFlashPlayerUpdateSvc"=3

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2013-09-24 192512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-08-24 133120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MI1933~1\Office14\GROOVEEX.DLL [2013-03-09 4171464]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Java\jre7\bin\javaw.exe"="C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam Client Bootstrapper (buildbot_winslave04_steam_steam_rel_client_win32@winslave04)"
"C:\Program Files\WarThunder\launcher.exe"="C:\Program Files\WarThunder\launcher.exe:*:Enabled:War Thunder Launcher"
"C:\Program Files\Steam\SteamApps\common\Team Fortress 2\hl2.exe"="C:\Program Files\Steam\SteamApps\common\Team Fortress 2\hl2.exe:*:Enabled:Team Fortress 2"
"C:\Program Files\Steam\SteamApps\common\Serious Sam HD The First Encounter\Bin\SamHD.exe"="C:\Program Files\Steam\SteamApps\common\Serious Sam HD The First Encounter\Bin\SamHD.exe:*:Enabled:Serious Sam HD: The First Encounter"
"C:\Program Files\Steam\SteamApps\common\serious sam hd the second encounter\Bin\SamHD_TSE.exe"="C:\Program Files\Steam\SteamApps\common\serious sam hd the second encounter\Bin\SamHD_TSE.exe:*:Enabled:Serious Sam HD: The Second Encounter"
"C:\Program Files\Steam\SteamApps\common\serious sam hd the second encounter\Bin\SamHD_TSE_Unrestricted.exe"="C:\Program Files\Steam\SteamApps\common\serious sam hd the second encounter\Bin\SamHD_TSE_Unrestricted.exe:*:Enabled:Serious Sam HD: The Second Encounter"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Documents and Settings\BoodLuke\Plocha\7.Days.To.Die.Alpha.5.Steam.Edition.Fixed-3DM\7 Days To Die\7DaysToDie.exe"="C:\Documents and Settings\BoodLuke\Plocha\7.Days.To.Die.Alpha.5.Steam.Edition.Fixed-3DM\7 Days To Die\7DaysToDie.exe:*:Enabled:7DaysToDie"
"C:\Program Files\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe"="C:\Program Files\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe:*:Enabled:Left 4 Dead 2"
"C:\Documents and Settings\BoodLuke\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\BoodLuke\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\WINDOWS\KMSEmulator.exe"="C:\WINDOWS\KMSEmulator.exe:*:Enabled:KMSEmulator"
"C:\Program Files\Steam\SteamApps\common\ARMA Gold\arma.exe"="C:\Program Files\Steam\SteamApps\common\ARMA Gold\arma.exe:*:Enabled:Arma: Gold Edition"
"C:\Program Files\Steam\SteamApps\common\Operation Flashpoint Red River\RedRiverLauncher.exe"="C:\Program Files\Steam\SteamApps\common\Operation Flashpoint Red River\RedRiverLauncher.exe:*:Enabled:Operation Flashpoint: Red River"
"C:\Program Files\Steam\SteamApps\common\Operation Flashpoint Red River\RedRiver.exe"="C:\Program Files\Steam\SteamApps\common\Operation Flashpoint Red River\RedRiver.exe:*:Enabled:RedRiver"
"C:\Program Files\Steam\SteamApps\common\lost planet extreme condition\LostPlanetDX9.exe"="C:\Program Files\Steam\SteamApps\common\lost planet extreme condition\LostPlanetDX9.exe:*:Enabled:Lost Planet: Extreme Condition"
"C:\Program Files\Steam\SteamApps\common\lost planet extreme condition\LostPlanetDX10.exe"="C:\Program Files\Steam\SteamApps\common\lost planet extreme condition\LostPlanetDX10.exe:*:Enabled:Lost Planet: Extreme Condition"
"C:\Documents and Settings\BoodLuke\Plocha\LOL\nc.exe"="C:\Documents and Settings\BoodLuke\Plocha\LOL\nc.exe:*:Enabled:nc"
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP1\RpcAgentSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP1\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service"
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP1\WNt500x86\RpcSandraSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP1\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service"
"C:\Program Files\Steam\SteamApps\common\Mount and Blade\runme.exe"="C:\Program Files\Steam\SteamApps\common\Mount and Blade\runme.exe:*:Enabled:Mount & Blade"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "
"C:\Program Files\Goat Simulator\Binaries\Win32\GoatGame-Win32-Shipping.exe"="C:\Program Files\Goat Simulator\Binaries\Win32\GoatGame-Win32-Shipping.exe:*:Enabled:GoatGame-Win32-Shipping"
"C:\Program Files\Steam\SteamApps\common\Dear Esther\dearesther.exe"="C:\Program Files\Steam\SteamApps\common\Dear Esther\dearesther.exe:*:Enabled:Dear Esther"
"C:\Program Files\Steam\SteamApps\common\Velvet Assassin\Launcher.exe"="C:\Program Files\Steam\SteamApps\common\Velvet Assassin\Launcher.exe:*:Enabled:Velvet Assassin"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"vidc.xtor"=DxtoryCodec.dll
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"vidc.DIVX"=divx.dll
"vidc.yv12"=yv12vfw.dll
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"mixer"=wdmaud.drv

======List of files/folders created in the last 1 month======

2014-04-17 13:55:44 ----D---- C:\rsit
2014-04-16 17:06:26 ----D---- C:\Program Files\AGEIA Technologies
2014-04-10 20:09:41 ----D---- C:\Documents and Settings\BoodLuke\Data aplikací\.minecraft
2014-04-04 14:36:57 ----A---- C:\WINDOWS\system32\roboot.exe
2014-04-03 20:14:06 ----D---- C:\Program Files\Goat Simulator
2014-03-31 18:05:23 ----D---- C:\Program Files\MyFree Codec
2014-03-31 18:04:53 ----A---- C:\WINDOWS\system32\Redemption.dll
2014-03-31 18:04:46 ----A---- C:\WINDOWS\system32\drivers\dgderdrv.sys
2014-03-31 18:04:46 ----A---- C:\WINDOWS\system32\dgderapi.dll
2014-03-31 16:26:03 ----D---- C:\Program Files\MediaWatchV1
2014-03-30 12:01:35 ----D---- C:\Program Files\Common Files\Symantec Shared
2014-03-30 12:01:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2014-03-30 12:00:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\NortonInstaller
2014-03-30 01:53:05 ----D---- C:\WINDOWS\system32\Adobe
2014-03-28 22:07:11 ----A---- C:\WINDOWS\system32\drivers\tStLibG.sys
2014-03-28 20:35:58 ----D---- C:\Program Files\Surftastic
2014-03-28 20:35:18 ----D---- C:\Documents and Settings\BoodLuke\Data aplikací\cd957b16-9b11-4541-bfae-414fbb5b2326
2014-03-26 15:21:52 ----D---- C:\Program Files\Common Files\Skype
2014-03-23 18:09:25 ----D---- C:\Documents and Settings\BoodLuke\Data aplikací\Mount&Blade

======List of files/folders modified in the last 1 month======

2014-04-17 13:55:49 ----D---- C:\Program Files\trend micro
2014-04-17 13:55:37 ----D---- C:\WINDOWS\Prefetch
2014-04-17 13:50:15 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-04-17 13:25:31 ----D---- C:\Documents and Settings\BoodLuke\Data aplikací\Skype
2014-04-17 12:27:01 ----A---- C:\WINDOWS\win.ini
2014-04-17 12:24:45 ----D---- C:\WINDOWS\temp
2014-04-17 12:24:26 ----D---- C:\WINDOWS
2014-04-17 12:24:19 ----D---- C:\WINDOWS\system32\CatRoot2
2014-04-16 18:24:39 ----D---- C:\Program Files\Steam
2014-04-16 17:06:31 ----SHD---- C:\WINDOWS\Installer
2014-04-16 17:06:31 ----D---- C:\Config.Msi
2014-04-16 17:06:26 ----RD---- C:\Program Files
2014-04-16 17:06:26 ----D---- C:\Program Files\NVIDIA Corporation
2014-04-16 17:06:26 ----D---- C:\Program Files\Common Files
2014-04-16 17:05:26 ----D---- C:\WINDOWS\system32
2014-04-16 17:04:25 ----HD---- C:\WINDOWS\inf
2014-04-16 17:04:17 ----D---- C:\WINDOWS\system32\DirectX
2014-04-13 11:55:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\ProductData
2014-04-11 15:24:16 ----SD---- C:\WINDOWS\Tasks
2014-04-11 15:23:59 ----D---- C:\WINDOWS\security
2014-04-04 14:52:46 ----RSD---- C:\WINDOWS\assembly
2014-04-04 14:48:02 ----D---- C:\WINDOWS\Logs
2014-04-03 15:03:34 ----D---- C:\Documents and Settings\BoodLuke\Data aplikací\uTorrent
2014-03-31 20:50:09 ----D---- C:\Program Files\WarThunder
2014-03-31 18:08:57 ----D---- C:\WINDOWS\Microsoft.NET
2014-03-31 18:06:38 ----DC---- C:\WINDOWS\system32\DRVSTORE
2014-03-31 18:04:46 ----D---- C:\WINDOWS\system32\drivers
2014-03-31 18:04:44 ----HD---- C:\Program Files\InstallShield Installation Information
2014-03-31 18:04:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Samsung
2014-03-31 18:04:11 ----D---- C:\Program Files\SAMSUNG
2014-03-30 11:59:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-26 15:21:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2014-03-26 15:21:52 ----RD---- C:\Program Files\Skype
2014-03-24 20:57:23 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-03-23 00:29:35 ----D---- C:\Program Files\SpeedFan
2014-03-22 22:24:21 ----D---- C:\Documents and Settings\BoodLuke\Data aplikací\TS3Client
2014-03-22 22:14:58 ----D---- C:\Program Files\IObit
2014-03-22 20:57:46 ----RASH---- C:\boot.ini
2014-03-22 20:57:46 ----A---- C:\WINDOWS\system.ini
2014-03-22 20:46:39 ----D---- C:\AdwCleaner
2014-03-19 19:02:17 ----D---- C:\Documents and Settings\BoodLuke\Data aplikací\28580
2014-03-18 15:29:09 ----D---- C:\WINDOWS\system32\CatRoot
2014-03-18 15:19:47 ----D---- C:\Program Files\Microsoft Silverlight

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-11-24 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-11-24 178304]
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2008-08-18 145952]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2012-12-29 24184]
R1 AswRdr;aswRdr; \??\C:\WINDOWS\system32\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; \??\C:\WINDOWS\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; \??\C:\WINDOWS\system32\drivers\aswSP.sys []
R1 aswTdi;aswTdi; \??\C:\WINDOWS\system32\drivers\aswTdi.sys []
R1 tStLibG;tStLibG; C:\WINDOWS\system32\drivers\tStLibG.sys [2014-03-28 55232]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 aswFsBlk;aswFsBlk; \??\C:\WINDOWS\system32\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 Scutum50;Scutum50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\Scutum50.sys [2009-10-06 19072]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2013-09-24 6852096]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdXP3.sys [2012-05-14 103040]
R3 cFosSpeed;cFosSpeed Miniport; C:\WINDOWS\system32\DRIVERS\cfosspeed.sys [2011-07-04 1156992]
R3 dc3d;MS Hardware Device Detection Driver; C:\WINDOWS\system32\DRIVERS\dc3d.sys [2014-03-12 45288]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2014-03-12 21784]
R3 NVENETFD;NVIDIA nForce 10/100 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-03-25 54400]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-03-25 22016]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2014-03-12 40936]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2012-12-17 1617408]
R3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2010-05-20 1961072]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 AMBFilt;AMBFilt; C:\WINDOWS\system32\drivers\AMBFilt.sys [2012-12-17 1656960]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\WINDOWS\System32\Drivers\ssadadb.sys [2012-06-27 30312]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2010-05-17 101904]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2013-11-03 25280]
S3 libusb0;LibUsb-Win32 - Kernel Driver 03/20/2007, 0.1.12.1; C:\WINDOWS\system32\DRIVERS\libusb0.sys [2010-10-02 35392]
S3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver; C:\WINDOWS\system32\drivers\massfilter_hs.sys [2010-06-28 9216]
S3 MonFilt;MonFilt; C:\WINDOWS\system32\drivers\MonFilt.sys [2012-12-17 1389056]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 pspdisp;pspdisp; C:\WINDOWS\system32\DRIVERS\pspdisp.sys [2011-01-18 3072]
S3 RT80x86;Ralink 802.11n Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2860.sys [2012-08-24 2699488]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP1\WNt500x86\Sandra.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\ssadbus.sys [2012-06-27 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2012-06-27 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2012-06-27 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\ssadserd.sys [2012-06-27 114280]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys []
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-24 50344]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-12-18 182696]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2013-08-26 375056]
R2 Update Surftastic;Update Surftastic; C:\Program Files\Surftastic\updateSurftastic.exe [2014-04-17 350496]
R2 Util Surftastic;Util Surftastic; C:\Program Files\Surftastic\bin\utilSurftastic.exe [2014-04-17 350496]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-17 116648]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-17 116648]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-03-09 30798512]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP1\RpcAgentSrv.exe [2008-01-29 72344]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2014-02-25 568512]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-24 257928]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2013-09-24 643072]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 390504]
S4 cFosSpeedS;cFosSpeed System Service; C:\Program Files\ASRock\XFast LAN\spd.exe [2011-10-19 359808]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2013-10-01 1612112]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-31 553288]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-15 115608]
S4 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2010-05-20 139632]
S4 NAUpdate;Nero Update; C:\Program Files\Nero\Update\NASvc.exe [2012-07-13 769432]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2014-01-28 75064]
S4 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2014-01-28 214520]
S4 RalinkRegistryWriter;Ralink Registry Writer; C:\Program Files\Edimax\Common\RaRegistry.exe [2009-12-17 185632]
S4 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2013-04-23 3574624]

-----------------EOF-----------------

[Roli]

Zdravím, v první řadě odinstaluj vše od IObitu


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

[BloodLuke]

ComboFix 14-04-17.01 - BoodLuke 18.04.2014 0:05.3.3 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3583.2725 [GMT 2:00]
Spuštěný z: c:\documents and settings\BoodLuke\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\MediaWatchV1
c:\program files\MediaWatchV1\MediaWatchV1home9180\ff\chrome.manifest
c:\program files\MediaWatchV1\MediaWatchV1home9180\ff\chrome\content\ffMediaWatchV1home9180.js
c:\program files\MediaWatchV1\MediaWatchV1home9180\ff\chrome\content\ffMediaWatchV1home9180ffaction.js
c:\program files\MediaWatchV1\MediaWatchV1home9180\ff\chrome\content\icons\default\MediaWatchV1home9180_32.png
c:\program files\MediaWatchV1\MediaWatchV1home9180\ff\chrome\content\icons\Thumbs.db
c:\program files\MediaWatchV1\MediaWatchV1home9180\ff\chrome\content\overlay.xul
c:\program files\MediaWatchV1\MediaWatchV1home9180\ff\install.rdf
c:\program files\MediaWatchV1\MediaWatchV1home9180\ch\MediaWatchV1home9180.crx
c:\windows\msmqinst.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-17 do 2014-04-17 )))))))))))))))))))))))))))))))
.
.
2014-04-17 11:55 . 2014-04-17 11:55 -------- d-----w- C:\rsit
2014-04-16 15:06 . 2014-04-16 15:06 -------- d-----w- c:\program files\AGEIA Technologies
2014-04-10 18:09 . 2014-04-17 11:49 -------- d-----w- c:\documents and settings\BoodLuke\Data aplikací\.minecraft
2014-04-04 12:36 . 2014-02-13 15:56 17344 ----a-w- c:\windows\system32\roboot.exe
2014-04-03 18:14 . 2014-04-03 18:14 -------- d-----w- c:\program files\Goat Simulator
2014-03-31 16:06 . 2008-04-14 08:52 26624 ----a-w- c:\documents and settings\LocalService\Data aplikací\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2014-03-31 16:05 . 2014-03-31 16:05 -------- d-----w- c:\program files\MyFree Codec
2014-03-31 16:04 . 2014-02-07 14:33 4659712 ----a-w- c:\windows\system32\Redemption.dll
2014-03-31 16:04 . 2014-01-23 16:31 821824 ----a-w- c:\windows\system32\dgderapi.dll
2014-03-31 16:04 . 2014-01-23 16:31 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys
2014-03-31 16:03 . 2014-03-31 16:03 -------- d-----w- c:\documents and settings\BoodLuke\Local Settings\Data aplikací\Downloaded Installations
2014-03-30 10:01 . 2014-03-30 10:43 -------- d-----w- c:\program files\Common Files\Symantec Shared
2014-03-30 10:01 . 2014-03-30 10:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Norton
2014-03-29 23:53 . 2014-03-29 23:53 -------- d-----w- c:\windows\system32\Adobe
2014-03-28 20:07 . 2014-03-28 20:07 -------- d-----r- c:\documents and settings\LocalService\Oblíbené položky
2014-03-28 20:07 . 2014-03-28 20:07 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2014-03-28 20:07 . 2014-03-28 20:07 55232 ----a-w- c:\windows\system32\drivers\tStLibG.sys
2014-03-28 18:35 . 2014-03-29 10:05 -------- d-----w- c:\program files\Surftastic
2014-03-28 18:35 . 2014-03-28 18:35 -------- d-----w- c:\documents and settings\BoodLuke\Data aplikací\cd957b16-9b11-4541-bfae-414fbb5b2326
2014-03-26 13:21 . 2014-03-26 13:21 -------- d-----w- c:\documents and settings\BoodLuke\Local Settings\Data aplikací\Skype
2014-03-26 13:21 . 2014-03-26 13:21 -------- d-----w- c:\program files\Common Files\Skype
2014-03-23 16:09 . 2014-03-23 16:23 -------- d-----w- c:\documents and settings\BoodLuke\Data aplikací\Mount&Blade
2014-03-23 10:37 . 2014-03-23 10:37 -------- d-----w- c:\documents and settings\BoodLuke\workspace
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-24 18:57 . 2013-03-09 11:04 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-24 18:57 . 2013-03-09 11:04 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-12 11:33 . 2012-12-17 17:25 600680 ----a-w- c:\windows\system32\NVUNINST.EXE
2014-03-12 11:33 . 2013-07-22 21:05 600680 ----a-w- c:\windows\system32\nvunrm.exe
2014-03-12 11:33 . 2014-03-12 11:33 40936 ----a-w- c:\windows\system32\drivers\point32.sys
2014-03-12 11:33 . 2014-03-12 11:33 45288 ----a-w- c:\windows\system32\drivers\dc3d.sys
2014-03-12 11:32 . 2014-03-12 11:32 21784 ----a-w- c:\windows\system32\drivers\nuidfltr.sys
2014-02-03 20:08 . 2009-08-18 10:30 564632 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\wlidui.dll
2014-02-03 20:08 . 2009-08-18 10:24 22240 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-01-28 19:38 . 2012-12-18 15:37 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2014-01-28 19:38 . 2012-12-18 16:29 214520 ----a-w- c:\windows\system32\PnkBstrB.xtr
2014-01-28 19:38 . 2012-12-18 15:37 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2014-01-28 19:37 . 2012-12-18 15:37 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2014-01-23 16:31 . 2014-01-23 16:31 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2014-01-23 16:31 . 2014-01-23 16:31 330240 ----a-w- c:\windows\MASetupCaller.dll
2014-01-23 16:31 . 2014-01-23 16:31 30568 ----a-w- c:\windows\MusiccityDownload.exe
2014-01-23 16:31 . 2014-01-23 16:31 45056 ----a-w- c:\windows\system32\MACXMLProto.dll
2014-01-23 16:31 . 2014-01-23 16:31 135168 ----a-w- c:\windows\system32\muzaf1.dll
2014-01-23 16:31 . 2014-01-23 16:31 974848 ----a-w- c:\windows\system32\cis-2.4.dll
2014-01-23 16:31 . 2014-01-23 16:31 81920 ----a-w- c:\windows\system32\issacapi_bs-2.3.dll
2014-01-23 16:31 . 2014-01-23 16:31 65536 ----a-w- c:\windows\system32\issacapi_pe-2.3.dll
2014-01-23 16:31 . 2014-01-23 16:31 57344 ----a-w- c:\windows\system32\MTXSYNCICON.dll
2014-01-23 16:31 . 2014-01-23 16:31 57344 ----a-w- c:\windows\system32\MK_Lyric.dll
2014-01-23 16:31 . 2014-01-23 16:31 57344 ----a-w- c:\windows\system32\issacapi_se-2.3.dll
2014-01-23 16:31 . 2014-01-23 16:31 569344 ----a-w- c:\windows\system32\muzdecode.ax
2014-01-23 16:31 . 2014-01-23 16:31 491520 ----a-w- c:\windows\system32\muzapp.dll
2014-01-23 16:31 . 2014-01-23 16:31 49152 ----a-w- c:\windows\system32\MaJGUILib.dll
2014-01-23 16:31 . 2014-01-23 16:31 45320 ----a-w- c:\windows\system32\MAMACExtract.dll
2014-01-23 16:31 . 2014-01-23 16:31 45056 ----a-w- c:\windows\system32\MaXMLProto.dll
2014-01-23 16:31 . 2014-01-23 16:31 40960 ----a-w- c:\windows\system32\MTTELECHIP.dll
2014-01-23 16:31 . 2014-01-23 16:31 352256 ----a-w- c:\windows\system32\MSLUR71.dll
2014-01-23 16:31 . 2014-01-23 16:31 258048 ----a-w- c:\windows\system32\muzoggsp.ax
2014-01-23 16:31 . 2014-01-23 16:31 245760 ----a-w- c:\windows\system32\MSCLib.dll
2014-01-23 16:31 . 2014-01-23 16:31 24576 ----a-w- c:\windows\system32\MASetupCleaner.exe
2014-01-23 16:31 . 2014-01-23 16:31 200704 ----a-w- c:\windows\system32\muzwmts.dll
2014-01-23 16:31 . 2014-01-23 16:31 172032 ----a-w- c:\windows\system32\muzapp.exe
2014-01-23 16:31 . 2014-01-23 16:31 155648 ----a-w- c:\windows\system32\MSFLib.dll
2014-01-23 16:31 . 2014-01-23 16:31 143360 ----a-w- c:\windows\system32\3DAudio.ax
2014-01-23 16:31 . 2014-01-23 16:31 131072 ----a-w- c:\windows\system32\muzmpgsp.ax
2014-01-23 16:31 . 2014-01-23 16:31 122880 ----a-w- c:\windows\system32\muzeffect.ax
2014-01-23 16:31 . 2014-01-23 16:31 118784 ----a-w- c:\windows\system32\MaDRM.dll
2014-01-23 16:31 . 2014-01-23 16:31 110592 ----a-w- c:\windows\system32\muzmp4sp.ax
2014-01-23 16:31 . 2012-12-17 17:02 319456 ----a-w- c:\windows\system32\difxapi.dll
2014-01-19 13:41 . 2014-01-19 13:41 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2014-01-19 13:41 . 2014-01-19 13:41 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2013-11-15 20:46 . 2013-11-15 20:45 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2008-07-25 10:16 35320 --sha-w- c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2013-04-21 . D24EA301E2B36C4E975FD216CA85D8E7 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\TCPIP.SYS
[-] 2013-04-21 . D24EA301E2B36C4E975FD216CA85D8E7 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\TCPIP.SYS
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[7] 2008-04-14 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2509553$\tcpip.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-11-24 17:59 321752 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-02-10 20922016]
"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2014-02-07 1564992]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE" [2013-06-07 774680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"XFast LAN"="c:\program files\ASRock\XFast LAN\cFosSpeed.exe" [2011-10-19 1202560]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2014-02-07 311616]
"VX1000"="c:\windows\vVX1000.exe" [2010-05-20 762736]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Wireless Utility.lnk]
backup=c:\windows\pss\Wireless Utility.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^BoodLuke^Nabídka Start^Programy^Po spuštění^hamachi.lnk]
path=c:\documents and settings\BoodLuke\Nabídka Start\Programy\Po spuštění\hamachi.lnk
backup=c:\windows\pss\hamachi.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^BoodLuke^Nabídka Start^Programy^Po spuštění^PSPdisp.lnk]
path=c:\documents and settings\BoodLuke\Nabídka Start\Programy\Po spuštění\PSPdisp.lnk
backup=c:\windows\pss\PSPdisp.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\20131121]
2013-11-25 15:32 180184 ----a-w- c:\program files\AVAST Software\Avast\Setup\emupdate\0bbbe67a-3659-4e7e-ba02-40257a75237f.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57 959904 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2012-04-04 04:09 446392 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
2012-03-09 14:26 1073312 ----a-w- c:\program files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]
2014-01-15 21:06 615936 ----a-w- c:\windows\AutoKMS.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2012-11-05 14:27 89184 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cFosSpeed]
2011-10-19 14:19 1202560 ----a-r- c:\program files\ASRock\XFast LAN\cfosspeed.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish]
2008-04-14 08:52 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 08:52 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
c:\documents and settings\BoodLuke\Data aplikací\Seznam.cz\bin\wszndesktop.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
2013-10-22 19:54 3561816 ----a-w- c:\program files\Origin\Origin.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX100 Series]
2008-02-05 15:00 188928 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\E_FATIEDE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2013-07-23 09:55 138096 ----atw- c:\documents and settings\BoodLuke\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GB_UPDATE]
2013-06-05 14:37 2051688 ----a-w- c:\program files\Razer\Razer Game Booster\AutoUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
2010-05-20 13:27 119152 ----a-w- c:\program files\Microsoft LifeCam\LifeExp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2013-10-01 14:51 2345296 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 07:52 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
2013-05-16 13:25 1062472 ----a-w- c:\program files\Seznam.cz\distribution\szninstall.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2013-09-24 09:33 98304 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2014-02-25 21:57 1821888 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-07-02 07:16 254336 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 11:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000]
2010-05-20 13:27 762736 ----a-w- c:\windows\vVX1000.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
2013-06-07 14:51 774680 ----a-w- c:\program files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TeamViewer8"=2 (0x2)
"SwitchBoard"=3 (0x3)
"SkypeUpdate"=2 (0x2)
"RalinkRegistryWriter"=2 (0x2)
"PnkBstrB"=2 (0x2)
"PnkBstrA"=3 (0x3)
"NAUpdate"=2 (0x2)
"MSCamSvc"=2 (0x2)
"MozillaMaintenance"=3 (0x3)
"iPod Service"=3 (0x3)
"idsvc"=3 (0x3)
"IDriverT"=3 (0x3)
"Hamachi2Svc"=3 (0x3)
"gupdatem"=3 (0x3)
"gupdate"=2 (0x2)
"cFosSpeedS"=2 (0x2)
"Bonjour Service"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
"AdobeFlashPlayerUpdateSvc"=3 (0x3)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\WarThunder\\launcher.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Team Fortress 2\\hl2.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Serious Sam HD The First Encounter\\Bin\\SamHD.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\serious sam hd the second encounter\\Bin\\SamHD_TSE.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\serious sam hd the second encounter\\Bin\\SamHD_TSE_Unrestricted.exe"=
"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Left 4 Dead 2\\left4dead2.exe"=
"c:\\Documents and Settings\\BoodLuke\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\Steam\\SteamApps\\common\\lost planet extreme condition\\LostPlanetDX9.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\lost planet extreme condition\\LostPlanetDX10.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2014.SP1\\RpcAgentSrv.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2014.SP1\\WNt500x86\\RpcSandraSrv.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Mount and Blade\\runme.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Goat Simulator\\Binaries\\Win32\\GoatGame-Win32-Shipping.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Dear Esther\\dearesther.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [5.3.2013 23:34 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [5.3.2013 23:34 178304]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [17.12.2012 19:27 774392]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [17.12.2012 19:27 403440]
R1 tStLibG;tStLibG;c:\windows\system32\drivers\tStLibG.sys [28.3.2014 22:07 55232]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [17.12.2012 19:27 35656]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [5.3.2013 23:34 70384]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn Hamachi\LMIGuardianSvc.exe [26.8.2013 17:46 375056]
R2 Scutum50;Scutum50 NDIS Protocol Driver;c:\windows\system32\drivers\Scutum50.sys [31.3.2013 20:16 19072]
R2 Update Surftastic;Update Surftastic;c:\program files\Surftastic\updateSurftastic.exe [28.3.2014 2:11 350496]
R2 Util Surftastic;Util Surftastic;c:\program files\Surftastic\bin\utilSurftastic.exe [28.3.2014 21:36 350496]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [30.5.2013 16:10 103040]
R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\drivers\dc3d.sys [12.3.2014 13:33 45288]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [25.11.2009 21:57 1617408]
S2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [15.11.2013 22:55 2151200]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [23.10.2013 9:15 172192]
S3 AMBFilt;AMBFilt;c:\windows\system32\drivers\Ambfilt.sys [26.6.2009 16:29 1656960]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [6.2.2013 18:34 30312]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 libusb0;LibUsb-Win32 - Kernel Driver 03/20/2007, 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2.10.2010 10:09 35392]
S3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [8.1.2013 15:33 9216]
S3 pspdisp;pspdisp;c:\windows\system32\drivers\pspdisp.sys [18.1.2011 15:47 3072]
S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [24.8.2012 6:37 2699488]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2014.SP1\RpcAgentSrv.exe [16.3.2014 18:09 72344]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [6.2.2013 18:34 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [6.2.2013 18:34 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [6.2.2013 18:34 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [6.2.2013 18:34 114280]
S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\Razer\Razer Game Booster\Driver\WinRing0.sys [16.5.2013 20:31 14416]
S4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [1.10.2013 16:51 1612112]
S4 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [13.7.2012 17:27 769432]
S4 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 14:37 517096]
S4 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [28.4.2013 13:54 3574624]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-10 17:53 1077576 ----a-w- c:\program files\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-09 18:57]
.
2014-04-17 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-12-17 17:59]
.
2014-04-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-12-17 16:44]
.
2014-04-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-12-17 16:44]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrI ... 3&tsp=5187
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MI1933~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MI1933~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\documents and settings\BoodLuke\Data aplikací\Mozilla\Firefox\Profiles\8il94vqn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrI ... 3&tsp=5187
FF - prefs.js: network.proxy.type - 4
FF - ExtSQL: 2014-03-28 21:36; {01531192-f7ef-415f-a549-cfdb11836731}; c:\documents and settings\BoodLuke\Data aplikací\Mozilla\Firefox\Profiles\8il94vqn.default\extensions\{01531192-f7ef-415f-a549-cfdb11836731}.xpi
FF - ExtSQL: 2014-03-31 16:26; ext@MediaWatchV1home9180.net; c:\program files\MediaWatchV1\MediaWatchV1home9180\ff
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-APSDaemon - c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
MSConfigStartUp-cz.seznam.software - c:\documents and settings\BoodLuke\Data aplikací\Seznam.cz\szninstall.exe
MSConfigStartUp-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-04-18 00:16
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
C:\avast! sandbox
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1108)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Celkový čas: 2014-04-18 00:17:53
ComboFix-quarantined-files.txt 2014-04-17 22:17
ComboFix2.txt 2013-12-19 20:01
ComboFix3.txt 2013-12-19 19:27
.
Před spuštěním: Volných bajtů: 259 960 377 344
Po spuštění: Volných bajtů: 259 941 343 232
.
- - End Of File - - C03CB92C33257C366A67DF8B9ACC2935
413FC2A0C716421B3158746D63736515

[Roli]

Tak a s tím nelegálním produktem od Microsoftu uděláme co ?

[BloodLuke]

Mno nevím nerad bych formatoval disk :/. Ono je nějaký rozdíl mezi legalním a nelegalním? Rychlost,aktualizace atd.?

[CarrioSs]

BloodLuke napíš mi prosím na email ............@gmail.com

[Roli]

Mno nevím nerad bych formatoval disk :/. Ono je nějaký rozdíl mezi legalním a nelegalním? Rychlost,aktualizace atd.?

Ano je a to v tom, že nelegální produkt od Microsoftu zde nepodporujeme. Kvůli odinstalaci Mictosoft Office přeci není nutné formátovat disk ne ?

[Roli]

BloodLuke napíš mi prosím na email ............@gmail.com

Myslím, že si to tu pořešíme sami

[BloodLuke]

Já jsem myslel,že máte na mysli Windows XP. Microsoft office používám do školy,když je potřeba a v aktualizacích M.O. není nějaký extra problem.

[Roli]

Microsoft office používám do školy,když je potřeba a v aktualizacích M.O. není nějaký extra problem.

Tak ty kraklé Office odinstaluj ano.


Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

File::  
c:\windows\system32\roboot.exe
c:\windows\AutoKMS.exe

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]

Folder::
c:\program files\IObit

Driver::
LiveUpdateSvc

FireFox::
FF - ProfilePath - c:\documents and settings\BoodLuke\Data aplikací\Mozilla\Firefox\Profiles\8il94vqn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.buenosearch.com/?babsrc=HP_s ... 3&tsp=5187

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

[BloodLuke]

Bohužel jsem musel restartovat PC (nereagoval)

2014-03-12 12:32:35 921 [PROGRESS] ForceDirectory "C:\Documents and Settings" exists,SetFileAttributes NORMAL
2014-03-12 12:32:35 921 [PROGRESS] ForceDirectory "C:\Documents and Settings\BoodLuke" exists,SetFileAttributes NORMAL
2014-03-12 12:32:35 921 [PROGRESS] ForceDirectory "C:\Documents and Settings\BoodLuke\Data aplikací" exists,SetFileAttributes NORMAL
2014-03-12 12:32:35 921 [PROGRESS] ForceDirectory "C:\Documents and Settings\BoodLuke\Data aplikací\IObit" exists,SetFileAttributes NORMAL
2014-03-12 12:32:35 921 [PROGRESS] ForceDirectory "C:\Documents and Settings\BoodLuke\Data aplikací\IObit\Driver Booster" exists,SetFileAttributes NORMAL
2014-03-12 12:32:35 937 [PROGRESS] ForceDirectory "C:\Documents and Settings\BoodLuke\Data aplikací\IObit\Driver Booster\Logs" exists,SetFileAttributes NORMAL
2014-03-12 12:33:06 593 [PROGRESS] ForceDirectory "C:\Documents and Settings" exists,SetFileAttributes NORMAL
2014-03-12 12:33:06 593 [PROGRESS] ForceDirectory "C:\Documents and Settings\BoodLuke" exists,SetFileAttributes NORMAL
2014-03-12 12:33:06 593 [PROGRESS] ForceDirectory "C:\Documents and Settings\BoodLuke\Data aplikací" exists,SetFileAttributes NORMAL
2014-03-12 12:33:06 593 [PROGRESS] ForceDirectory "C:\Documents and Settings\BoodLuke\Data aplikací\IObit" exists,SetFileAttributes NORMAL
2014-03-12 12:33:06 593 [PROGRESS] ForceDirectory "C:\Documents and Settings\BoodLuke\Data aplikací\IObit\Driver Booster" exists,SetFileAttributes NORMAL
2014-03-12 12:33:06 593 [PROGRESS] ForceDirectory "C:\Documents and Settings\BoodLuke\Data aplikací\IObit\Driver Booster\Logs" exists,SetFileAttributes NORMAL
2014-03-12 12:33:42 531 [PROGRESS] ForceDirectory "C:\Documents and Settings" exists,SetFileAttributes NORMAL
2014-03-12 12:33:42 531 [PROGRESS] ForceDirectory "C:\Documents and Settings\BoodLuke" exists,SetFileAttributes NORMAL
2014-03-12 12:33:42 531 [PROGRESS] ForceDirectory "C:\Documents and Settings\BoodLuke\Data aplikací" exists,SetFileAttributes NORMAL
2014-03-12 12:33:42 531 [PROGRESS] ForceDirectory "C:\Documents and Settings\BoodLuke\Data aplikací\IObit" exists,SetFileAttributes NORMAL
2014-03-12 12:33:42 531 [PROGRESS] ForceDirectory "C:\Documents and Settings\BoodLuke\Data aplikací\IObit\Driver Booster" exists,SetFileAttributes NORMAL
2014-03-12 12:33:42 531 [PROGRESS] ForceDirectory "C:\Documents and Settings\BoodLuke\Data aplikací\IObit\Driver Booster\Logs" exists,SetFileAttributes NORMAL

[Roli]

Zkus tedy použít ComboFix se skriptem v Nouzovém režimu.

[BloodLuke]

ComboFix 14-04-17.01 - BoodLuke 24.04.2014 20:23:51.5.3 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3583.2604 [GMT 2:00]
Spuštěný z: c:\documents and settings\BoodLuke\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\BoodLuke\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"c:\windows\AutoKMS.exe"
"c:\windows\system32\roboot.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\program files\IObit
c:\program files\IObit\Advanced SystemCare 6\ASCInit.log
c:\program files\IObit\Advanced SystemCare 6\ASCPatch.exe
c:\program files\IObit\Advanced SystemCare 6\ASCService_Log.txt
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2013-06-01.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2013-06-02.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2013-06-03.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2013-06-04.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2013-06-05.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2013-06-06.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2013-06-07.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2013-06-08.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2013-06-09.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2013-06-10.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2013-06-11.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2013-06-12.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2013-06-13.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2013-06-14.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2013-06-15.log
c:\program files\IObit\Advanced SystemCare 6\AutoSweeper.log
c:\program files\IObit\Advanced SystemCare 6\AutoUpdate.log
c:\program files\IObit\Advanced SystemCare 6\BootTimeLog\Defrag2013-04-14(11-30-42).log
c:\program files\IObit\Advanced SystemCare 6\BootTimeLog\Defrag2013-04-22(18-13-52).log
c:\program files\IObit\Advanced SystemCare 6\BootTimeLog\Defrag2013-05-10(18-02-18).log
c:\program files\IObit\Advanced SystemCare 6\BootTimeLog\Defrag2013-05-18(11-58-02).log
c:\program files\IObit\Advanced SystemCare 6\BootTimeLog\Defrag2013-06-12(20-55-19).log
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\ASCUrlScanner.dll
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\asc.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\icon_gray.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\ie_risk.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\ie_safe.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\ie_tip_details.gif
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\ie_wraningBg.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\popbox_btn_close.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\popbox_btn_ok.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\risk.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\risk_logo.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\safe.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\safe_logo.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\tip_details.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\window_risk.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\window_safe.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\wraningBg.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll
c:\program files\IObit\Advanced SystemCare 6\Extensions.plist
c:\program files\IObit\Advanced SystemCare 6\checkinfo.txt
c:\program files\IObit\Advanced SystemCare 6\LatestNews\imagenews.png
c:\program files\IObit\Advanced SystemCare 6\LatestNews\LatestNews.ini
c:\program files\IObit\Advanced SystemCare 6\MalwareScan.log
c:\program files\IObit\Advanced SystemCare 6\newyear.exe
c:\program files\IObit\Advanced SystemCare 6\SecurityHoleScan.log
c:\program files\IObit\Advanced SystemCare 6\sh.dat
c:\program files\IObit\Advanced SystemCare 6\Suc13_FileShredder.exe
c:\program files\IObit\Advanced SystemCare 6\UninstallPromote.log
c:\program files\IObit\Advanced SystemCare 6\UpdateLicense.log
c:\program files\IObit\LiveUpdate\Language\Arabic.lng
c:\program files\IObit\LiveUpdate\Language\Belarusian.lng
c:\program files\IObit\LiveUpdate\Language\Czech.lng
c:\program files\IObit\LiveUpdate\Language\Danish.lng
c:\program files\IObit\LiveUpdate\Language\Dinka.lng
c:\program files\IObit\LiveUpdate\Language\Dutch.lng
c:\program files\IObit\LiveUpdate\Language\English.lng
c:\program files\IObit\LiveUpdate\Language\Finnish.lng
c:\program files\IObit\LiveUpdate\Language\French.lng
c:\program files\IObit\LiveUpdate\Language\German.lng
c:\program files\IObit\LiveUpdate\Language\Hungarian.lng
c:\program files\IObit\LiveUpdate\Language\ChineseSimp.lng
c:\program files\IObit\LiveUpdate\Language\ChineseTrad.lng
c:\program files\IObit\LiveUpdate\Language\Indonesia.lng
c:\program files\IObit\LiveUpdate\Language\Italian.lng
c:\program files\IObit\LiveUpdate\Language\Japanese.lng
c:\program files\IObit\LiveUpdate\Language\Korean.lng
c:\program files\IObit\LiveUpdate\Language\Latvian.lng
c:\program files\IObit\LiveUpdate\Language\Malayalam.lng
c:\program files\IObit\LiveUpdate\Language\Polish.lng
c:\program files\IObit\LiveUpdate\Language\Portuguese(PT-BR).lng
c:\program files\IObit\LiveUpdate\Language\Portuguese(PT-PT).lng
c:\program files\IObit\LiveUpdate\Language\Romanian.lng
c:\program files\IObit\LiveUpdate\Language\Russian.lng
c:\program files\IObit\LiveUpdate\Language\Serbian (cyrillic).lng
c:\program files\IObit\LiveUpdate\Language\Serbian (latin).lng
c:\program files\IObit\LiveUpdate\Language\Slovak.lng
c:\program files\IObit\LiveUpdate\Language\Slovenian.lng
c:\program files\IObit\LiveUpdate\Language\Spanish.lng
c:\program files\IObit\LiveUpdate\Language\Swedish.lng
c:\program files\IObit\LiveUpdate\Language\Turkish.lng
c:\program files\IObit\LiveUpdate\Language\Vietnamese.lng
c:\program files\IObit\LiveUpdate\LiveUpdate.exe
c:\program files\IObit\LiveUpdate\LiveUpdate.log
c:\program files\IObit\LiveUpdate\LiveUpdate_1.log
c:\program files\IObit\LiveUpdate\LiveUpdateSrvUpt.log
c:\program files\IObit\LiveUpdate\ProductStatistics.dll
c:\program files\IObit\LiveUpdate\ProductUpt.log
c:\program files\IObit\LiveUpdate\system.ini
c:\program files\IObit\LiveUpdate\update\timer.db
c:\program files\IObit\LiveUpdate\update\update.spt
c:\program files\IObit\Smart Defrag 2\smart-defrag-3-free.exe
c:\program files\IObit\Smart Defrag 3\LatestNews\LatestNews.ini
c:\program files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx
c:\program files\IObit\Surfing Protection\BrowerProtect\ASCBrowserProtection.safariextz
c:\program files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome.manifest
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\ascsurfingprotection.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\ascsurfingprotection.xul
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\imagemgr.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\languagemgr.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\popbox.css
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\protectpage.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\searchresultmgr.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\urlbaricon.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\icon.png
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\install.rdf
c:\program files\IObit\Surfing Protection\BrowerProtect\ASCUrlScanner.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\BrowserProtect.oex
c:\program files\IObit\Surfing Protection\BrowerProtect\errorpage.html
c:\program files\IObit\Surfing Protection\BrowerProtect\images\asc.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\icon_gray.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\ie_risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\ie_safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\ie_tip_details.gif
c:\program files\IObit\Surfing Protection\BrowerProtect\images\ie_wraningBg.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\popbox_btn_close.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\popbox_btn_ok.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\risk_logo.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\safe_logo.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\tip_details.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\window_risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\window_safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\wraningBg.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\manifest.json
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\ASCPlugin_Protect.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\background.html
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\background.js
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Ex.js
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\asc.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\popbox_btn_close.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\popbox_btn_ok.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\risk_logo.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\safe_logo.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\tip_details.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\window_risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\window_safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\wraningBg.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\popup.html
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\popup.js
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\tips.js
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\warning.bak
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\warning.js
c:\program files\IObit\Surfing Protection\BrowerProtect\np_Asc_plugin.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\NPASCSafariPluginProtect.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\Safari_baidu_script.js
c:\program files\IObit\Surfing Protection\BrowerProtect\script.js
c:\program files\IObit\Surfing Protection\BrowerProtect\SPAD_script.js
c:\program files\IObit\Surfing Protection\Database\ASCSpecialUrl.db
c:\program files\IObit\Surfing Protection\Database\base_safe_browse_0330
c:\program files\IObit\Surfing Protection\Database\base_safe_browse_0926
c:\program files\IObit\Surfing Protection\Database\base_safe_browse_1116
c:\program files\IObit\Surfing Protection\Database\base_upt_add
c:\program files\IObit\Surfing Protection\Database\spupdate.utp
c:\program files\IObit\Surfing Protection\Extensions.plist
c:\program files\IObit\Surfing Protection\Language\Arabic.lng
c:\program files\IObit\Surfing Protection\Language\Belarusian.lng
c:\program files\IObit\Surfing Protection\Language\Czech.lng
c:\program files\IObit\Surfing Protection\Language\Dutch.lng
c:\program files\IObit\Surfing Protection\Language\English.lng
c:\program files\IObit\Surfing Protection\Language\Finnish.lng
c:\program files\IObit\Surfing Protection\Language\Hungarian.lng
c:\program files\IObit\Surfing Protection\Language\ChineseSimp.lng
c:\program files\IObit\Surfing Protection\Language\ChineseTrad.lng
c:\program files\IObit\Surfing Protection\Language\Japanese.lng
c:\program files\IObit\Surfing Protection\Language\Korean.lng
c:\program files\IObit\Surfing Protection\Language\Polish.lng
c:\program files\IObit\Surfing Protection\Language\Portuguese(PT-BR).lng
c:\program files\IObit\Surfing Protection\Language\Romanian.lng
c:\program files\IObit\Surfing Protection\Language\Russian.lng
c:\program files\IObit\Surfing Protection\Language\Serbian (cyrillic).lng
c:\program files\IObit\Surfing Protection\Language\Serbian (latin).lng
c:\program files\IObit\Surfing Protection\Language\Slovenian.lng
c:\program files\IObit\Surfing Protection\Language\Spanish.lng
c:\program files\IObit\Surfing Protection\Language\Swedish.lng
c:\program files\IObit\Surfing Protection\Language\Turkish.lng
c:\program files\IObit\Surfing Protection\Language\Vietnamese.lng
c:\program files\IObit\Surfing Protection\PluginInstall.exe
c:\program files\IObit\Surfing Protection\SPUpdate.exe
c:\program files\IObit\Surfing Protection\sqlite3.dll
c:\program files\IObit\Surfing Protection\unins000.dat
c:\program files\IObit\Surfing Protection\unins000.exe
c:\program files\IObit\Surfing Protection\unins000.msg
c:\program files\IObit\Surfing Protection\Update\Update.ini
c:\windows\msmqinst.log
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_LIVEUPDATESVC
-------\Service_LiveUpdateSvc
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-24 do 2014-04-24 )))))))))))))))))))))))))))))))
.
.
2014-04-23 14:53 . 2007-03-12 14:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2014-04-21 09:59 . 2014-04-21 10:04 -------- d-----w- c:\windows\system32\MRT
2014-04-20 11:22 . 2014-02-26 23:28 13312 -c----w- c:\windows\system32\dllcache\xp_eos.exe
2014-04-20 11:22 . 2014-02-26 23:28 13312 ------w- c:\windows\system32\xp_eos.exe
2014-04-20 11:06 . 2008-04-14 08:41 24064 ----a-w- c:\windows\system32\pidgen.dll.wga
2014-04-20 11:06 . 2008-04-14 08:49 102912 ----a-w- c:\windows\system32\dpcdll.dll.wga
2014-04-19 19:36 . 2014-04-19 19:36 -------- d-----w- c:\program files\Hamachi
2014-04-17 11:55 . 2014-04-17 11:55 -------- d-----w- C:\rsit
2014-04-16 15:06 . 2014-04-16 15:06 -------- d-----w- c:\program files\AGEIA Technologies
2014-04-10 18:09 . 2014-04-24 13:58 -------- d-----w- c:\documents and settings\BoodLuke\Data aplikací\.minecraft
2014-04-04 12:36 . 2014-02-13 15:56 17344 ----a-w- c:\windows\system32\roboot.exe
2014-04-03 18:14 . 2014-04-03 18:14 -------- d-----w- c:\program files\Goat Simulator
2014-03-31 16:06 . 2008-04-14 08:52 26624 ----a-w- c:\documents and settings\LocalService\Data aplikací\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2014-03-31 16:05 . 2014-03-31 16:05 -------- d-----w- c:\program files\MyFree Codec
2014-03-31 16:04 . 2014-02-07 14:33 4659712 ----a-w- c:\windows\system32\Redemption.dll
2014-03-31 16:04 . 2014-01-23 16:31 821824 ----a-w- c:\windows\system32\dgderapi.dll
2014-03-31 16:04 . 2014-01-23 16:31 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys
2014-03-31 16:03 . 2014-03-31 16:03 -------- d-----w- c:\documents and settings\BoodLuke\Local Settings\Data aplikací\Downloaded Installations
2014-03-30 10:01 . 2014-03-30 10:43 -------- d-----w- c:\program files\Common Files\Symantec Shared
2014-03-30 10:01 . 2014-03-30 10:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Norton
2014-03-29 23:53 . 2014-03-29 23:53 -------- d-----w- c:\windows\system32\Adobe
2014-03-28 20:07 . 2014-03-28 20:07 -------- d-----r- c:\documents and settings\LocalService\Oblíbené položky
2014-03-28 20:07 . 2014-03-28 20:07 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2014-03-28 20:07 . 2014-03-28 20:07 55232 ----a-w- c:\windows\system32\drivers\tStLibG.sys
2014-03-28 18:35 . 2014-03-29 10:05 -------- d-----w- c:\program files\Surftastic
2014-03-28 18:35 . 2014-03-28 18:35 -------- d-----w- c:\documents and settings\BoodLuke\Data aplikací\cd957b16-9b11-4541-bfae-414fbb5b2326
2014-03-26 13:21 . 2014-03-26 13:21 -------- d-----w- c:\documents and settings\BoodLuke\Local Settings\Data aplikací\Skype
2014-03-26 13:21 . 2014-03-26 13:21 -------- d-----w- c:\program files\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-21 09:53 . 2013-03-09 11:04 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-04-21 09:53 . 2013-03-09 11:04 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-04-19 19:36 . 2009-03-18 15:35 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2014-03-12 11:33 . 2012-12-17 17:25 600680 ----a-w- c:\windows\system32\NVUNINST.EXE
2014-03-12 11:33 . 2013-07-22 21:05 600680 ----a-w- c:\windows\system32\nvunrm.exe
2014-03-12 11:33 . 2014-03-12 11:33 40936 ----a-w- c:\windows\system32\drivers\point32.sys
2014-03-12 11:33 . 2014-03-12 11:33 45288 ----a-w- c:\windows\system32\drivers\dc3d.sys
2014-03-12 11:32 . 2014-03-12 11:32 21784 ----a-w- c:\windows\system32\drivers\nuidfltr.sys
2014-03-06 17:58 . 2012-12-18 14:30 920064 ----a-w- c:\windows\system32\wininet.dll
2014-03-06 17:58 . 2012-12-18 14:30 43520 ------w- c:\windows\system32\licmgr10.dll
2014-03-06 17:58 . 2012-12-18 14:30 1469440 ------w- c:\windows\system32\inetcpl.cpl
2014-03-06 17:58 . 2012-12-18 14:30 18944 ----a-w- c:\windows\system32\corpol.dll
2014-03-06 00:46 . 2012-12-18 14:30 385024 ------w- c:\windows\system32\html.iec
2014-02-07 06:36 . 2012-12-18 14:30 1879040 ----a-w- c:\windows\system32\win32k.sys
2014-02-05 08:55 . 2012-12-18 14:30 563712 ----a-w- c:\windows\system32\qedit.dll
2014-02-03 20:08 . 2009-08-18 10:30 564632 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\wlidui.dll
2014-02-03 20:08 . 2009-08-18 10:24 22240 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-01-28 19:38 . 2012-12-18 15:37 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2014-01-28 19:38 . 2012-12-18 16:29 214520 ----a-w- c:\windows\system32\PnkBstrB.xtr
2014-01-28 19:38 . 2012-12-18 15:37 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2014-01-28 19:37 . 2012-12-18 15:37 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2013-11-15 20:46 . 2013-11-15 20:45 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2008-07-25 10:16 35320 --sha-w- c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2013-04-21 . D24EA301E2B36C4E975FD216CA85D8E7 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\TCPIP.SYS
[-] 2013-04-21 . D24EA301E2B36C4E975FD216CA85D8E7 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\TCPIP.SYS
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[7] 2008-04-14 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2509553$\tcpip.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-11-24 17:59 321752 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-01-30 14:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-02-10 20922016]
"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2014-02-07 1564992]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE" [2013-06-07 774680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"XFast LAN"="c:\program files\ASRock\XFast LAN\cFosSpeed.exe" [2011-10-19 1202560]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2014-02-07 311616]
"VX1000"="c:\windows\vVX1000.exe" [2010-05-20 762736]
.
c:\documents and settings\BoodLuke\Nabídka Start\Programy\Po spuštění\
hamachi.lnk - c:\program files\Hamachi\hamachi.exe [2014-4-19 625952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Wireless Utility.lnk]
backup=c:\windows\pss\Wireless Utility.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^BoodLuke^Nabídka Start^Programy^Po spuštění^hamachi.lnk]
path=c:\documents and settings\BoodLuke\Nabídka Start\Programy\Po spuštění\hamachi.lnk
backup=c:\windows\pss\hamachi.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^BoodLuke^Nabídka Start^Programy^Po spuštění^PSPdisp.lnk]
path=c:\documents and settings\BoodLuke\Nabídka Start\Programy\Po spuštění\PSPdisp.lnk
backup=c:\windows\pss\PSPdisp.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\20131121]
2013-11-25 15:32 180184 ----a-w- c:\program files\AVAST Software\Avast\Setup\emupdate\0bbbe67a-3659-4e7e-ba02-40257a75237f.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57 959904 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2012-04-04 04:09 446392 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
2012-03-09 14:26 1073312 ----a-w- c:\program files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2012-11-05 14:27 89184 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cFosSpeed]
2011-10-19 14:19 1202560 ----a-r- c:\program files\ASRock\XFast LAN\cfosspeed.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish]
2008-04-14 08:52 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 08:52 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
c:\documents and settings\BoodLuke\Data aplikací\Seznam.cz\bin\wszndesktop.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
2013-10-22 19:54 3561816 ----a-w- c:\program files\Origin\Origin.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX100 Series]
2008-02-05 15:00 188928 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\E_FATIEDE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2013-07-23 09:55 138096 ----atw- c:\documents and settings\BoodLuke\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GB_UPDATE]
2013-06-05 14:37 2051688 ----a-w- c:\program files\Razer\Razer Game Booster\AutoUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
2010-05-20 13:27 119152 ----a-w- c:\program files\Microsoft LifeCam\LifeExp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2013-10-01 14:51 2345296 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 07:52 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
2013-05-16 13:25 1062472 ----a-w- c:\program files\Seznam.cz\distribution\szninstall.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2013-09-24 09:33 98304 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2014-04-21 23:42 1826496 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-07-02 07:16 254336 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 11:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000]
2010-05-20 13:27 762736 ----a-w- c:\windows\vVX1000.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
2013-06-07 14:51 774680 ----a-w- c:\program files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TeamViewer8"=2 (0x2)
"SwitchBoard"=3 (0x3)
"SkypeUpdate"=2 (0x2)
"RalinkRegistryWriter"=2 (0x2)
"PnkBstrB"=2 (0x2)
"PnkBstrA"=3 (0x3)
"NAUpdate"=2 (0x2)
"MSCamSvc"=2 (0x2)
"MozillaMaintenance"=3 (0x3)
"iPod Service"=3 (0x3)
"idsvc"=3 (0x3)
"IDriverT"=3 (0x3)
"Hamachi2Svc"=3 (0x3)
"gupdatem"=3 (0x3)
"gupdate"=2 (0x2)
"cFosSpeedS"=2 (0x2)
"Bonjour Service"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
"AdobeFlashPlayerUpdateSvc"=3 (0x3)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\WarThunder\\launcher.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Team Fortress 2\\hl2.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Serious Sam HD The First Encounter\\Bin\\SamHD.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\serious sam hd the second encounter\\Bin\\SamHD_TSE.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\serious sam hd the second encounter\\Bin\\SamHD_TSE_Unrestricted.exe"=
"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Left 4 Dead 2\\left4dead2.exe"=
"c:\\Documents and Settings\\BoodLuke\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\Steam\\SteamApps\\common\\lost planet extreme condition\\LostPlanetDX9.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\lost planet extreme condition\\LostPlanetDX10.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2014.SP1\\RpcAgentSrv.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2014.SP1\\WNt500x86\\RpcSandraSrv.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Mount and Blade\\runme.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Goat Simulator\\Binaries\\Win32\\GoatGame-Win32-Shipping.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Dear Esther\\dearesther.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\GarrysMod\\hl2.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Little Racers STREET\\LittleRacersStreet.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [5.3.2013 23:34 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [5.3.2013 23:34 178304]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [17.12.2012 19:27 774392]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [17.12.2012 19:27 403440]
R1 tStLibG;tStLibG;c:\windows\system32\drivers\tStLibG.sys [28.3.2014 22:07 55232]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [17.12.2012 19:27 35656]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [5.3.2013 23:34 70384]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn Hamachi\LMIGuardianSvc.exe [26.8.2013 17:46 375056]
R2 Scutum50;Scutum50 NDIS Protocol Driver;c:\windows\system32\drivers\Scutum50.sys [31.3.2013 20:16 19072]
R2 Update Surftastic;Update Surftastic;c:\program files\Surftastic\updateSurftastic.exe [28.3.2014 2:11 350496]
R2 Util Surftastic;Util Surftastic;c:\program files\Surftastic\bin\utilSurftastic.exe [28.3.2014 21:36 350496]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [30.5.2013 16:10 103040]
R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\drivers\dc3d.sys [12.3.2014 13:33 45288]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [25.11.2009 21:57 1617408]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [23.10.2013 9:15 172192]
S3 AMBFilt;AMBFilt;c:\windows\system32\drivers\Ambfilt.sys [26.6.2009 16:29 1656960]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [6.2.2013 18:34 30312]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 libusb0;LibUsb-Win32 - Kernel Driver 03/20/2007, 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2.10.2010 10:09 35392]
S3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [8.1.2013 15:33 9216]
S3 pspdisp;pspdisp;c:\windows\system32\drivers\pspdisp.sys [18.1.2011 15:47 3072]
S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [24.8.2012 6:37 2699488]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2014.SP1\RpcAgentSrv.exe [16.3.2014 18:09 72344]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [6.2.2013 18:34 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [6.2.2013 18:34 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [6.2.2013 18:34 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [6.2.2013 18:34 114280]
S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\Razer\Razer Game Booster\Driver\WinRing0.sys [16.5.2013 20:31 14416]
S4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [1.10.2013 16:51 1612112]
S4 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [13.7.2012 17:27 769432]
S4 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 14:37 517096]
S4 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [28.4.2013 13:54 3574624]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-10 17:53 1077576 ----a-w- c:\program files\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-09 09:54]
.
2014-04-24 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-12-17 17:59]
.
2014-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-12-17 16:44]
.
2014-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-12-17 16:44]
.
2014-04-21 c:\windows\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-04-20 23:28]
.
2014-04-24 c:\windows\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-04-20 23:28]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrI ... 3&tsp=5187
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MI1933~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MI1933~1\Office14\ONBttnIE.dll/105
FF - ProfilePath - c:\documents and settings\BoodLuke\Data aplikací\Mozilla\Firefox\Profiles\8il94vqn.default\
FF - prefs.js: network.proxy.type - 4
FF - ExtSQL: 2014-03-28 21:36; {01531192-f7ef-415f-a549-cfdb11836731}; c:\documents and settings\BoodLuke\Data aplikací\Mozilla\Firefox\Profiles\8il94vqn.default\extensions\{01531192-f7ef-415f-a549-cfdb11836731}.xpi
FF - ExtSQL: 2014-03-31 16:26; ext@MediaWatchV1home9180.net; c:\program files\MediaWatchV1\MediaWatchV1home9180\ff
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-IObit Surfing Protection_is1 - c:\program files\IObit\Surfing Protection\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-04-24 20:35
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
C:\avast! sandbox
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1276)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(300)
c:\windows\system32\msi.dll
c:\program files\Google\Drive\googledrivesync32.dll
c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MI1933~1\Office14\1029\GrooveIntlResource.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2014-04-24 20:37:12
ComboFix-quarantined-files.txt 2014-04-24 18:37
ComboFix2.txt 2014-04-17 22:17
ComboFix3.txt 2013-12-19 20:01
ComboFix4.txt 2013-12-19 19:27
.
Před spuštěním: Volných bajtů: 252 924 456 960
Po spuštění: Volných bajtů: 252 918 812 672
.
- - End Of File - - 8B421DA54DF64E8A6D3EBED998751E71
413FC2A0C716421B3158746D63736515

[Roli]

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Pak použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !

[BloodLuke]

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.04.26.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
BoodLuke :: BLOODLUKE [administrátor]

Ochrana: Zakázána

26.4.2014 9:52:51
MBAM-log-2014-04-26 (14-28-17).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 479062
Uplynulý čas: 2 hodin, 39 minut, 56 sekund

Nalezené procesy v paměti: 3
C:\Program Files\Surftastic\updateSurftastic.exe (PUP.Optional.Surftastic.A) -> 2304 -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\bin\utilSurftastic.exe (PUP.Optional.Surftastic.A) -> 2360 -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\bin\Surftastic.BrowserAdapter.exe (PUP.Optional.Surftastic.A) -> 3380 -> Nebyla provedena žádná instrukce.

Nalezené moduly v paměti: 2
C:\Program Files\Surftastic\bin\SurftasticBAApp.dll (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\bin\{01531192-f7ef-415f-a549-cfdb11836731}.dll (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.

Nalezené klíče v registru: 23
HKLM\SYSTEM\CurrentControlSet\Services\Update Surftastic (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
HKLM\SYSTEM\CurrentControlSet\Services\Util Surftastic (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd.1 (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Typelib\{DCABB943-792E-44C4-9029-ECBEE6265AF9} (PUP.Optional.OutBrowse) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} (PUP.Optional.OutBrowse) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363} (PUP.Optional.DefaultTab.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77} (PUP.Optional.DefaultTab.A) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{6B529B0D-66B1-475A-A1D0-E491A5B84A43} (PUP.Optional.Amonetize.A) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7} (PUP.Optional.Amonetize.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Surftastic (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66} (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\Surftastic (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\MediaWatchV1home9180 (PUP.Optional.MediaWatch.A) -> Nebyla provedena žádná instrukce.
HKLM\Software\Surftastic (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 1
HKLM\SOFTWARE\Mozilla\Firefox\Extensions|ext@MediaWatchV1home9180.net (PUP.Optional.MediaWatch.A) -> Data: C:\Program Files\MediaWatchV1\MediaWatchV1home9180\ff -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Špatný: (http://www.buenosearch.com/?babsrc=HP_s ... 3&tsp=5187) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs|Tabs (PUP.Optional.BuenoSearch.A) -> Špatný: (http://www.buenosearch.com/?babsrc=NT_s ... 3&tsp=5187) Dobrý: (www.google.com) -> Nebyla provedena žádná instrukce.

Nalezené složky: 6
C:\Program Files\Surftastic (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\bin (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\bin\plugins (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\bin\TEMP (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\BoodLuke\Data aplikací\dclogs (Stolen.Data) -> Nebyla provedena žádná instrukce.
C:\Program Files\SweetPacks (PUP.Optional.Sweetpacks) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 57
C:\Program Files\Surftastic\updateSurftastic.exe (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\bin\utilSurftastic.exe (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\BoodLuke\Data aplikací\cd957b16-9b11-4541-bfae-414fbb5b2326\cd957b16-9b11-4541-bfae-414fbb5b2326.exe (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
C:\ministub.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\All Users\Data aplikací\Microsofta\phoenix.exe (PUP.Optional.BitCoinMiner) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\BoodLuke\Data aplikací\amazon\amazon.exe (PUP.Optional.Searchprotect) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\BoodLuke\Dokumenty\Downloads\Setup-Dist.exe (PUP.Optional.Smart) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\BoodLuke\Dokumenty\Downloads\game__6124_i499253957_il5936.exe (PUP.Optional.Amonetize.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\BoodLuke\Dokumenty\Downloads\programy\Angry Birds 3.3.2 ENG\crack\angry.birds.all-patch.offline.v1.4.exe (PUP.Riskware.Patcher) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\BoodLuke\Local Settings\Application Data\Bundled software uninstaller\bi_client.exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\BoodLuke\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\adldappccjhelkmbkpiibilgnnjakieg\4.96.1.64962_0\plugins\4zChromePlugIn.dll (PUP.Optional.Mindspark) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\BoodLuke\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\adldappccjhelkmbkpiibilgnnjakieg\4.96.1.64962_0\plugins\SearchControl.dll (PUP.Optional.Mindspark) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\BoodLuke\Local Settings\Data aplikací\Google\Chrome\User Data\Default\File System\005\t\00\00000000 (PUP.Optional.OneClickDownloader.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\BoodLuke\Plocha\Blbosti\Adobe-Photoshop-CS6\Crack\32bit\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\BoodLuke\Plocha\Blbosti\Adobe-Photoshop-CS6\Crack\64bit\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files\Adobe\Adobe Photoshop CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Nebyla provedena žádná instrukce.
C:\Program Files\SnadBoy's Revelation v2\Revelation.exe (HackTool.Snadboy) -> Nebyla provedena žádná instrukce.
C:\Program Files\SnadBoy's Revelation v2\RevelationHelper.dll (PUP.PWSTool.SnadBoy) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoDownloadConverter_4z Chrome Extension\bar\VideoDownloadConvertCrxSetup.26EBB6B6-0E43-4B80-8C00-D5A175660A35.exe (PUP.Optional.Mindspark) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoDownloadConverter_4z Chrome Extension\bar\VideoDownloadConvertCrxSetup.3DF4249E-6E16-49FF-8759-88F445F8D31F.exe (PUP.Optional.Mindspark) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoDownloadConverter_4z Chrome Extension\bar\VideoDownloadConvertCrxSetup.4D48749C-BBF9-4BE3-8FF9-95BDC31DE98F.exe (PUP.Optional.Mindspark) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoDownloadConverter_4z Chrome Extension\bar\VideoDownloadConvertCrxSetup.52527AAC-025D-4B21-839E-E570D7C1D19E (1).exe (PUP.Optional.Mindspark) -> Nebyla provedena žádná instrukce.
C:\Program Files\VideoDownloadConverter_4z Chrome Extension\bar\VideoDownloadConvertCrxSetup.B2248F4B-ADEC-4407-A71B-0D6F5CD1F701.exe (PUP.Optional.Mindspark) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\AutoKMS.exe (Riskware.Keygen) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\msgeova\msgeova.exe (BitcoinMiner) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\mslqdjnv\mslqdjnv.exe (BitcoinMiner) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\msnkawi\msnkawi.exe (BitcoinMiner) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\msykgnae\msykgnae.exe (BitcoinMiner) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\Installer\14933a6.msi (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\Installer\17def77.msi (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\Installer\17def7e.msi (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\Surftastic.ico (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\7za.exe (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\SurftasticUninstall.exe (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\updateSurftastic.InstallState (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\bin\7za.exe (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\bin\BrowserAdapter.7z (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\bin\BrowserAdapterS.7z (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\bin\FilterApp_C.exe (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\bin\sqlite3.dll (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\bin\Surftastic.BrowserAdapter.exe (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\bin\SurftasticBAApp.dll (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\bin\utilSurftastic.InstallState (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\bin\{01531192-f7ef-415f-a549-cfdb11836731}.dll (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\bin\plugins\Surftastic.Bromon.dll (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\bin\plugins\Surftastic.BrowserAdapter.dll (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\bin\plugins\Surftastic.BrowserAdapterS.dll (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\bin\plugins\Surftastic.CompatibilityChecker.dll (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\bin\plugins\Surftastic.FFUpdate.dll (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\bin\plugins\Surftastic.IEUpdate.dll (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Surftastic\bin\plugins\Surftastic.PurBrowseG.dll (PUP.Optional.Surftastic.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\hackhound.txt (Malware.Trace) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\BoodLuke\Data aplikací\dclogs\2013-05-01-4.dc (Stolen.Data) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\BoodLuke\Data aplikací\dclogs\2013-05-10-6.dc (Stolen.Data) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\BoodLuke\Data aplikací\winsvcns.sys (Malware.Trace) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\system32\roboot.exe (PUP.Optional.PCPerformer.A) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\inf\ntvdm.inf (Malware.Trace) -> Nebyla provedena žádná instrukce.

(konec)