poprosim o kontrolu

[sysel666]

Zdravím, chcel by som Vás poprosiť o kontrolu logu.
Ďakujem

Logfile of random's system information tool 1.10 (written by random/random)
Run by Sysel at 2015-01-08 20:07:02
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 16 GB (40%) free of 40 GB
Total RAM: 1023 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:07:25, on 8.1.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
D:\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\USB Video Camera\Monitor.exe
D:\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\neurowise\updateneurowise.exe
C:\Program Files\neurowise\bin\utilneurowise.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\neurowise\bin\neurowise.expext.exe
C:\Documents and Settings\Sysel\Desktop\RSIT.exe
C:\Program Files\Alwil Software\Avast5\setup\instup.exe
C:\Program Files\trend micro\Sysel.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: neurowise 1.0.0.6 - {d08ab008-0647-4784-8e2c-5769cd4a7c3a} - C:\Program Files\neurowise\neurowiseBHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Monitor.lnk = C:\Program Files\USB Video Camera\Monitor.exe
O8 - Extra context menu item: &Download All using 4shared Desktop - C:\Program Files\4shared Desktop\down_all.htm
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Previesť cieľ odkazu do formátu Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Previesť do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Pridať cieľ odkazu do existujúceho súboru PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Pridať do existujúceho súboru PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - Invalid registry found
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - D:\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Update neurowise - Unknown owner - C:\Program Files\neurowise\updateneurowise.exe
O23 - Service: Util neurowise - Unknown owner - C:\Program Files\neurowise\bin\utilneurowise.exe

--
End of file - 8917 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\User_Feed_Synchronization-{439C367F-4342-4FC3-B742-F0C85C5B218E}.job - C:\WINDOWS\system32\msfeedssync.exe sync

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Sysel\Application Data\Mozilla\Firefox\Profiles\v6s7sdap.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://www.google.sk/"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{872A1C39-DF0B-4c8b-AD84-12BA24A3B781}"=C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.2.19770\FFToolbar
"{2224E955-00E9-4613-A844-CE69FCCAAE91}"=C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF
"{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}"=C:\Program Files\Media Access Startup\1.5.0.850\FF
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX® Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2027]
"Description"=RealMedia Plugin
"Path"=C:\Program Files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1040]
"Description"=6.0.12.1040
"Path"=C:\Program Files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{bb6d7bc8-efc2-9bb8-9979-f4c87135778d}

C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdivx32.dll
npdivx32.xpt
NPOFFICE.DLL
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-04-04 65952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-04 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-12-24 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d08ab008-0647-4784-8e2c-5769cd4a7c3a}]
neurowise 1.0.0.6 - C:\Program Files\neurowise\neurowiseBHO.dll [2014-12-24 250144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-04 171424]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-05-17 77824]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"InCD"=C:\Program Files\Ahead\InCD\InCD.exe [2006-01-16 1398272]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-04-03 644696]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-08-05 1657376]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-08-06 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-08-06 13877248]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2014-12-24 5226600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"=D:\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [2014-12-24 6699800]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"WEBTRAN"= []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2014-11-21 5282584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner.exe [2014-11-21 5282584]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
Monitor.lnk - C:\Program Files\USB Video Camera\Monitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=D:\SUPERAntiSpyware\SASSEH.DLL [2011-08-04 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\ESRI\AV_GIS30\ARCVIEW\BIN32\PORTMAP.EXE"="C:\ESRI\AV_GIS30\ARCVIEW\BIN32\PORTMAP.EXE:*:Enabled:PORTMAP"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\WINDOWS\system32\dxdiag.exe"="C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Microsoft DirectX Diagnostic Tool"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Return to Castle Wolfenstein\WolfMP.exe"="C:\Program Files\Return to Castle Wolfenstein\WolfMP.exe:*:Enabled:WolfMP"
"C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\PANDORA.TV\PanService\PandoraService.exe"="C:\Program Files\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"msacm.iac2"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\iac25_32.ax
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.avrn"=C:\PROGRA~1\ACEMEG~1\SystemS\AVIDAV~1.DLL
"vidc.advj"=C:\PROGRA~1\ACEMEG~1\SystemS\AVIDAV~1.DLL
"vidc.mszh"=C:\PROGRA~1\ACEMEG~1\SystemS\avimszh.dll
"vidc.zlib"=C:\PROGRA~1\ACEMEG~1\SystemS\avizlib.dll
"vidc.cscd"=C:\PROGRA~1\ACEMEG~1\SystemS\camcodec.dll
"vidc.cvid"=C:\PROGRA~1\ACEMEG~1\SystemS\iccvid.dll
"msacm.trspch"=C:\PROGRA~1\ACEMEG~1\SystemS\tssoft32.acm
"vidc.em2v"=C:\PROGRA~1\ACEMEG~1\SystemS\etxcodec.dll
"vidc.mkvc"=C:\PROGRA~1\ACEMEG~1\SystemS\kmvidc32.dll
"vidc.hfyu"=C:\PROGRA~1\ACEMEG~1\SystemS\huffyuv.dll
"msacm.lameacm"=C:\PROGRA~1\ACEMEG~1\SystemS\lameacm.acm
"msacm.lhacm"=C:\PROGRA~1\ACEMEG~1\SystemS\lhacm.acm
"msacm.l3acm"=C:\PROGRA~1\ACEMEG~1\SystemS\l3codecp.acm
"vidc.sjpg"=C:\PROGRA~1\ACEMEG~1\SystemS\pmjpeg32.dll
"vidc.dmb2"=C:\PROGRA~1\ACEMEG~1\SystemS\pmjpeg32.dll
"vidc.gepj"=C:\PROGRA~1\ACEMEG~1\SystemS\pmjpeg32.dll
"vidc.qpeg"=C:\PROGRA~1\ACEMEG~1\SystemS\Qpeg32.dll
"vidc.q1.0"=C:\PROGRA~1\ACEMEG~1\SystemS\Qpeg32.dll
"msacm.sl_anet"=sl_anet.acm
"vidc.tscc"=C:\PROGRA~1\ACEMEG~1\SystemS\tsccvid.dll
"vidc.vifp"=C:\PROGRA~1\ACEMEG~1\SystemS\vfcodec.dll
"vidc.wrpr"=C:\PROGRA~1\ACEMEG~1\SystemS\aviwrap.dll
"vidc.wnv1"=C:\PROGRA~1\ACEMEG~1\SystemS\wnvplay1.dll
"vidc.advs"=C:\PROGRA~1\ACEMEG~1\SystemS\Adaptec\Dvc.dll
"vidc.aflc"=C:\PROGRA~1\ACEMEG~1\SystemS\Autodesk\FLCCOD~1.DLL
"vidc.afli"=C:\PROGRA~1\ACEMEG~1\SystemS\Autodesk\FLCCOD~1.DLL
"vidc.aasc"=C:\PROGRA~1\ACEMEG~1\SystemS\Autodesk\Aasc32.dll
"vidc.aas4"=C:\PROGRA~1\ACEMEG~1\SystemS\Autodesk\Aasc32.dll
"vidc.asv1"=C:\PROGRA~1\ACEMEG~1\SystemS\ASUS\asusasv1.dll
"vidc.asv2"=C:\PROGRA~1\ACEMEG~1\SystemS\ASUS\asusasv2.dll
"vidc.asvx"=C:\PROGRA~1\ACEMEG~1\SystemS\ASUS\asusasv2.dll
"vidc.vcr1"=C:\PROGRA~1\ACEMEG~1\SystemS\ATI\ativcr1.dll
"vidc.vcr2"=C:\PROGRA~1\ACEMEG~1\SystemS\ATI\ativcr2.dll
"vidc.yv12"=DivX.dll
"vidc.mwv1"=C:\PROGRA~1\ACEMEG~1\SystemS\Aware\icmw_32.dll
"vidc.bt20"=C:\PROGRA~1\ACEMEG~1\SystemS\BROOKT~1\btvvc32.drv
"vidc.y41p"=C:\PROGRA~1\ACEMEG~1\SystemS\BROOKT~1\btvvc32.drv
"msacm.pcdv"=C:\PROGRA~1\ACEMEG~1\SystemS\Canopus\pcdv.acm
"vidc.cdvc"=C:\PROGRA~1\ACEMEG~1\SystemS\Canopus\CSCCDVC.DLL
"vidc.ddvc"=C:\PROGRA~1\ACEMEG~1\SystemS\Canopus\CSCdvsd.DLL
"vidc.png1"=C:\PROGRA~1\ACEMEG~1\SystemS\Core\COREPN~1.DLL
"msacm.CoreFLAC_ACM"=C:\PROGRA~1\ACEMEG~1\SystemS\Core\COREFL~1.ACM
"vidc.davc"=C:\PROGRA~1\ACEMEG~1\SystemS\dicas\davcvfw.dll
"vidc.div3"=C:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32.dll
"vidc.div5"=C:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32.dll
"vidc.mpg3"=C:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32.dll
"vidc.div4"=C:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32f.dll
"vidc.div6"=C:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32f.dll
"vidc.ap41"=C:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32f.dll
"vidc.dvx4"=C:\PROGRA~1\ACEMEG~1\SystemS\DivX\divx4.dll
"msacm.divxa32"=C:\PROGRA~1\ACEMEG~1\SystemS\DivX\divxa32.acm
"vidc.frwd"=C:\PROGRA~1\ACEMEG~1\SystemS\Forward\frwd.dll
"vidc.frwt"=C:\PROGRA~1\ACEMEG~1\SystemS\Forward\frwd.dll
"vidc.frwa"=C:\PROGRA~1\ACEMEG~1\SystemS\Forward\frwt.dll
"vidc.frwu"=C:\PROGRA~1\ACEMEG~1\SystemS\Forward\frwu.dll
"vidc.glzw"=C:\PROGRA~1\ACEMEG~1\SystemS\Gabest\GLZW.dll
"vidc.gpeg"=C:\PROGRA~1\ACEMEG~1\SystemS\Gabest\GPEG.dll
"vidc.i263"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\i263_32.drv
"vidc.iv30"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv31"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv32"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv33"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv34"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv35"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv36"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv37"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv38"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv39"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv40"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv41"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv42"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv43"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv44"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv45"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv46"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv47"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv48"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv49"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv50"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir50_32.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"vidc.ir21"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\IR21_R.DLL
"vidc.rt21"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\IR21_R.DLL
"msacm.imc"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\IMC32.ACM
"vidc.lead"=C:\PROGRA~1\ACEMEG~1\SystemS\LEAD\LCODCCMP.DLL
"vidc.dvsd"=C:\PROGRA~1\ACEMEG~1\SystemS\MAINCO~1\MCDVD_32.DLL
"vidc.dvc"=C:\PROGRA~1\ACEMEG~1\SystemS\MAINCO~1\MCDVD_32.DLL
"vidc.dvcs"=C:\PROGRA~1\ACEMEG~1\SystemS\MAINCO~1\MCDVD_32.DLL
"vidc.dcmj"=C:\PROGRA~1\ACEMEG~1\SystemS\MAINCO~1\MCMJPG32.DLL
"vidc.avi1"=C:\PROGRA~1\ACEMEG~1\SystemS\MAINCO~1\MCMJPG32.DLL
"vidc.avi2"=C:\PROGRA~1\ACEMEG~1\SystemS\MAINCO~1\MCMJPG32.DLL
"vidc.dv25"=C:\PROGRA~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.dv50"=C:\PROGRA~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.msmc"=C:\PROGRA~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

======List of files/folders created in the last 1 month======

2014-12-24 14:14:46 ----A---- C:\WINDOWS\system32\aswBoot.exe
2014-12-24 14:14:34 ----A---- C:\WINDOWS\avastSS.scr

======List of files/folders modified in the last 1 month======

2015-01-08 20:07:14 ----D---- C:\Program Files\trend micro
2015-01-08 20:07:10 ----D---- C:\WINDOWS\Prefetch
2015-01-08 18:11:54 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-01-08 17:59:03 ----D---- C:\WINDOWS\temp
2015-01-08 17:54:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-01-08 17:54:44 ----D---- C:\WINDOWS\system32\CatRoot2
2015-01-08 17:54:30 ----D---- C:\Documents and Settings\Sysel\Application Data\Facebook
2015-01-08 16:07:27 ----D---- C:\Documents and Settings\All Users\Application Data\e5c4ef79-068a-447e-b589-daa814c96056
2015-01-08 12:37:00 ----D---- C:\WINDOWS
2015-01-08 12:35:11 ----D---- C:\WINDOWS\system32\LogFiles
2015-01-08 10:30:52 ----D---- C:\Documents and Settings\Sysel\Application Data\DAEMON Tools Lite
2015-01-08 10:05:56 ----D---- C:\WINDOWS\Debug
2015-01-06 16:27:54 ----D---- C:\WINDOWS\Microsoft.NET
2015-01-05 19:21:07 ----SHD---- C:\WINDOWS\Installer
2015-01-05 19:14:00 ----D---- C:\WINDOWS\WinSxS
2014-12-24 16:21:06 ----D---- C:\WINDOWS\system32\MpEngineStore
2014-12-24 16:16:55 ----D---- C:\WINDOWS\system32\MRT
2014-12-24 16:16:43 ----A---- C:\WINDOWS\system32\MRT.exe
2014-12-24 15:29:33 ----A---- C:\WINDOWS\NeroDigital.ini
2014-12-24 15:16:57 ----D---- C:\WINDOWS\system32
2014-12-24 14:55:58 ----D---- C:\Program Files\neurowise
2014-12-24 14:51:10 ----D---- C:\Program Files\ABBYY FineReader 9.0
2014-12-24 14:49:07 ----D---- C:\temp
2014-12-24 14:15:38 ----D---- C:\WINDOWS\system32\drivers
2014-12-24 14:15:17 ----SD---- C:\WINDOWS\Tasks
2014-12-24 14:02:58 ----D---- C:\totalcmd

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 a347bus;a347bus; C:\WINDOWS\system32\DRIVERS\a347bus.sys [2004-08-23 158720]
R0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [2004-04-30 5248]
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-12-24 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-12-24 206248]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2005-03-14 91776]
R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-06-19 43528]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2004-12-03 20544]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-11-11 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2014-12-24 55240]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-12-24 787800]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-12-24 423784]
R1 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2014-12-24 57928]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2006-01-17 29440]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2006-01-17 32640]
R1 SASDIFSV;SASDIFSV; \??\D:\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\D:\SUPERAntiSpyware\SASKUTIL.sys []
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-12-24 24184]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-12-24 70384]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-04-13 278984]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-04-13 25416]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-05-18 2319680]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-08-06 7753888]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-02-08 33408]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2009-08-11 56992]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-02-08 12928]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2006-01-17 102016]
S3 alnofyyt;alnofyyt; C:\WINDOWS\system32\drivers\alnofyyt.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\WINDOWS\System32\Drivers\ssadadb.sys [2011-05-13 30312]
S3 Ca2001v;CA2001 WebCam Driver; C:\WINDOWS\System32\Drivers\Ca2001v.sys [2008-02-19 2333568]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DrvAgent32;DrvAgent32; \??\C:\WINDOWS\system32\Drivers\DrvAgent32.sys []
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt []
S3 FXDRV;FXDRV; \??\I:\Fxdrv.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-06-17 47360]
S3 SASENUM;SASENUM; \??\D:\SUPERAntiSpyware\SASENUM.SYS []
S3 sermouse;Serial Mouse Driver; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-08-17 17664]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\ssadbus.sys [2011-05-13 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2011-05-13 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2011-05-13 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\ssadserd.sys [2011-05-13 114280]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2005-02-01 229888]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; D:\SUPERAntiSpyware\SASCORE.EXE [2014-08-18 142648]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-12-24 50344]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 97432]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2006-01-16 878592]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-04-04 181664]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-08-06 168004]
R2 PanService;PandoraService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [2011-12-21 578264]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2012-02-08 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2012-02-08 103736]
R2 Update neurowise;Update neurowise; C:\Program Files\neurowise\updateneurowise.exe [2015-01-08 529184]
R2 Util neurowise;Util neurowise; C:\Program Files\neurowise\bin\utilneurowise.exe [2015-01-08 529184]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-01-04 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-08 267440]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-06 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[altrok]

Zdravim

Minimalne jeden adware tam je... me spis zajima jestli se Vam nejak v prohlizecich projevuje (podtrzeny text, nahodne vyskakovaci okna atd.)?

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan, pote na Clean
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

[sysel666]

Hej, vyskakuje ich najmenej 5 a plus dalsie 2 okna hned ako na nieco kliknem v priehladaci.
Strasne je spomaleny.. to je tak, kedclovek necha PC matke

# AdwCleaner v4.107 - Report created 09/01/2015 at 10:20:29
# Updated 07/01/2015 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Sysel - SYSLOV666
# Running from : C:\Documents and Settings\Sysel\Desktop\adwcleaner_4.107.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : PanService

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\e5c4ef79-068a-447e-b589-daa814c96056
Folder Deleted : C:\Program Files\PANDORA.TV
Folder Deleted : C:\Program Files\neurowise
Folder Deleted : C:\Documents and Settings\Sysel\Local Settings\Application Data\eSupport.com
Folder Deleted : C:\Documents and Settings\Sysel\Local Settings\Application Data\PackageAware
Folder Deleted : C:\Documents and Settings\Sysel\My Documents\Updater
File Deleted : C:\Documents and Settings\Sysel\Application Data\Mozilla\Firefox\Profiles\v6s7sdap.default\user.js

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{2224e955-00e9-4613-a844-ce69fccaae91}]
Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2BC7C562-BB9F-42B1-997D-F709F00F2127}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
Key Deleted : HKCU\Software\Internet Saving Optimizer
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\Internet Saving Optimizer
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v30.0 (sk)


*************************

AdwCleaner[R0].txt - [3165 octets] - [09/01/2015 10:14:11]
AdwCleaner[R1].txt - [3284 octets] - [09/01/2015 10:18:04]
AdwCleaner[S0].txt - [432 octets] - [09/01/2015 10:17:45]
AdwCleaner[S1].txt - [3097 octets] - [09/01/2015 10:20:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3157 octets] ##########

[altrok]

Vypada to, ze ho AdwCleaner alespon castecne maznul... tak ho dorazime - no mercy!

Dejte novy log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

[sysel666]

FRST log:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-01-2015
Ran by Sysel (administrator) on SYSLOV666 on 09-01-2015 15:24:08
Running from C:\Documents and Settings\Sysel\Desktop
Loaded Profile: Sysel (Available profiles: Sysel & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Angličtina (USA)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Nero AG) C:\Program Files\Ahead\InCD\InCDsrv.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Nero AG) C:\Program Files\Ahead\InCD\InCD.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(SUPERAntiSpyware) D:\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(SUPERAntiSpyware.com) D:\SUPERAntiSpyware\SASCORE.EXE
(ABBYY (BIT Software)) C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
() C:\Program Files\USB Video Camera\Monitor.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
() C:\WINDOWS\system32\PnkBstrA.exe
() C:\WINDOWS\system32\PnkBstrB.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(forum.viry.cz) C:\Documents and Settings\Sysel\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [77824 2005-05-17] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [InCD] => C:\Program Files\Ahead\InCD\InCD.exe [1398272 2006-01-16] (Nero AG)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [644696 2007-04-03] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1603152 2007-04-03] (CANON INC.)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [OpwareSE4] => C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [1657376 2009-08-05] ()
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [5226600 2014-12-24] (AVAST Software)
HKLM\...\Run: [UserFaultCheck] => %systemroot%\system32\dumprep 0 -u
HKU\S-1-5-21-682003330-1580436667-725345543-1003\...\Run: [SUPERAntiSpyware] => D:\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [6699800 2014-12-24] (SUPERAntiSpyware)
HKU\S-1-5-21-682003330-1580436667-725345543-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-682003330-1580436667-725345543-1003\...\Run: [WEBTRAN] => [X]
HKU\S-1-5-21-682003330-1580436667-725345543-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5282584 2014-11-21] (Piriform Ltd)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
ShortcutTarget: Adobe Reader Speed Launch.lnk -> C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
ShortcutTarget: Adobe Reader Synchronizer.lnk -> C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe ()
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Monitor.lnk
ShortcutTarget: Monitor.lnk -> C:\Program Files\USB Video Camera\Monitor.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-682003330-1580436667-725345543-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-682003330-1580436667-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\S-1-5-21-682003330-1580436667-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Podpora odkazu pro Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: neurowise 1.0.0.6 -> {d08ab008-0647-4784-8e2c-5769cd4a7c3a} -> C:\Program Files\neurowise\neurowiseBHO.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-682003330-1580436667-725345543-1003 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - D:\SUPERAntiSpyware\SASSEH.DLL [113024 2011-08-04] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 217.119.113.244 8.8.8.8 217.119.113.245

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Sysel\Application Data\Mozilla\Firefox\Profiles\v6s7sdap.default
FF Homepage: hxxp://www.google.sk/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2027 -> C:\Program Files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1040 -> C:\Program Files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-682003330-1580436667-725345543-1003: @facebook.com/FBPlugin,version=1.0.3 -> C:\Documents and Settings\Sysel\Application Data\Facebook\npfbplugin_1_0_3.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdivx32.dll (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Extension: FireFox Extension Updates - C:\Documents and Settings\Sysel\Application Data\Mozilla\Firefox\Profiles\v6s7sdap.default\Extensions\extension@firefox.com.xpi [2012-01-09]
FF Extension: Personas Plus - C:\Documents and Settings\Sysel\Application Data\Mozilla\Firefox\Profiles\v6s7sdap.default\Extensions\personas@christopher.beard.xpi [2013-03-01]
FF Extension: Click to call with Skype - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-08-18]
FF Extension: LoudMo Contextual Ad Assistant - C:\Program Files\Mozilla Firefox\extensions\{bb6d7bc8-efc2-9bb8-9979-f4c87135778d} [2014-08-18]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-05-09]
FF HKLM\...\Firefox\Extensions: [{872A1C39-DF0B-4c8b-AD84-12BA24A3B781}] - C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.2.19770\FFToolbar
FF HKLM\...\Firefox\Extensions: [{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}] - C:\Program Files\Media Access Startup\1.5.0.850\FF
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-18]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2014-12-24]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; D:\SUPERAntiSpyware\SASCORE.EXE [142648 2014-08-18] (SUPERAntiSpyware.com)
R2 ABBYY.Licensing.FineReader.Professional.9.0; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [660768 2007-12-06] (ABBYY (BIT Software))
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2007-01-04] (Adobe Systems) [File not signed]
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-12-24] (AVAST Software)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [97432 2007-04-13] () [File not signed]
R2 InCDsrv; C:\Program Files\Ahead\InCD\InCDsrv.exe [878592 2006-01-16] (Nero AG) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [181664 2013-04-04] (Oracle Corporation)
R2 nvsvc; C:\WINDOWS\system32\nvsvc32.exe [168004 2009-08-06] (NVIDIA Corporation) [File not signed]
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [66872 2012-02-08] ()
R2 PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [103736 2012-02-08] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 a347bus; C:\WINDOWS\System32\DRIVERS\a347bus.sys [158720 2004-08-23] ( ) [File not signed]
R0 a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [5248 2004-04-30] ( ) [File not signed]
R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [2319680 2005-05-18] (Realtek Semiconductor Corp.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-12-24] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2014-12-24] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2014-12-24] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-12-24] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2014-12-24] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2014-12-24] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2014-12-24] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2014-12-24] ()
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [278984 2009-04-13] ()
S3 Ca2001v; C:\WINDOWS\System32\Drivers\Ca2001v.sys [2333568 2008-02-19] (Digital Camera)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 DrvAgent32; C:\WINDOWS\system32\Drivers\DrvAgent32.sys [23456 2010-04-06] (Phoenix Technologies) [File not signed]
R4 InCDfs; C:\WINDOWS\system32\Drivers\InCDfs.sys [102016 2006-01-17] (Nero AG) [File not signed]
R1 InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [29440 2006-01-17] (Nero AG) [File not signed]
U1 InCDrec; C:\WINDOWS\system32\Drivers\InCDrec.sys [8704 2006-01-16] (Nero AG) [File not signed]
R1 incdrm; C:\WINDOWS\system32\Drivers\incdrm.sys [32640 2006-01-17] (Nero AG) [File not signed]
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [25416 2009-04-13] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R0 nvatabus; C:\WINDOWS\System32\DRIVERS\nvatabus.sys [91776 2005-03-14] (NVIDIA Corporation)
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [33408 2005-02-08] (NVIDIA Corporation)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [56992 2009-08-11] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [12928 2005-02-08] (NVIDIA Corporation)
S3 pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [47360 2009-06-17] (VSO Software) [File not signed]
R1 SASDIFSV; D:\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-08-04] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SASENUM; D:\SUPERAntiSpyware\SASENUM.SYS [12872 2010-02-19] ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; D:\SUPERAntiSpyware\SASKUTIL.sys [67664 2011-08-04] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 sfdrv01; C:\WINDOWS\System32\drivers\sfdrv01.sys [50688 2005-08-10] (Protection Technology) [File not signed]
R0 sfhlp02; C:\WINDOWS\System32\drivers\sfhlp02.sys [6656 2005-05-16] (Protection Technology) [File not signed]
R0 sfsync02; C:\WINDOWS\System32\drivers\sfsync02.sys [20544 2004-12-03] (Protection Technology) [File not signed]
R0 sfvfs02; C:\WINDOWS\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology) [File not signed]
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2009-11-11] () [File not signed]
S3 TVICHW32; C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [23600 2009-12-16] (EnTech Taiwan) [File not signed]
S3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [229888 2005-02-01] (Marvell) [File not signed]
U3 aul2vta0; C:\WINDOWS\system32\Drivers\aul2vta0.sys [0 ] (Microsoft Corporation)
S3 catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys [X]
S3 EverestDriver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [X]
S3 FXDRV; \??\I:\Fxdrv.sys [X]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 usbbus; system32\DRIVERS\lgusbbus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-09 15:24 - 2015-01-09 15:24 - 00018424 _____ () C:\Documents and Settings\Sysel\Desktop\FRST.txt
2015-01-09 15:24 - 2015-01-09 15:24 - 00000000 ____D () C:\FRST
2015-01-09 15:23 - 2015-01-09 15:23 - 01115648 _____ (Farbar) C:\Documents and Settings\Sysel\Desktop\FRST.exe
2015-01-09 15:23 - 2015-01-09 15:22 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Sysel\Desktop\FRSTLauncher.exe
2015-01-09 14:49 - 2015-01-09 14:49 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Application Data\Sun
2015-01-09 10:14 - 2015-01-09 10:20 - 00000000 ____D () C:\AdwCleaner
2015-01-09 10:13 - 2015-01-09 10:13 - 02191360 _____ () C:\Documents and Settings\Sysel\Desktop\adwcleaner_4.107.exe
2015-01-08 20:06 - 2015-01-08 20:06 - 01107968 _____ () C:\Documents and Settings\Sysel\Desktop\RSIT.exe
2015-01-08 19:28 - 2015-01-08 19:59 - 00000159 _____ () C:\Documents and Settings\Sysel\Desktop\pneumatiky.txt
2014-12-24 14:15 - 2014-12-24 14:15 - 00001742 _____ () C:\Documents and Settings\All Users\Desktop\Avast Free Antivirus.lnk
2014-12-24 14:14 - 2014-12-24 14:14 - 00291352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-12-24 14:14 - 2014-12-24 14:14 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-09 15:24 - 2012-01-10 23:57 - 00000000 ____D () C:\Documents and Settings\Sysel\Local Settings\temp
2015-01-09 15:21 - 2009-07-09 12:17 - 00000422 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{439C367F-4342-4FC3-B742-F0C85C5B218E}.job
2015-01-09 15:16 - 2012-04-03 20:33 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-09 14:27 - 2012-07-11 13:18 - 00000366 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-01-09 12:28 - 2013-03-22 13:50 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2015-01-09 10:25 - 2006-11-02 13:48 - 01627490 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-09 10:24 - 2006-11-02 15:13 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-01-09 10:24 - 2006-11-02 15:13 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2015-01-09 10:23 - 2009-08-06 08:44 - 00247648 _____ () C:\WINDOWS\system32\NvApps.xml
2015-01-09 10:23 - 2006-11-02 13:21 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-09 09:38 - 2007-08-01 08:53 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2015-01-08 20:27 - 2006-11-02 13:24 - 00032488 _____ () C:\WINDOWS\SchedLgU.Txt
2015-01-08 20:12 - 2006-11-02 13:25 - 00000178 ___SH () C:\Documents and Settings\Sysel\ntuser.ini
2015-01-08 20:07 - 2012-01-10 20:09 - 00000000 ____D () C:\Program Files\trend micro
2015-01-08 18:12 - 2006-11-04 16:30 - 00000000 ____D () C:\Documents and Settings\Sysel\Local Settings\Application Data\Adobe
2015-01-08 18:11 - 2012-04-03 20:33 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-01-08 18:11 - 2011-05-16 10:46 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-01-08 17:54 - 2010-05-25 21:20 - 00000000 ____D () C:\Documents and Settings\Sysel\Application Data\Facebook
2015-01-08 17:27 - 2006-11-02 13:24 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Temp
2015-01-08 15:00 - 2014-08-18 15:50 - 00000216 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2015-01-08 12:35 - 2006-11-02 18:44 - 00000000 ____D () C:\WINDOWS\system32\LogFiles
2015-01-08 10:30 - 2009-07-02 06:40 - 00000000 ____D () C:\Documents and Settings\Sysel\Application Data\DAEMON Tools Lite
2015-01-08 10:05 - 2006-11-02 13:25 - 00000000 ____D () C:\Documents and Settings\Sysel
2015-01-08 09:45 - 2003-03-31 13:00 - 00002300 _____ () C:\WINDOWS\system32\wpa.dbl
2014-12-24 16:21 - 2013-09-03 16:47 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-24 16:21 - 2010-07-15 11:02 - 00000000 ____D () C:\WINDOWS\system32\MpEngineStore
2014-12-24 16:16 - 2009-06-04 19:54 - 109818608 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-24 15:29 - 2006-11-02 17:37 - 00000202 _____ () C:\WINDOWS\NeroDigital.ini
2014-12-24 15:29 - 2006-11-02 14:13 - 00138752 _____ () C:\Documents and Settings\Sysel\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-24 14:51 - 2010-11-20 17:37 - 00000000 ____D () C:\Program Files\ABBYY FineReader 9.0
2014-12-24 14:49 - 2009-09-15 18:35 - 00000000 ____D () C:\temp
2014-12-24 14:15 - 2011-06-18 14:54 - 00787800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-12-24 14:15 - 2009-04-03 17:27 - 00423784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-12-24 14:14 - 2014-10-07 07:44 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-12-24 14:14 - 2013-03-22 12:34 - 00206248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-12-24 14:14 - 2013-03-22 12:34 - 00070384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-12-24 14:14 - 2013-03-22 12:34 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-12-24 14:14 - 2009-04-03 17:27 - 00057928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-12-24 14:14 - 2009-04-03 17:27 - 00055240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-12-24 14:02 - 2007-01-04 18:05 - 00000000 ____D () C:\totalcmd
2014-12-24 13:57 - 2006-11-02 15:10 - 03553560 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

Some content of TEMP:
====================
C:\Documents and Settings\Sysel\Local Settings\temp\Quarantine.exe
C:\Documents and Settings\Sysel\Local Settings\temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:39.06 GB) (Free:15.34 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:109.98 GB) (Free:59.49 GB) NTFS

Available physical RAM: 548.48 MB
Total physical RAM: 1023.48 MB
Percentage of memory in use: 46%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: C089C089)
Partition 1: (Active) - (Size=39.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110 GB) - (Type=OF Extended)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{439C367F-4342-4FC3-B742-F0C85C5B218E}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Sysel\Desktop" je 11 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\ESRI\\AV_GIS30\\ARCVIEW\\BIN32\\PORTMAP.EXE"="C:\\ESRI\\AV_GIS30\\ARCVIEW\\BIN32\\PORTMAP.EXE:*:Enabled:PORTMAP"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:Torrent"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Java\\jre6\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre6\\bin\\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"="C:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe:*:Enabled:Google Earth"
"C:\\WINDOWS\\system32\\dxdiag.exe"="C:\\WINDOWS\\system32\\dxdiag.exe:*:Enabled:Microsoft DirectX Diagnostic Tool"
"C:\\WINDOWS\\system32\\dpnsvr.exe"="C:\\WINDOWS\\system32\\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\Program Files\\Return to Castle Wolfenstein\\WolfMP.exe"="C:\\Program Files\\Return to Castle Wolfenstein\\WolfMP.exe:*:Enabled:WolfMP"
"C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\system32\\mmc.exe:*:Enabled:Microsoft Management Console"
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"="C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\\Program Files\\PANDORA.TV\\PanService\\PandoraService.exe"="C:\\Program Files\\PANDORA.TV\\PanService\\PandoraService.exe:*:Enabled:PandoraService"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

[sysel666]

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-01-2015
Ran by Sysel at 2015-01-09 15:25:06
Running from C:\Documents and Settings\Sysel\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM\...\uTorrent) (Version: 3.3.0.29544 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-682003330-1580436667-725345543-1003\...\uTorrent) (Version: 1.8.2 - )
ABBYY FineReader 9.0 Professional Edition (HKLM\...\{F9000000-0001-0000-0000-074957833700}) (Version: 9.00.724.5507 - ABBYY)
ACE Mega CoDecS Pack (HKLM\...\{FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1) (Version: 6.03.0911 - ACE DESIGN Software)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated)
Adobe Bridge 1.0 (HKLM\...\{B74D4E10-6884-0000-0000-000000000103}) (Version: 001.000.004 - Adobe Systems)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader 8 - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-A80000000000}) (Version: 8.0.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.3) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.7.609 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcView GIS Version 3.1 (HKU\S-1-5-21-682003330-1580436667-725345543-1003\...\ArcView GIS Version 3.1) (Version: - )
aTube Catcher (HKLM\...\aTube Catcher) (Version: 2.9.1347 - DsNET Corp)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
AutoUpdate (HKLM\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Avast Free Antivirus (HKLM\...\avast) (Version: 10.0.2208 - AVAST Software)
Balík Compatibility Pack pre systém Office 2007 (HKLM\...\{90120000-0020-041B-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (Version: - ) Hidden
Canon MP Navigator EX 1.0 (HKLM\...\MP Navigator EX 1.0) (Version: - )
Canon MP210 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series) (Version: - )
Canon MP210 series User Registration (HKLM\...\Canon MP210 series User Registration) (Version: - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Click to Call with Skype (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8153 - Skype Technologies S.A.)
Delta Force - Black Hawk Down (HKLM\...\{8FE54D21-8254-4CCF-AEE0-066496AE43F4}) (Version: 1.00.000 - )
Delta Force Black Hawk Down Team Sabre (HKLM\...\{6164D2E7-986B-42F5-B3A6-64D5E53FB889}) (Version: 1.00.000 - )
DivX Codec (HKLM\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.7.0 - DivX, Inc.)
DivX Web Player (HKLM\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.3.1 - DivX,Inc.)
DriverAgent by eSupport.com (HKLM\...\DriverAgent.exe) (Version: - )
EAX4 Unified Redist (HKLM\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Facebook Plug-In (HKU\S-1-5-21-682003330-1580436667-725345543-1003\...\Facebook Plug-In) (Version: - Facebook, Inc.)
Fallout (HKLM\...\Fallout_is1) (Version: - GOG.com)
GTA San Andreas (HKLM\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
Java 7 Update 21 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.210 - Oracle)
Java(TM) 6 Update 29 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216013FF}) (Version: 6.0.290 - Sun Microsystems, Inc.)
Java(TM) 6 Update 7 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 3.9.1.130 - PandoraTV)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{9011041B-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 sk) (HKLM\...\Mozilla Firefox 30.0 (x86 sk)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6 Service Pack 2 (KB954459) (HKLM\...\{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}) (Version: 6.20.1099.0 - Microsoft Corporation)
MSXML4 Parser (HKLM\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Need For Speed Most Wanted SK (HKLM\...\Need For Speed Most Wanted SK) (Version: - )
Need for Speed™ Most Wanted (HKLM\...\{ADE91A13-434D-4229-00BC-182BAD607303}) (Version: - )
Nero Suite (HKLM\...\NeroMultiInstaller!UninstallKey) (Version: - )
neurowise (HKLM\...\neurowise) (Version: 2014.11.17.062215 - neurowise) <==== ATTENTION!
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.9 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (HKLM\...\NVIDIA nView Desktop Manager) (Version: 125.18 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.2.23.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.23.3 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
Pandora Service (HKLM\...\4F6D5E84-5826-4394-9F40-3A9A19165651_is1) (Version: - Pandora.TV) <==== ATTENTION
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.5 - Frank Heindörfer, Philip Chinery)
PIXMA Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: - )
QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Realtek AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: 5.11 - Realtek Semiconductor Corp.)
ScanSoft OmniPage SE 4 (HKLM\...\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}) (Version: 15.2.0020 - Nuance Communications, Inc.)
Skype™ 5.5 (HKLM\...\{AA59DDE4-B672-4621-A016-4C248204957A}) (Version: 5.5.114 - Skype Technologies S.A.)
SmartSound Quicktracks Plugin (HKLM\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.2.7 - SmartSound Software Inc)
SmartSound Quicktracks Plugin (Version: 3.0.2.7 - SmartSound Software Inc) Hidden
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version: - )
upnito.sk Manager 2 (HKLM\...\upnito.sk Manager_is1) (Version: - Michal Boška)
USB Video Camera (HKLM\...\InstallShield_{F11D6791-FBE8-4817-B5D4-D3191DDDCDC8}) (Version: 3.1.3.3 - SunPlus)
USB Video Camera (Version: 3.1.3.3 - SunPlus) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
WebFldrs XP (Version: 9.50.6513 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{026371C0-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\WINDOWS\system32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{030B4A80-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\WINDOWS\system32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{030B4A81-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\WINDOWS\system32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{030B4A82-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\WINDOWS\system32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{0713E8A2-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\WINDOWS\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{0713E8A8-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\WINDOWS\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{0713E8D2-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\WINDOWS\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{0713E8D8-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\WINDOWS\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{1E216240-1B7D-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\WINDOWS\system32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Program Files\DsNET Corp\aTube Catcher 2.0\MsComCtl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{1F6F8D20-1B7D-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\WINDOWS\system32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{20DD1B9E-87C4-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{232E456A-87C3-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Program Files\DsNET Corp\aTube Catcher 2.0\MsComCtl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{32C3FEAE-0877-4767-8C20-62A5829A0945}\InprocServer32 -> C:\Documents and Settings\Sysel\Application Data\Facebook\axfbootloader.dll ( )
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Program Files\DsNET Corp\aTube Catcher 2.0\MsComCtl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{373FF7F0-EB8B-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\WINDOWS\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{373FF7F4-EB8B-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\WINDOWS\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{38911D8E-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\WINDOWS\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{38911D90-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\WINDOWS\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{38911D92-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\WINDOWS\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{3C4F3BE3-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\WINDOWS\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{3C4F3BE5-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\WINDOWS\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{3C4F3BE7-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\WINDOWS\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{44EC053A-400F-11D0-9DCD-00A0C90391D3}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\InprocServer32 -> C:\WINDOWS\system32\msinet.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908}\InprocServer32 -> C:\WINDOWS\system32\msinet.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908}\InprocServer32 -> C:\WINDOWS\system32\msinet.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6352-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6353-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6354-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6355-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6356-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6357-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6359-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{58DA8D8A-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\WINDOWS\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{58DA8D8F-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\WINDOWS\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{58DA8D93-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\WINDOWS\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{58DA8D96-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\WINDOWS\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{5ACBB955-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\WINDOWS\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{5ACBB956-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\WINDOWS\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{5ACBB957-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\WINDOWS\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{5ACBB958-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\WINDOWS\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{6027C2D4-FB28-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\WINDOWS\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{603C7E80-87C2-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{603D182C-8E35-C523-9C5B-377C3FA57C3A}\InprocServer32 -> C:\WINDOWS\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{612A8624-0FB3-11CE-8747-524153480004}\InprocServer32 -> C:\WINDOWS\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{612A8628-0FB3-11CE-8747-524153480004}\InprocServer32 -> C:\WINDOWS\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{62823C20-41A3-11CE-9E8B-0020AF039CA3}\InprocServer32 -> C:\WINDOWS\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Program Files\DsNET Corp\aTube Catcher 2.0\MsComCtl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{6B7E638F-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\WINDOWS\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{6B7E6393-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\WINDOWS\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{6B7E63A3-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\WINDOWS\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{7629CFA2-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\WINDOWS\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{7629CFA4-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\WINDOWS\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Program Files\DsNET Corp\aTube Catcher 2.0\MsComCtl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{9ED94440-E5E8-101B-B9B5-444553540000}\InprocServer32 -> C:\WINDOWS\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{9ED94444-E5E8-101B-B9B5-444553540000}\InprocServer32 -> C:\WINDOWS\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{B09DE715-87C1-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{B66834C6-2E60-11CE-8748-524153480004}\InprocServer32 -> C:\WINDOWS\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Program Files\DsNET Corp\aTube Catcher 2.0\MsComCtl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Program Files\DsNET Corp\aTube Catcher 2.0\MsComCtl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{C98FE784-B96E-41e1-8399-1337AE3E539F}\InprocServer32 -> C:\Documents and Settings\Sysel\Application Data\Facebook\npfbplugin_1_0_3.dll ( )
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Program Files\DsNET Corp\aTube Catcher 2.0\MsComCtl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Program Files\DsNET Corp\aTube Catcher 2.0\MsComCtl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\InprocServer32 -> C:\WINDOWS\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{FE38753A-44A3-11D1-B5B7-0000C09000C4}\InprocServer32 -> No File Path

==================== Restore Points =========================

17-11-2014 11:36:14 Software Distribution Service 3.0
28-11-2014 11:33:24 Removed Google Earth.
28-11-2014 11:44:01 Removed Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak.
28-11-2014 11:54:19 Removed Adobe Photoshop CS2
24-12-2014 14:02:58 avast! antivirus system restore point
24-12-2014 16:16:06 Software Distribution Service 3.0
05-01-2015 18:23:46 Kontrolný bod systému
05-01-2015 19:05:24 Software Distribution Service 3.0
08-01-2015 13:08:40 Kontrolný bod systému
08-01-2015 20:12:34 Software Distribution Service 3.0

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2003-03-31 13:00 - 2012-01-10 23:51 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{439C367F-4342-4FC3-B742-F0C85C5B218E}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2015-01-09 09:34 - 2015-01-09 09:34 - 02909696 _____ () C:\Program Files\Alwil Software\Avast5\defs\15010900\algo.dll
2010-03-05 22:29 - 2009-10-09 12:46 - 00488448 _____ () C:\WINDOWS\system32\apdfprintmon.dll
2011-07-04 13:12 - 2009-08-05 22:39 - 00473632 _____ () C:\Program Files\NVIDIA Corporation\nView\nvshell.dll
2010-02-20 13:47 - 2009-12-12 15:12 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2010-02-20 13:47 - 2009-12-20 18:46 - 00327680 _____ () C:\Program Files\WinRAR\rarlng.dll
2014-10-07 07:44 - 2014-12-24 14:14 - 38562088 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
2007-10-16 17:32 - 2007-10-16 17:32 - 00249856 _____ () C:\Program Files\USB Video Camera\Monitor.exe
2004-08-04 13:00 - 2008-04-14 01:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2004-08-04 13:00 - 2008-04-14 01:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2007-10-16 10:10 - 2007-04-13 08:20 - 00097432 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
2012-02-08 13:02 - 2012-02-08 14:35 - 00066872 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2012-02-08 13:02 - 2012-02-08 14:35 - 00103736 _____ () C:\WINDOWS\system32\PnkBstrB.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR

========================= Accounts: ==========================

Administrator (S-1-5-21-682003330-1580436667-725345543-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-682003330-1580436667-725345543-1004 - Limited - Enabled)
Guest (S-1-5-21-682003330-1580436667-725345543-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-682003330-1580436667-725345543-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-682003330-1580436667-725345543-1002 - Limited - Disabled)
Sysel (S-1-5-21-682003330-1580436667-725345543-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Sysel

==================== Faulty Device Manager Devices =============

Name: Mass Storage Controller
Description: Mass Storage Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Ethernet Controller
Description: Ethernet Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/09/2015 03:24:16 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Zlyhala extrakcia zoznamu základných certifikátov nezávislých vydavateľov zo súboru CAB automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab> s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.

Error: (01/09/2015 03:24:16 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Zlyhala extrakcia zoznamu základných certifikátov nezávislých vydavateľov zo súboru CAB automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab> s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.

Error: (01/09/2015 10:20:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Zlyhanie aplikácie , verzia 0.0.0.0, zlyhanie modulu lameacm.acm, verzia 0.0.9.0, adresa zlyhania 0x00003e3b.
Spracováva sa udalosť viažuca sa konkrétne médium pre [!ws!]

Error: (01/09/2015 10:17:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Zlyhanie aplikácie adwcleaner_4.107.exe, verzia 4.1.0.7, zlyhanie modulu adwcleaner_4.107.exe, verzia 4.1.0.7, adresa zlyhania 0x00020ce1.
Spracováva sa udalosť viažuca sa konkrétne médium pre [adwcleaner_4.107.exe!ws!]

Error: (01/04/2015 07:27:24 PM) (Source: MsiInstaller) (EventID: 11706) (User: SYSLOV666)
Description: Produkt: Microsoft Office Professional Edition 2003 -- Chyba 1706. Inštalátor nemôže nájsť požadované súbory. Skontrolujte pripojenie na sieť alebo jednotku CD-ROM. Ďalšie možné riešenia tohto problému vyhľadajte tu: C:\Program Files\Microsoft Office\OFFICE11\1051\SETUP.CHM.

Error: (11/28/2014 11:55:47 AM) (Source: MsiInstaller) (EventID: 10005) (User: SYSLOV666)
Description: Product: Adobe Help Center 1.0 -- Internal Error 2753. ahc.exe

Error: (11/28/2014 11:03:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Zlyhanie aplikácie plugin-container.exe, verzia 30.0.0.5269, zlyhanie modulu mozalloc.dll, verzia 30.0.0.5269, adresa zlyhania 0x0000141b.
Spracováva sa udalosť viažuca sa konkrétne médium pre [plugin-container.exe!ws!]

Error: (11/28/2014 11:03:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Zablokovaná aplikácia firefox.exe, verzia 30.0.0.5269, zablokovaný modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.

Error: (08/18/2014 03:27:24 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Zlyhala extrakcia zoznamu základných certifikátov nezávislých vydavateľov zo súboru CAB automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab> s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.

Error: (08/18/2014 03:27:24 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Zlyhala extrakcia zoznamu základných certifikátov nezávislých vydavateľov zo súboru CAB automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab> s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.


System errors:
=============
Error: (07/15/2010 08:43:15 AM) (Source: System Error) (EventID: 1003) (User: )
Description: Kód chyby 0000000a, parameter1 7fff0000, parameter2 00000002, parameter3 00000001, parameter4 8061bc2a.

Error: (07/14/2010 02:12:45 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generate Activation Context zlyhal C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL.
Chybové hlásenie odkazu: Operácia sa úspešne dokončila.
.

Error: (07/14/2010 02:12:45 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Resolve Partial Assembly zlyhal Microsoft.VC80.MFCLOC.
Chybové hlásenie odkazu: Zostava určená odkazom nie je v počítači nainštalovaná.
.

Error: (07/14/2010 02:12:45 PM) (Source: SideBySide) (EventID: 32) (User: )
Description: Závislá zostava Microsoft.VC80.MFCLOC sa nenašla a posledná chyba bola Zostava určená odkazom nie je v počítači nainštalovaná.
.

Error: (07/14/2010 02:12:45 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generate Activation Context zlyhal C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL.
Chybové hlásenie odkazu: Operácia sa úspešne dokončila.
.

Error: (07/14/2010 02:12:45 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Resolve Partial Assembly zlyhal Microsoft.VC80.MFCLOC.
Chybové hlásenie odkazu: Zostava určená odkazom nie je v počítači nainštalovaná.
.

Error: (07/14/2010 02:12:45 PM) (Source: SideBySide) (EventID: 32) (User: )
Description: Závislá zostava Microsoft.VC80.MFCLOC sa nenašla a posledná chyba bola Zostava určená odkazom nie je v počítači nainštalovaná.
.

Error: (07/14/2010 09:45:40 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generate Activation Context zlyhal C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL.
Chybové hlásenie odkazu: Operácia sa úspešne dokončila.
.

Error: (07/14/2010 09:45:40 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Resolve Partial Assembly zlyhal Microsoft.VC80.MFCLOC.
Chybové hlásenie odkazu: Zostava určená odkazom nie je v počítači nainštalovaná.
.

Error: (07/14/2010 09:45:40 AM) (Source: SideBySide) (EventID: 32) (User: )
Description: Závislá zostava Microsoft.VC80.MFCLOC sa nenašla a posledná chyba bola Zostava určená odkazom nie je v počítači nainštalovaná.
.


Microsoft Office Sessions:
=========================
Error: (01/09/2015 03:24:16 PM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download.windowsupdate.com/m ... stl.cabPri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.

Error: (01/09/2015 03:24:16 PM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download.windowsupdate.com/m ... stl.cabPri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.

Error: (01/09/2015 10:20:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: 0.0.0.0lameacm.acm0.0.9.000003e3b

Error: (01/09/2015 10:17:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: adwcleaner_4.107.exe4.1.0.7adwcleaner_4.107.exe4.1.0.700020ce1

Error: (01/04/2015 07:27:24 PM) (Source: MsiInstaller) (EventID: 11706) (User: SYSLOV666)
Description: Produkt: Microsoft Office Professional Edition 2003 -- Chyba 1706. Inštalátor nemôže nájsť požadované súbory. Skontrolujte pripojenie na sieť alebo jednotku CD-ROM. Ďalšie možné riešenia tohto problému vyhľadajte tu: C:\Program Files\Microsoft Office\OFFICE11\1051\SETUP.CHM.(NULL)(NULL)(NULL)

Error: (11/28/2014 11:55:47 AM) (Source: MsiInstaller) (EventID: 10005) (User: SYSLOV666)
Description: Product: Adobe Help Center 1.0 -- Internal Error 2753. ahc.exe(NULL)(NULL)(NULL)

Error: (11/28/2014 11:03:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.5269mozalloc.dll30.0.0.52690000141b

Error: (11/28/2014 11:03:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe30.0.0.5269hungapp0.0.0.000000000

Error: (08/18/2014 03:27:24 PM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download.windowsupdate.com/m ... stl.cabPri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.

Error: (08/18/2014 03:27:24 PM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download.windowsupdate.com/m ... stl.cabPri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.


==================== Memory info ===========================

Processor: AMD Athlon(tm) 64 Processor 3200+
Percentage of memory in use: 46%
Total physical RAM: 1023.48 MB
Available physical RAM: 548.48 MB
Total Pagefile: 2460.86 MB
Available Pagefile: 2090.15 MB
Total Virtual: 2047.88 MB
Available Virtual: 1926.07 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:39.06 GB) (Free:15.34 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:109.98 GB) (Free:59.49 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: C089C089)
Partition 1: (Active) - (Size=39.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110 GB) - (Type=OF Extended)

==================== End Of Log ============================

[altrok]

Odinstalujte prehistoricke a derave verze Javy

• Java 7 Update 21
• Java(TM) 6 Update 29
• Java(TM) 6 Update 7

pokud Javu potrebujete (z bezpecnostniho hlediska je lepsi ji nemit), nainstalujte novou z java.com

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CloseProcesses:
  HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
  HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
  HKLM\...\Run: [UserFaultCheck] => %systemroot%\system32\dumprep 0 -u
  HKU\S-1-5-21-682003330-1580436667-725345543-1003\...\Run: [SUPERAntiSpyware] => D:\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [6699800 2014-12-24] (SUPERAntiSpyware)
  HKU\S-1-5-21-682003330-1580436667-725345543-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
  HKU\S-1-5-21-682003330-1580436667-725345543-1003\...\Run: [WEBTRAN] => [X]
  HKU\S-1-5-21-682003330-1580436667-725345543-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5282584 2014-11-21] (Piriform Ltd)
  Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
  Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
  
  HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  HKU\S-1-5-21-682003330-1580436667-725345543-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  BHO: neurowise 1.0.0.6 -> {d08ab008-0647-4784-8e2c-5769cd4a7c3a} -> C:\Program Files\neurowise\neurowiseBHO.dll No File
  Toolbar: HKU\S-1-5-21-682003330-1580436667-725345543-1003 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
  FF Extension: LoudMo Contextual Ad Assistant - C:\Program Files\Mozilla Firefox\extensions\{bb6d7bc8-efc2-9bb8-9979-f4c87135778d} [2014-08-18]
  FF HKLM\...\Firefox\Extensions: [{872A1C39-DF0B-4c8b-AD84-12BA24A3B781}] - C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.2.19770\FFToolbar
  FF HKLM\...\Firefox\Extensions: [{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}] - C:\Program Files\Media Access Startup\1.5.0.850\FF
  
  S3 catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys [X]
  S3 EverestDriver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [X]
  S3 FXDRV; \??\I:\Fxdrv.sys [X]
  S4 IntelIde; No ImagePath
  S3 usbbus; system32\DRIVERS\lgusbbus.sys [X]
  S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
  S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X]
  
  2015-01-09 15:24 - 2015-01-09 15:24 - 00018424 _____ () C:\Documents and Settings\Sysel\Desktop\FRST.txt
  2015-01-09 15:23 - 2015-01-09 15:22 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Sysel\Desktop\FRSTLauncher.exe
  2015-01-09 10:14 - 2015-01-09 10:20 - 00000000 ____D () C:\AdwCleaner
  2015-01-09 10:13 - 2015-01-09 10:13 - 02191360 _____ () C:\Documents and Settings\Sysel\Desktop\adwcleaner_4.107.exe
  2015-01-08 20:06 - 2015-01-08 20:06 - 01107968 _____ () C:\Documents and Settings\Sysel\Desktop\RSIT.exe
  2015-01-08 20:07 - 2012-01-10 20:09 - 00000000 ____D () C:\Program Files\trend micro
  
  Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
  Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
  Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
  Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{439C367F-4342-4FC3-B742-F0C85C5B218E}.job => C:\WINDOWS\system32\msfeedssync.exe
  
  CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
  CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
  CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
  CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
  CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
  CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
  CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
  CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
  CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No File Path
  CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No File Path
  CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{20DD1B9E-87C4-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
  CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{232E456A-87C3-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
  CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{44EC053A-400F-11D0-9DCD-00A0C90391D3}\InprocServer32 -> No File Path
  CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> No File Path
  CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6352-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
  CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6353-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
  CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6354-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
  CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6355-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
  CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6356-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
  CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6357-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
  CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6359-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
  CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{603C7E80-87C2-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
  CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{B09DE715-87C1-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
  CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> No File Path
  CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocServer32 -> No File Path
  CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{FE38753A-44A3-11D1-B5B7-0000C09000C4}\InprocServer32 -> No File Path
  Hosts:
  EmptyTemp:
  End
  

[sysel666]

Java odinstalovana

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-01-2015
Ran by Sysel at 2015-01-09 16:17:14 Run:1
Running from C:\Documents and Settings\Sysel\Desktop
Loaded Profile: Sysel (Available profiles: Sysel & Administrator)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [UserFaultCheck] => %systemroot%\system32\dumprep 0 -u
HKU\S-1-5-21-682003330-1580436667-725345543-1003\...\Run: [SUPERAntiSpyware] => D:\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [6699800 2014-12-24] (SUPERAntiSpyware)
HKU\S-1-5-21-682003330-1580436667-725345543-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-682003330-1580436667-725345543-1003\...\Run: [WEBTRAN] => [X]
HKU\S-1-5-21-682003330-1580436667-725345543-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5282584 2014-11-21] (Piriform Ltd)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-682003330-1580436667-725345543-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: neurowise 1.0.0.6 -> {d08ab008-0647-4784-8e2c-5769cd4a7c3a} -> C:\Program Files\neurowise\neurowiseBHO.dll No File
Toolbar: HKU\S-1-5-21-682003330-1580436667-725345543-1003 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
FF Extension: LoudMo Contextual Ad Assistant - C:\Program Files\Mozilla Firefox\extensions\{bb6d7bc8-efc2-9bb8-9979-f4c87135778d} [2014-08-18]
FF HKLM\...\Firefox\Extensions: [{872A1C39-DF0B-4c8b-AD84-12BA24A3B781}] - C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.2.19770\FFToolbar
FF HKLM\...\Firefox\Extensions: [{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}] - C:\Program Files\Media Access Startup\1.5.0.850\FF

S3 catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys [X]
S3 EverestDriver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [X]
S3 FXDRV; \??\I:\Fxdrv.sys [X]
S4 IntelIde; No ImagePath
S3 usbbus; system32\DRIVERS\lgusbbus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X]

2015-01-09 15:24 - 2015-01-09 15:24 - 00018424 _____ () C:\Documents and Settings\Sysel\Desktop\FRST.txt
2015-01-09 15:23 - 2015-01-09 15:22 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Sysel\Desktop\FRSTLauncher.exe
2015-01-09 10:14 - 2015-01-09 10:20 - 00000000 ____D () C:\AdwCleaner
2015-01-09 10:13 - 2015-01-09 10:13 - 02191360 _____ () C:\Documents and Settings\Sysel\Desktop\adwcleaner_4.107.exe
2015-01-08 20:06 - 2015-01-08 20:06 - 01107968 _____ () C:\Documents and Settings\Sysel\Desktop\RSIT.exe
2015-01-08 20:07 - 2012-01-10 20:09 - 00000000 ____D () C:\Program Files\trend micro

Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{439C367F-4342-4FC3-B742-F0C85C5B218E}.job => C:\WINDOWS\system32\msfeedssync.exe

CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{20DD1B9E-87C4-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{232E456A-87C3-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{44EC053A-400F-11D0-9DCD-00A0C90391D3}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6352-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6353-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6354-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6355-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6356-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6357-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6359-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{603C7E80-87C2-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{B09DE715-87C1-11D1-8BE3-0000F8754DA1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{FE38753A-44A3-11D1-B5B7-0000C09000C4}\InprocServer32 -> No File Path
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\UserFaultCheck => value deleted successfully.
HKU\S-1-5-21-682003330-1580436667-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\SUPERAntiSpyware => value deleted successfully.
HKU\S-1-5-21-682003330-1580436667-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-682003330-1580436667-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\WEBTRAN => value deleted successfully.
HKU\S-1-5-21-682003330-1580436667-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk => Moved successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk => Moved successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d08ab008-0647-4784-8e2c-5769cd4a7c3a}" => Key deleted successfully.
"HKCR\CLSID\{d08ab008-0647-4784-8e2c-5769cd4a7c3a}" => Key deleted successfully.
HKU\S-1-5-21-682003330-1580436667-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value deleted successfully.
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Key not found.
C:\Program Files\Mozilla Firefox\extensions\{bb6d7bc8-efc2-9bb8-9979-f4c87135778d} => Moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\{872A1C39-DF0B-4c8b-AD84-12BA24A3B781} => value deleted successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC} => value deleted successfully.
catchme => Service deleted successfully.
EverestDriver => Service deleted successfully.
FXDRV => Service deleted successfully.
IntelIde => Service deleted successfully.
usbbus => Service deleted successfully.
UsbDiag => Service deleted successfully.
USBModem => Service deleted successfully.
C:\Documents and Settings\Sysel\Desktop\FRST.txt => Moved successfully.
C:\Documents and Settings\Sysel\Desktop\FRSTLauncher.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Documents and Settings\Sysel\Desktop\adwcleaner_4.107.exe => Moved successfully.
C:\Documents and Settings\Sysel\Desktop\RSIT.exe => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => Moved successfully.
C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => Moved successfully.
C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => Moved successfully.
C:\WINDOWS\Tasks\User_Feed_Synchronization-{439C367F-4342-4FC3-B742-F0C85C5B218E}.job => Moved successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}" => Key deleted successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{00020420-0000-0000-C000-000000000046}" => Key deleted successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{00020421-0000-0000-C000-000000000046}" => Key deleted successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{00020422-0000-0000-C000-000000000046}" => Key deleted successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{00020423-0000-0000-C000-000000000046}" => Key deleted successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{00020424-0000-0000-C000-000000000046}" => Key deleted successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{00020425-0000-0000-C000-000000000046}" => Key deleted successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}" => Key deleted successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}" => Key deleted successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}" => Key deleted successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{20DD1B9E-87C4-11D1-8BE3-0000F8754DA1}" => Key deleted successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{232E456A-87C3-11D1-8BE3-0000F8754DA1}" => Key deleted successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{44EC053A-400F-11D0-9DCD-00A0C90391D3}" => Key deleted successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}" => Key deleted successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6352-87C8-11D1-8BE3-0000F8754DA1}" => Key deleted successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6353-87C8-11D1-8BE3-0000F8754DA1}" => Key deleted successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6354-87C8-11D1-8BE3-0000F8754DA1}" => Key deleted successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6355-87C8-11D1-8BE3-0000F8754DA1}" => Key deleted successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6356-87C8-11D1-8BE3-0000F8754DA1}" => Key deleted successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6357-87C8-11D1-8BE3-0000F8754DA1}" => Key deleted successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{586A6359-87C8-11D1-8BE3-0000F8754DA1}" => Key deleted successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{603C7E80-87C2-11D1-8BE3-0000F8754DA1}" => Key deleted successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{B09DE715-87C1-11D1-8BE3-0000F8754DA1}" => Key deleted successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}" => Key deleted successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}" => Key deleted successfully.
"HKU\S-1-5-21-682003330-1580436667-725345543-1003_Classes\CLSID\{FE38753A-44A3-11D1-B5B7-0000C09000C4}" => Key deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 297.7 MB temporary data.


The system needed a reboot.

==== End of Fixlog 16:17:36 ====

[altrok]

Problemy v prohlizeci prestaly? Muzeme zacit uklizet?

[sysel666]

nie, vsetko ok.. len ked sa automaticky mal restartovat tak zamrzol pri modrej obrazovke "vypínanie počítača"

možeme začať

[altrok]

Takze jeste uklidime.

• Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
• Oznacte jen moznost "Remove disinfection tools"
• kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

[sysel666]

Hotovo

Ďakujem ešte raz

[altrok]

Nemate zac, rad jsem pomohl


Mejte se krasne a treba zase nekdy