Zasekava sa PC

[prometeusko]

Brutalne sa zasekava pri surfovani po webe, mam pusteny youtube a pozeram fb seka to velmi. Minule som preinstaloval PC z Win 7 na Win Xp, problem zacal robit po 2 mesiacoch. Minule som prebehol pocitac combofixom a robi to stale tu je hijackthis. Zasekavanie mi neskutocne vadi, ostatne funguje dobre. Najvacsi problem robi scroolovanie mysou, vtedy CPU na facebooku stupne na 100% AVG virus nehlasi, mam AVG tuneup hlasi v dobrej kondicii PC, najhorsie je ked mam viac tabov pustenych napriklad 7 tabov v google chrome, tak pocitac je uz hotovy

Kód: Vybrat vše

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 16:34:06, on 4.3.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21376)

FIREFOX: 32.0.3 (x86 sk)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
c:\PROGRA~1\AVG\AVG2015\avgrsx.exe
C:\Program Files\AVG\AVG2015\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG2015\avgidsagent.exe
C:\Program Files\AVG\AVG2015\avgwdsvc.exe
C:\Program Files\D-Link\GO-USB-N150\ALPBCSVC.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
C:\Program Files\AVG\AVG2015\avgnsx.exe
C:\Program Files\AVG\AVG2015\avgemcx.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
C:\Program Files\WGA Remover\wgaremover.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVG\AVG2015\avgui.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
D:\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O4 - HKLM\..\Run: [WGA Remover] "C:\Program Files\WGA Remover\wgaremover.exe" -silent
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [vilaunch] C:\WINDOWS\system32\vilaunch.exe
O4 - HKLM\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKLM\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun                                                                                                                                                                                                                 
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [uTorrent] "C:\Documents and Settings\Administrator\Application Data\uTorrent\uTorrent.exe"  /MINIMIZED                                                                                                                                                                             
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun                                                                                                                                                                                                                 
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: Stiahnuť s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stiahnuť s IDM všetky prepojenia - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgwdsvc.exe
O23 - Service: D-Link GO-USB-N150_PBC_WPS Service (D-Link GO-USB-N150_PBC_WPS) - Unknown owner - C:\Program Files\D-Link\GO-USB-N150\ALPBCSVC.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe

--
End of file - 6968 bytes

Povodne som si myslel ze je to windowsom preto som presiel na XP, ale tento problem mi robi vrasky aj teraz,

[prometeusko]

Kód: Vybrat vše

# AdwCleaner v4.111 - Logfile created 04/03/2015 at 17:13:09
# Updated 18/02/2015 by Xplode
# Database : 2015-03-02.3 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Administrator
# Running from : D:\adwcleaner_4.111.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Application Data\VideoConverter
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Application Data\ytd video downloader
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Free Video Converter
Folder Deleted : C:\Program Files\Free Video Converter
Folder Deleted : C:\Program Files\GreenTree Applications
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Video Converter
Folder Deleted : C:\Documents and Settings\Administrator\My Documents\Video Converter
File Deleted : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\vc35kbc2.default\user.js

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Free Video Converter
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Free Video Converter
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\softwareupdate.exe

***** [ Web browsers ] *****

-\\ Internet Explorer v7.0.6000.21376


-\\ Mozilla Firefox v32.0.3 (x86 sk)


-\\ Google Chrome v40.0.2214.115


*************************

AdwCleaner[R0].txt - [3256 bytes] - [04/03/2015 17:05:34]
AdwCleaner[S0].txt - [3239 bytes] - [04/03/2015 17:13:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3298  bytes] ##########

[prometeusko]

nikto nepomoze? stale mrzne a zasekava sa

[prometeusko]

znova log z combofix


ComboFix 15-03-01.01 - Administrator 05.03.2015 11:28:42.3.4 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.2814.300 [GMT 1:00]
Running from: D:\ComboFix.exe
AV: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\i8042prt.sys . . . is missing!!
.
.
((((((((((((((((((((((((( Files Created from 2015-02-05 to 2015-03-05 )))))))))))))))))))))))))))))))
.
.
2015-03-04 16:05 . 2015-03-04 16:13 -------- d-----w- C:\AdwCleaner
2015-03-01 12:37 . 2015-03-01 12:50 -------- d-----w- c:\documents and settings\Administrator\Application Data\Subtitle Edit
2015-03-01 12:37 . 2015-03-01 12:37 -------- d-----w- c:\program files\Subtitle Edit
2015-02-26 17:56 . 2015-02-26 17:57 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Avg_Update_0215av
2015-02-23 17:50 . 2015-02-23 17:50 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\AVG
2015-02-23 17:50 . 2015-02-23 17:50 -------- d-----w- c:\documents and settings\NetworkService\Application Data\AVG
2015-02-22 15:36 . 2015-02-12 16:39 37176 ----a-w- c:\windows\system32\TURegOpt.exe
2015-02-22 15:36 . 2015-02-22 15:36 -------- d-----w- c:\documents and settings\Administrator\Application Data\AVG
2015-02-22 15:33 . 2015-02-22 15:33 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Avg
2015-02-22 15:33 . 2015-02-22 15:36 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\AVG
2015-02-22 15:22 . 2015-02-22 15:22 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\TechGenie
2015-02-22 15:21 . 2015-02-22 15:27 -------- d-----w- c:\program files\TechGenie
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-22 15:19 . 2014-06-19 17:11 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-02-22 15:19 . 2014-06-19 17:11 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-01-15 11:56 . 2015-01-15 11:56 23840 ----a-w- c:\windows\system32\drivers\HWiNFO32.SYS
2014-12-08 20:25 . 2014-07-24 13:04 192792 ----a-w- c:\windows\system32\drivers\avgidsdriverlx.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-02-13 . 7E2814A54208F306B284780A3D834BBE . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2014-04-21 10:02 23008 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2015-01-23 31090272]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2014-07-10 3858000]
"uTorrent"="c:\documents and settings\Administrator\Application Data\uTorrent\uTorrent.exe" [2015-01-22 1377872]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WGA Remover"="c:\program files\WGA Remover\wgaremover.exe" [2013-04-03 920576]
"RTHDCPL"="RTHDCPL.EXE" [2014-06-19 20145368]
"vilaunch"="c:\windows\system32\vilaunch.exe" [2011-03-30 184142]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2014-07-10 3858000]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"AVG_UI"="c:\program files\AVG\AVG2015\avgui.exe" [2015-01-06 3674576]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_2"="shell32" [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SoftwareSASGeneration"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2015\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, msnsspc.dll
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Documents and Settings\\Administrator\\Application Data\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\bin\\steamwebhelper.exe"=
"c:\\Program Files\\LibreOffice 4\\program\\soffice.bin"=
"c:\\Program Files\\AVG\\AVG2015\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2015\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2015\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2015\\avgemcx.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [18.6.2014 21:16 154904]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [18.7.2014 15:55 230680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [18.6.2014 21:03 27416]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [18.6.2014 21:03 121624]
R1 AVGIDSDriverl;AVGIDSDriverl;c:\windows\system32\drivers\avgidsdriverlx.sys [24.7.2014 14:04 192792]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [18.6.2014 21:03 21272]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [20.8.2014 21:49 192792]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2.7.2014 10:01 200984]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [1.6.2014 13:54 243128]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [15.1.2015 12:56 23840]
R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [10.7.2014 15:51 121440]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [13.7.2014 16:32 204064]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [13.7.2014 16:32 104736]
R2 ANPD;ANPD Service;c:\windows\system32\ANPD.SYS [25.5.2014 3:00 29411]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2015\avgwdsvc.exe [6.1.2015 21:49 309232]
R2 D-Link GO-USB-N150_PBC_WPS;D-Link GO-USB-N150_PBC_WPS Service;c:\program files\D-Link\GO-USB-N150\ALPBCSVC.exe [18.10.2014 15:35 61440]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [12.2.2015 17:39 2161976]
R3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\drivers\gflmouhid.sys [7.8.2003 15:42 6528]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [13.1.2015 11:16 12320]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [16.5.2014 14:24 116512]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\drivers\VBoxNetFlt.sys [16.5.2014 14:24 126752]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2015\avgidsagent.exe [6.1.2015 21:58 3440080]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2.1.2015 19:45 315488]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [24.5.2014 21:08 1691480]
S4 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [16.12.2014 11:58 244448]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-03-04 16:23 1059656 ----a-w- c:\program files\Google\Chrome\Application\41.0.2272.76\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-03-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-19 15:19]
.
2015-02-22 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]
.
2015-02-27 c:\windows\Tasks\AVG_SYS_TASK_0215av_RUN.job
- c:\documents and settings\All Users.WINDOWS\Application Data\Avg_Update_0215av\AVG-Secure-Search-Update_0215av.exe [2015-02-26 14:16]
.
2015-01-15 c:\windows\Tasks\AVG_SYS_TASK_1014av_RUN.job
- c:\documents and settings\All Users.WINDOWS\Application Data\Avg_Update_1014av\AVG-Secure-Search-Update_1014av.exe [2015-01-15 13:50]
.
2015-02-22 c:\windows\Tasks\Driver Booster Scan.job
- c:\program files\IObit\Driver Booster\Scheduler.exe [2014-06-19 15:30]
.
2015-02-22 c:\windows\Tasks\Driver Booster Update.job
- c:\program files\IObit\Driver Booster\AutoUpdate.exe [2014-06-19 14:00]
.
2015-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf8dfee7ca31d2.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-05-24 17:56]
.
2015-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cff0555e8b16b6.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-05-24 17:56]
.
2015-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0000b35fdee7e.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-05-24 17:56]
.
2015-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d042d0a2d2b7b6.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-05-24 17:56]
.
2015-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-05-24 17:56]
.
2015-01-15 c:\windows\Tasks\Microsoft Windows XP End of Service Notification Logon.job
- c:\windows\system32\xp_eos.exe [2014-05-24 01:59]
.
2015-01-15 c:\windows\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
- c:\windows\system32\xp_eos.exe [2014-05-24 01:59]
.
.
------- Supplementary Scan -------
.
IE: Stiahnuť s IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Stiahnuť s IDM všetky prepojenia - c:\program files\Internet Download Manager\IEGetAll.htm
TCP: DhcpNameServer = 192.168.1.1
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\vc35kbc2.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-03-05 11:32
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):ee,a9,8b,ca,43,f6,76,dd,83,18,72,ea,ee,f6,14,37,4c,55,f8,01,c8,
ac,f2,c2,32,97,9c,54,a6,e6,27,aa,ee,0e,54,4f,a1,5f,d7,80,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{9dc61f3f-61f2-4e67-9d6a-589e6893a94a}]
@Denied: (Full) (Everyone)
"Model"=dword:00000019
"Therad"=dword:00000009
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1220)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(4380)
c:\windows\system32\WININET.dll
c:\program files\Internet Download Manager\IDMShellExt.dll
c:\program files\Internet Download Manager\IDMNetMon.DLL
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll
c:\windows\system32\WindowsPowerShell\v1.0\pwrshsip.dll
c:\program files\Microsoft Silverlight\xapauthenticodesip.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2015-03-05 11:33:10
ComboFix-quarantined-files.txt 2015-03-05 10:33
ComboFix2.txt 2015-01-15 11:46
ComboFix3.txt 2014-10-10 15:19
.
Pre-Run: 180 941 697 024 bytes free
Post-Run: 9 adresárov, 180 976 484 352 voľných bajtov
.
- - End Of File - - BA85CBB0EC3DA6A3D3C4A51960CBD754
8F558EB6672622401DA993E1E865C861

[Rudy]

Proč spouštíte ComboFix, utilitu určenou pouze odborníkům. Četl jste pravidla: http://forum.viry.cz/viewtopic.php?f=12&t=5601 (bod 3)? Dejte log RSIT: http://forum.viry.cz/viewtopic.php?f=13&t=130786 .

[prometeusko]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Administrator at 2015-03-06 19:55:09
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 175 GB (87%) free of 200 GB
Total RAM: 2814 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:56:18, on 6.3.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21376)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
c:\PROGRA~1\AVG\AVG2015\avgrsx.exe
C:\Program Files\AVG\AVG2015\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG2015\avgidsagent.exe
C:\Program Files\AVG\AVG2015\avgwdsvc.exe
C:\Program Files\D-Link\GO-USB-N150\ALPBCSVC.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\AVG\AVG2015\avgnsx.exe
C:\Program Files\AVG\AVG2015\avgemcx.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WGA Remover\wgaremover.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVG\AVG2015\avgui.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
D:\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O4 - HKLM\..\Run: [WGA Remover] "C:\Program Files\WGA Remover\wgaremover.exe" -silent
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [vilaunch] C:\WINDOWS\system32\vilaunch.exe
O4 - HKLM\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKLM\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [uTorrent] "C:\Documents and Settings\Administrator\Application Data\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Viber] "C:\Documents and Settings\Administrator\Local Settings\Application Data\Viber\Viber.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: Stiahnuť s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stiahnuť s IDM všetky prepojenia - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgwdsvc.exe
O23 - Service: D-Link GO-USB-N150_PBC_WPS Service (D-Link GO-USB-N150_PBC_WPS) - Unknown owner - C:\Program Files\D-Link\GO-USB-N150\ALPBCSVC.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe

--
End of file - 6739 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
C:\WINDOWS\tasks\AVG_SYS_TASK_0215av_RUN.job - C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg_Update_0215av\AVG-Secure-Search-Update_0215av.exe --REGISTER --CMPID=0215av --mid=71af935e92b447cd8788a91d68c771e8-9f2a0b223061bfa726b1fd72f99ff1bccfa5770f
C:\WINDOWS\tasks\AVG_SYS_TASK_1014av_RUN.job - C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg_Update_1014av\AVG-Secure-Search-Update_1014av.exe --REGISTER --CMPID=1014av --mid=71af935e92b447cd8788a91d68c771e8-9f2a0b223061bfa726b1fd72f99ff1bccfa5770f
C:\WINDOWS\tasks\Driver Booster Scan.job - C:\Program Files\IObit\Driver Booster\Scheduler.exe /scan
C:\WINDOWS\tasks\Driver Booster Update.job - C:\Program Files\IObit\Driver Booster\AutoUpdate.exe /auto
C:\WINDOWS\tasks\DriverEasy Scheduled Scan.job - C:\Program Files\Easeware\DriverEasy\DriverEasy.exe --scan
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cf8dfee7ca31d2.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cff0555e8b16b6.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0000b35fdee7e.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d042d0a2d2b7b6.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job - C:\WINDOWS\system32\xp_eos.exe

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\vc35kbc2.default

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@alibaba.com/nptrademanager;version=1.0]
"Description"=TradeManager Plug-In For Firefox and Netscape
"Path"=C:\Program Files\TradeManager\nptrademanager.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@alibaba.com/npwangwang;version=1.0]
"Description"=AliWangWang Plug-In For Firefox and Netscape
"Path"=C:\Program Files\TradeManager\npwangwang.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\vc35kbc2.default\extensions\
abs@avira.com
jid1-4P0kohSJxU1qGg@jetpack

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files\Internet Download Manager\IDMIECC.dll [2014-07-10 417816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"WGA Remover"=C:\Program Files\WGA Remover\wgaremover.exe [2013-04-03 920576]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2014-06-19 20145368]
"vilaunch"=C:\WINDOWS\system32\vilaunch.exe [2011-03-30 184142]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2014-07-10 3858000]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"AVG_UI"=C:\Program Files\AVG\AVG2015\avgui.exe [2015-01-06 3674576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2015-01-23 31090272]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2014-07-10 3858000]
"uTorrent"=C:\Documents and Settings\Administrator\Application Data\uTorrent\uTorrent.exe [2015-01-22 1377872]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Viber"=C:\Documents and Settings\Administrator\Local Settings\Application Data\Viber\Viber.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2014-06-19 192512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-02-12 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, msnsspc.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Documents and Settings\Administrator\Application Data\uTorrent\uTorrent.exe"="C:\Documents and Settings\Administrator\Application Data\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\bin\steamwebhelper.exe"="C:\Program Files\Steam\bin\steamwebhelper.exe:*:Enabled:Steam Web Helper"
"C:\Program Files\LibreOffice 4\program\soffice.bin"="C:\Program Files\LibreOffice 4\program\soffice.bin:*:Enabled:LibreOffice"
"C:\Program Files\AVG\AVG2015\avgnsx.exe"="C:\Program Files\AVG\AVG2015\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG2015\avgdiagex.exe"="C:\Program Files\AVG\AVG2015\avgdiagex.exe:*:Enabled:AVG Diagnostika 2015"
"C:\Program Files\AVG\AVG2015\avgmfapx.exe"="C:\Program Files\AVG\AVG2015\avgmfapx.exe:*:Enabled:Inštalátor produktu AVG"
"C:\Program Files\AVG\AVG2015\avgemcx.exe"="C:\Program Files\AVG\AVG2015\avgemcx.exe:*:Enabled:Všeobecná kontrola pošty"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=l3codeca.acm
"vidc.iv41"=ir41_32.ax
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.mp4e"=MPEG4Evfw.dll

======List of files/folders created in the last 1 month======

2015-03-06 19:55:09 ----D---- C:\rsit
2015-03-06 16:05:23 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-06 15:37:45 ----A---- C:\WINDOWS\system32\RTNUninst32.dll
2015-03-06 15:37:45 ----A---- C:\WINDOWS\system32\RtNicProp32.dll
2015-03-06 15:14:54 ----D---- C:\Program Files\Easeware
2015-03-06 15:03:09 ----D---- C:\Documents and Settings\Administrator\Application Data\ViberPC
2015-03-05 14:25:11 ----SHD---- C:\RECYCLER
2015-03-05 13:40:15 ----A---- C:\DelFix.txt
2015-03-05 13:36:11 ----D---- C:\Program Files\trend micro
2015-03-05 11:33:12 ----D---- C:\WINDOWS\temp
2015-03-01 13:37:07 ----D---- C:\Program Files\Subtitle Edit
2015-03-01 13:37:07 ----D---- C:\Documents and Settings\Administrator\Application Data\Subtitle Edit
2015-02-26 18:56:53 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg_Update_0215av
2015-02-22 16:36:43 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2015-02-22 16:36:19 ----D---- C:\Documents and Settings\Administrator\Application Data\AVG
2015-02-22 16:33:00 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG
2015-02-22 16:22:06 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\TechGenie
2015-02-22 16:21:44 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\TechGenieSD
2015-02-22 16:21:19 ----D---- C:\Program Files\TechGenie

======List of files/folders modified in the last 1 month======

2015-03-06 19:55:05 ----D---- C:\Documents and Settings\Administrator\Application Data\IDM
2015-03-06 19:54:33 ----D---- C:\Documents and Settings\Administrator\Application Data\Skype
2015-03-06 19:54:29 ----D---- C:\WINDOWS\system32
2015-03-06 19:54:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-06 19:53:21 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\MFAData
2015-03-06 19:53:11 ----D---- C:\WINDOWS\system32\CatRoot2
2015-03-06 16:07:03 ----D---- C:\Documents and Settings\Administrator\Application Data\DMCache
2015-03-06 16:05:52 ----D---- C:\WINDOWS
2015-03-06 16:04:03 ----D---- C:\WINDOWS\system32\config
2015-03-06 15:37:50 ----D---- C:\WINDOWS\system32\drivers
2015-03-06 15:37:47 ----HD---- C:\WINDOWS\inf
2015-03-06 15:37:45 ----D---- C:\Program Files\Realtek
2015-03-06 15:37:41 ----HD---- C:\Program Files\InstallShield Installation Information
2015-03-06 15:34:34 ----D---- C:\WINDOWS\system32\ReinstallBackups
2015-03-06 15:15:01 ----SD---- C:\WINDOWS\Tasks
2015-03-06 15:14:54 ----RD---- C:\Program Files
2015-03-06 15:14:47 ----D---- C:\Program Files\The KMPlayer
2015-03-06 09:30:02 ----SHD---- C:\System Volume Information
2015-03-06 09:30:02 ----D---- C:\WINDOWS\system32\Restore
2015-03-05 20:42:07 ----D---- C:\WINDOWS\Prefetch
2015-03-05 11:32:22 ----A---- C:\WINDOWS\system.ini
2015-03-05 11:30:07 ----D---- C:\WINDOWS\AppPatch
2015-03-05 11:30:04 ----D---- C:\Program Files\Common Files
2015-03-04 21:14:29 ----D---- C:\WINDOWS\system32\LogFiles
2015-03-01 13:55:19 ----D---- C:\Download
2015-03-01 13:37:53 ----RSD---- C:\WINDOWS\assembly
2015-02-24 18:27:12 ----SHD---- C:\WINDOWS\Installer
2015-02-23 21:01:44 ----D---- C:\Program Files\Steam
2015-02-23 13:37:33 ----D---- C:\WINDOWS\Microsoft.NET
2015-02-23 10:37:48 ----D---- C:\Documents and Settings\Administrator\Application Data\uTorrent
2015-02-23 09:45:40 ----D---- C:\WINDOWS\WinSxS
2015-02-22 17:05:45 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2015-02-22 16:34:14 ----D---- C:\Program Files\AVG
2015-02-22 16:27:08 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG2015
2015-02-22 16:24:40 ----SD---- C:\WINDOWS\Downloaded Program Files
2015-02-22 16:21:56 ----RSD---- C:\WINDOWS\Fonts
2015-02-22 16:19:29 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-02-18 19:48:05 ----D---- C:\Documents and Settings\Administrator\Application Data\Apple Computer
2015-02-18 11:29:58 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype
2015-02-18 11:29:56 ----RD---- C:\Program Files\Skype
2015-02-11 07:38:28 ----D---- C:\WINDOWS\Debug
2015-02-11 07:23:54 ----D---- C:\WINDOWS\system32\MRT
2015-02-11 07:18:49 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2014-11-18 154904]
R0 Avglogx;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avglogx.sys [2014-07-18 230680]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2014-10-05 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2014-06-18 27416]
R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61824]
R1 AmdPPM;AMD HwPState Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 Avgdiskx;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiskx.sys [2014-06-18 121624]
R1 AVGIDSDriverl;AVGIDSDriverl; C:\WINDOWS\system32\DRIVERS\avgidsdriverlx.sys [2014-12-08 192792]
R1 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2014-06-18 21272]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2014-08-28 192792]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2014-10-10 200984]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2014-06-01 243128]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\system32\drivers\HWiNFO32.SYS []
R1 IDMTDI;IDMTDI; C:\WINDOWS\system32\DRIVERS\idmtdi.sys [2014-06-09 121440]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 VBoxDrv;VirtualBox Service; C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2014-05-16 204064]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2014-05-16 104736]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 ANPD;ANPD Service; \??\C:\WINDOWS\system32\ANPD.sys []
R2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2008-05-29 62848]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2014-06-19 7874560]
R3 genmcmnUSB;USB Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gflmouhid.sys [2003-08-07 6528]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2014-06-19 5630168]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2008-04-14 12160]
R3 rt2870;D-Link dnetr28u USB Extensible Wireless LAN Card Driver; C:\WINDOWS\System32\DRIVERS\Drt2870.sys [2011-11-14 1213632]
R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtKHDMI.sys [2014-06-19 4125352]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2014-12-04 441048]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys []
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2014-05-16 116512]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys [2014-05-16 126752]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2014-06-19 1691480]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2007-07-20 84992]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2014-06-19 1395800]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2008-09-29 133632]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2014-06-19 643072]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [2015-01-06 3440080]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [2015-01-06 309232]
R2 D-Link GO-USB-N150_PBC_WPS;D-Link GO-USB-N150_PBC_WPS Service; C:\Program Files\D-Link\GO-USB-N150\ALPBCSVC.exe [2010-08-16 61440]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2015-02-12 2161976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-24 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-22 267440]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-30 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-24 116648]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-30 881664]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [2014-10-28 244448]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-24 114288]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------




info.txt logfile of random's system information tool 1.10 2015-03-06 19:56:20

======MBR======

0x33C08ED0BC007CFB5007501FFCBE1B7CBF1B065057B9E501F3A4CBBDBE07B104386E007C09751383C510E2F4CD188BF583C610497419382C74F6A0B507B4078BF0AC3C0074FCBB0700B40ECD10EBF2884E10E84600732AFE4610807E040B740B807E040C7405A0B60775D2804602068346080683560A00E821007305A0B607EBBC813EFE7D55AA740B807E100074C8A0B707EBA98BFC1E578BF5CBBF05008A5600B408CD1372238AC1243F988ADE8AFC43F7E38BD186D6B106D2EE42F7E239560A77237205394608731CB80102BB007C8B4E028B5600CD1373514F744E32E48A5600CD13EBE48A560060BBAA55B441CD13723681FB55AA7530F6C101742B61606A006A00FF760AFF76086A0068007C6A016A10B4428BF4CD136161730E4F740B32E48A5600CD13EBD661F9C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002C44639381040000008001010007FEFFFF3F00000059E569180000C1FF0FFEFFFF98E56918E827CE21000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 16 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_16_0_0_305_ActiveX.exe -maintain activex
Adobe Flash Player 16 NPAPI-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe -maintain plugin
Any Video Converter 5.6.6-->"C:\Program Files\AnvSoft\Any Video Converter\unins000.exe"
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
Ashampoo Burning Studio 6 FREE v.6.84-->"C:\Program Files\Ashampoo\Ashampoo Burning Studio 6 FREE\unins000.exe"
AVG 2015-->"C:\Program Files\AVG\AVG2015\avgmfapx.exe" /AppMode=SETUP /Uninstall /UDS=1
AVG 2015-->MsiExec.exe /I{B6FCA7E7-F332-4C5E-A6E5-5056F051352D}
AVG 2015-->MsiExec.exe /I{FA7E5FCB-CD57-4546-B6C7-3918CC9FBF3A}
AVG PC TuneUp 2015-->C:\Program Files\AVG\AVG PC TuneUp\TUInstallHelper.exe --Trigger-Uninstall
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
DAEMON Tools Lite-->C:\Program Files\DAEMON Tools Lite\uninst.exe
D-Link GO-USB-N150-->C:\Program Files\InstallShield Installation Information\{0292AEE7-0869-4A93-8AC7-E1748F00CD64}\setup.exe -runfromtemp -l0x0005 -removeonly
Driver Booster 2.1-->"C:\Program Files\IObit\Driver Booster\unins000.exe"
DriverEasy 4.9.0-->"C:\Program Files\Easeware\DriverEasy\unins000.exe"
FlashRip(Full Version)-->"C:\Program Files\FlashRip(Full Version)\unins000.exe"
FormatFactory 3.3.5.0-->C:\Program Files\FreeTime\FormatFactory\uninst.exe
Foxit Cloud-->"C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\unins000.exe"
Foxit Reader-->"C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\unins000.exe"
Free TS Converter 1.0.12-->"C:\Program Files\topsevenreviews\Free TS Converter\unins000.exe"
Free Video Joiner-->"C:\Program Files\Free Video Joiner\unins000.exe"
Freemake Video Converter verzia 4.1.4-->"C:\Program Files\Freemake\Freemake Video Converter\Uninstall\unins000.exe"
Google Chrome-->"C:\Program Files\Google\Chrome\Application\41.0.2272.76\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Haali Media Splitter-->"C:\Program Files\Haali\MatroskaSplitter\uninstall.exe"
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Internet Download Manager-->C:\Program Files\Internet Download Manager\Uninstall.exe
IrfanView (remove only)-->"C:\Program Files\IrfanView\iv_uninstall.exe"
ISO Opener-->"C:\Program Files\ISO Opener\unins000.exe"
K-Lite Mega Codec Pack 10.4.5-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Microsoft .NET Framework 1.1 Security Update (KB2833941)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2833941\M2833941Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft .NET Framework 4 Extended-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{0A0CADCF-78DA-33C4-A350-CD51849B9702}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Mozilla Firefox 32.0.3 (x86 sk)-->"C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"
MP4Joiner v2.1.2-->"C:\Program Files\MP4Joiner\unins000.exe"
MPEG4E VFW - H.264/MPEG-4 AVC codec (remove only)-->C:\WINDOWS\system32\MPEG4E-uninstall.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Open Video Converter version 3.0.1-->"C:\Program Files\OpenVideoConverter\unins000.exe"
Oracle VM VirtualBox 4.3.12-->MsiExec.exe /I{D90E08B8-E7BB-4D29-8249-8670D4CC24BD}
Paint.NET v3.5.8-->MsiExec.exe /X{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}
PCHand Media Converter Free 1.3.0.1-->"C:\Program Files\PCHand\Media Converter Free\unins000.exe"
Polda 6 verze 1.0-->"D:\Polda6\unins000.exe"
Quake Live-->"C:\Program Files\Quake Live\uninstall.exe"
Quick AVI Joiner v2.0-->"C:\Program Files\Quick AVI Joiner\unins000.exe"
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -removeonly
Realtek HDMI Audio Driver for ATI-->RtaUpd.exe -k -m -nrg2709
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
Safari-->MsiExec.exe /I{C779648B-410E-4BBA-B75B-5815BCEFE71D}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {94EFE014-E577-310B-B2D5-6973A21D8A90} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {939AF4BC-EC42-38D1-AE82-91D4A7ED8911} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8433C01-319F-3370-850E-87C35496299A} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {48B0C142-A0F4-3263-90E1-1984CBB8DD18} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {67A5F99B-5EBA-3812-8D2E-BC251490DD3F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {CD6D9B8A-BBC4-3FA7-B24D-D74CE90630CF} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FCBF8C05-F031-381A-8B7F-45403B55ADF5} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {ECBEE23D-AB7E-3DAA-B66B-CD52003198F1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {788818B1-B191-3217-A210-7ACFDE19CE4A} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B7C20E16-9A3A-3F05-A6B5-E15AA09200E0} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {1E88AFAE-CEF7-3540-8FF6-6D00877B2767} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8BA4E34D-95C5-3907-87E4-62FBB31A2190} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {21AEAFE4-6F0E-3169-A09C-9FB37C77E555} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A6DE5FA9-FB19-3045-92FD-85B22CB16EB8} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {229E3EA4-C2A3-3031-86A5-9BC8396F945B} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {42A3562E-8B4E-39A4-B82D-CC12F82889E3} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {FCBF8C05-F031-381A-8B7F-45403B55ADF5} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {788818B1-B191-3217-A210-7ACFDE19CE4A} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {8BA4E34D-95C5-3907-87E4-62FBB31A2190} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2901110v2)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {229E3EA4-C2A3-3031-86A5-9BC8396F945B} /parameterfolder Extended
Security Update for Windows Internet Explorer 7 (KB2936068)-->"C:\WINDOWS\ie7updates\KB2936068-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB2964358)-->"C:\WINDOWS\ie7updates\KB2964358-IE7\spuninst\spuninst.exe"
Skype™ 7.1-->MsiExec.exe /X{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
Steam-->C:\Program Files\Steam\uninstall.exe
Stronghold Crusader Extreme-->"C:\Program Files\InstallShield Installation Information\{8C3727F2-8E37-49E4-820C-03B1677F53B6}\setup.exe" -runfromtemp -l0x0009 -removeonly
Subtitle Edit 3.4.5-->"C:\Program Files\Subtitle Edit\unins000.exe"
Subtitle Workshop 2.51-->"C:\Program Files\URUSoft\Subtitle Workshop\uninstall.exe"
Surfing Protection-->"C:\Program Files\IObit\Surfing Protection\unins000.exe"
TechGenie-->MsiExec.exe /I{7DCFCB23-671F-4267-A04F-7FA185DC4063}
TechGenie-->MsiExec.exe /I{F67D6477-7C02-4082-8FBB-78FD55095A10}
The KMPlayer (remove only)-->"C:\Program Files\The KMPlayer\uninstall.exe"
Total Commander (Remove or Repair)-->C:\Program Files\totalcmd\tcuninst.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {D5B80B17-2443-3296-A700-792FAA0748BD} /parameterfolder Client
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {D5B80B17-2443-3296-A700-792FAA0748BD} /parameterfolder Extended
Visual Studio 2012 x86 Redistributables-->MsiExec.exe /I{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
VLC media player 2.1.3-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WGA Remover version 1.3-->"C:\Program Files\WGA Remover\unins000.exe"
Windows Management Framework Core-->"C:\WINDOWS\$968930Uinstall_KB968930$\spuninst\spuninst.exe"
Windows Rights Management Client Backwards Compatibility SP2-->MsiExec.exe /X{EC905264-BCFE-423B-9C42-C3A106266790}
Windows Rights Management Client Backwards Compatibility SP2-->MsiExec.exe /X{EC905264-BCFE-423B-9C42-C3A106266790}
Windows Rights Management Client with Service Pack 2-->MsiExec.exe /X{BDCF27CA-BFC4-4F49-8D24-A925C9505AB8}
Windows Rights Management Client with Service Pack 2-->MsiExec.exe /X{BDCF27CA-BFC4-4F49-8D24-A925C9505AB8}
WinRAR 5.10 (32-bit)-->C:\Program Files\WinRAR\uninstall.exe
WinX DVD Ripper Platinum 7.5.5-->"C:\Program Files\Digiarty\WinX_DVD_Ripper_Platinum\unins000.exe"
Xilisoft Video Joiner 2-->C:\Program Files\Xilisoft\Video Joiner 2\Uninstall.exe

======Security center information======

AV: AVG AntiVirus Free Edition 2015

======System event log======

Computer Name: DOMACNOS-SV3H6Y
Event Code: 6005
Message: Spustila sa služba Denník udalostí.

Record Number: 5
Source Name: EventLog
Time Written: 20150306160530.000000+060
Event Type: informácie
User:

Computer Name: DOMACNOS-SV3H6Y
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Multiprocessor Free.

Record Number: 4
Source Name: EventLog
Time Written: 20150306160530.000000+060
Event Type: informácie
User:

Computer Name: DOMACNOS-SV3H6Y
Event Code: 6006
Message: Zastavila sa služba Denník udalostí.

Record Number: 3
Source Name: EventLog
Time Written: 20150306160421.000000+060
Event Type: informácie
User:

Computer Name: DOMACNOS-SV3H6Y
Event Code: 7036
Message: Služba Ati HotKey Poller vstúpila do stavu Zastavené.

Record Number: 2
Source Name: Service Control Manager
Time Written: 20150306160410.000000+060
Event Type: informácie
User:

Computer Name: DOMACNOS-SV3H6Y
Event Code: 1074
Message: Proces winlogon.exe inicializoval reštartovanie DOMACNOS-SV3H6Y z nasledujúcej príčiny: Pre túto príčinu sa nepodarilo nájsť žiadny titul.

Vedľajšia príčina: 0x13

Typ vypnutia: znovu zaviesť

Komentár:

Record Number: 1
Source Name: USER32
Time Written: 20150306160409.000000+060
Event Type: informácie
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: DOMACNOS-SV3H6Y
Event Code: 1800
Message: Služba Centrum zabezpečenia systému Windows sa spustila.

Record Number: 5
Source Name: SecurityCenter
Time Written: 20150306160542.000000+060
Event Type: informácie
User:

Computer Name: DOMACNOS-SV3H6Y
Event Code: 0
Message:
Record Number: 4
Source Name: gupdate
Time Written: 20150306160539.000000+060
Event Type: informácie
User:

Computer Name: DOMACNOS-SV3H6Y
Event Code: 100
Message: Service started.

Record Number: 3
Source Name: SkypeUpdate
Time Written: 20150306160538.000000+060
Event Type: informácie
User:

Computer Name: DOMACNOS-SV3H6Y
Event Code: 0
Message:
Record Number: 2
Source Name: D-Link GO-USB-N150_PBC_WPS
Time Written: 20150306160536.000000+060
Event Type: informácie
User:

Computer Name: DOMACNOS-SV3H6Y
Event Code: 1517
Message: Systém Windows uložil databázu Registry používateľa DOMACNOS-SV3H6Y\Administrator, aj napriek tomu, že aplikácia alebo služba počas odhlásenia ešte databázu Registry používala. Pamäť používaná databázou Registry používateľa nebola uvoľnená. Databáza Registry bude odstránená, keď už nebude používaná.


Toto je často spôsobené službami spustenými ako prostredníctvom používateľského konta. Pokúste sa nakonfigurovať služby tak, aby pracovali v konte LocalService alebo NetworkService.

Record Number: 1
Source Name: Userenv
Time Written: 20150306160418.000000+060
Event Type: upozornenie
User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\WINDOWS\system32\WindowsPowerShell\v1.0
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=x86 Family 16 Model 4 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=0402
"NUMBER_OF_PROCESSORS"=4
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"PSModulePath"=C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\
"VBOX_MSI_INSTALL_PATH"=C:\Program Files\Oracle\VirtualBox\

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://www.itxassociates.com/OT-Tools/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cf8dfee7ca31d2.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cff0555e8b16b6.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0000b35fdee7e.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d042d0a2d2b7b6.job

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypnět antivir a po něm restartujte PC. Dejte nový log RSIT.

[prometeusko]

po nastartovani sa zobrazila hlaska chybova ohladom wivc.exe, v tvare not found a potom este jedna chybova hlaska, doteraz to nezobrazovalo.




All processes killed
========== FILES ==========
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cf8dfee7ca31d2.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cff0555e8b16b6.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0000b35fdee7e.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d042d0a2d2b7b6.job moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 10341927 bytes
->Temporary Internet Files folder emptied: 2647434 bytes
->FireFox cache emptied: 4561152 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 5605376 bytes
->Flash cache emptied: 3794 bytes

User: All Users

User: All Users.WINDOWS

User: Default User

User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16540 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 54632 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 22,00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: All Users.WINDOWS

User: Default User

User: Default User.WINDOWS

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 03062015_210938

Files moved on Reboot...

Registry entries deleted on Reboot...






Logfile of random's system information tool 1.10 (written by random/random)
Run by Administrator at 2015-03-06 21:14:07
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 175 GB (87%) free of 200 GB
Total RAM: 2814 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:14:11, on 6.3.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21376)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
c:\PROGRA~1\AVG\AVG2015\avgrsx.exe
C:\Program Files\AVG\AVG2015\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG2015\avgidsagent.exe
C:\Program Files\AVG\AVG2015\avgwdsvc.exe
C:\Program Files\D-Link\GO-USB-N150\ALPBCSVC.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AVG\AVG2015\avgnsx.exe
C:\Program Files\AVG\AVG2015\avgemcx.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
C:\Program Files\WGA Remover\wgaremover.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\AVG\AVG2015\avgui.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
D:\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O4 - HKLM\..\Run: [WGA Remover] "C:\Program Files\WGA Remover\wgaremover.exe" -silent
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [vilaunch] C:\WINDOWS\system32\vilaunch.exe
O4 - HKLM\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKLM\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [uTorrent] "C:\Documents and Settings\Administrator\Application Data\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Viber] "C:\Documents and Settings\Administrator\Local Settings\Application Data\Viber\Viber.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: Stiahnuť s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stiahnuť s IDM všetky prepojenia - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgwdsvc.exe
O23 - Service: D-Link GO-USB-N150_PBC_WPS Service (D-Link GO-USB-N150_PBC_WPS) - Unknown owner - C:\Program Files\D-Link\GO-USB-N150\ALPBCSVC.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe

--
End of file - 6779 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
C:\WINDOWS\tasks\AVG_SYS_TASK_0215av_RUN.job - C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg_Update_0215av\AVG-Secure-Search-Update_0215av.exe --REGISTER --CMPID=0215av --mid=71af935e92b447cd8788a91d68c771e8-9f2a0b223061bfa726b1fd72f99ff1bccfa5770f
C:\WINDOWS\tasks\AVG_SYS_TASK_1014av_RUN.job - C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg_Update_1014av\AVG-Secure-Search-Update_1014av.exe --REGISTER --CMPID=1014av --mid=71af935e92b447cd8788a91d68c771e8-9f2a0b223061bfa726b1fd72f99ff1bccfa5770f
C:\WINDOWS\tasks\Driver Booster Scan.job - C:\Program Files\IObit\Driver Booster\Scheduler.exe /scan
C:\WINDOWS\tasks\Driver Booster Update.job - C:\Program Files\IObit\Driver Booster\AutoUpdate.exe /auto
C:\WINDOWS\tasks\DriverEasy Scheduled Scan.job - C:\Program Files\Easeware\DriverEasy\DriverEasy.exe --scan
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job - C:\WINDOWS\system32\xp_eos.exe

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\vc35kbc2.default

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@alibaba.com/nptrademanager;version=1.0]
"Description"=TradeManager Plug-In For Firefox and Netscape
"Path"=C:\Program Files\TradeManager\nptrademanager.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@alibaba.com/npwangwang;version=1.0]
"Description"=AliWangWang Plug-In For Firefox and Netscape
"Path"=C:\Program Files\TradeManager\npwangwang.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\vc35kbc2.default\extensions\
abs@avira.com
jid1-4P0kohSJxU1qGg@jetpack

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files\Internet Download Manager\IDMIECC.dll [2014-07-10 417816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"WGA Remover"=C:\Program Files\WGA Remover\wgaremover.exe [2013-04-03 920576]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2014-06-19 20145368]
"vilaunch"=C:\WINDOWS\system32\vilaunch.exe [2011-03-30 184142]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2014-07-10 3858000]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"AVG_UI"=C:\Program Files\AVG\AVG2015\avgui.exe [2015-01-06 3674576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2015-01-23 31090272]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2014-07-10 3858000]
"uTorrent"=C:\Documents and Settings\Administrator\Application Data\uTorrent\uTorrent.exe [2015-01-22 1377872]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Viber"=C:\Documents and Settings\Administrator\Local Settings\Application Data\Viber\Viber.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2014-06-19 192512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-02-12 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, msnsspc.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Documents and Settings\Administrator\Application Data\uTorrent\uTorrent.exe"="C:\Documents and Settings\Administrator\Application Data\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\bin\steamwebhelper.exe"="C:\Program Files\Steam\bin\steamwebhelper.exe:*:Enabled:Steam Web Helper"
"C:\Program Files\LibreOffice 4\program\soffice.bin"="C:\Program Files\LibreOffice 4\program\soffice.bin:*:Enabled:LibreOffice"
"C:\Program Files\AVG\AVG2015\avgnsx.exe"="C:\Program Files\AVG\AVG2015\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG2015\avgdiagex.exe"="C:\Program Files\AVG\AVG2015\avgdiagex.exe:*:Enabled:AVG Diagnostika 2015"
"C:\Program Files\AVG\AVG2015\avgmfapx.exe"="C:\Program Files\AVG\AVG2015\avgmfapx.exe:*:Enabled:Inštalátor produktu AVG"
"C:\Program Files\AVG\AVG2015\avgemcx.exe"="C:\Program Files\AVG\AVG2015\avgemcx.exe:*:Enabled:Všeobecná kontrola pošty"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=l3codeca.acm
"vidc.iv41"=ir41_32.ax
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.mp4e"=MPEG4Evfw.dll

======List of files/folders created in the last 1 month======

2015-03-06 19:55:09 ----D---- C:\rsit
2015-03-06 16:05:23 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-06 15:37:45 ----A---- C:\WINDOWS\system32\RTNUninst32.dll
2015-03-06 15:37:45 ----A---- C:\WINDOWS\system32\RtNicProp32.dll
2015-03-06 15:14:54 ----D---- C:\Program Files\Easeware
2015-03-06 15:03:09 ----D---- C:\Documents and Settings\Administrator\Application Data\ViberPC
2015-03-05 14:25:11 ----SHD---- C:\RECYCLER
2015-03-05 13:40:15 ----A---- C:\DelFix.txt
2015-03-05 13:36:11 ----D---- C:\Program Files\trend micro
2015-03-05 11:33:12 ----D---- C:\WINDOWS\temp
2015-03-01 13:37:07 ----D---- C:\Program Files\Subtitle Edit
2015-03-01 13:37:07 ----D---- C:\Documents and Settings\Administrator\Application Data\Subtitle Edit
2015-02-26 18:56:53 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg_Update_0215av
2015-02-22 16:36:43 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2015-02-22 16:36:19 ----D---- C:\Documents and Settings\Administrator\Application Data\AVG
2015-02-22 16:33:00 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG
2015-02-22 16:22:06 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\TechGenie
2015-02-22 16:21:44 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\TechGenieSD
2015-02-22 16:21:19 ----D---- C:\Program Files\TechGenie

======List of files/folders modified in the last 1 month======

2015-03-06 21:11:38 ----D---- C:\WINDOWS\system32\CatRoot2
2015-03-06 21:09:47 ----D---- C:\WINDOWS\system32
2015-03-06 21:09:43 ----SD---- C:\WINDOWS\Tasks
2015-03-06 21:07:26 ----D---- C:\Documents and Settings\Administrator\Application Data\Skype
2015-03-06 19:55:05 ----D---- C:\Documents and Settings\Administrator\Application Data\IDM
2015-03-06 19:54:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-06 19:53:21 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\MFAData
2015-03-06 16:07:03 ----D---- C:\Documents and Settings\Administrator\Application Data\DMCache
2015-03-06 16:05:52 ----D---- C:\WINDOWS
2015-03-06 16:04:03 ----D---- C:\WINDOWS\system32\config
2015-03-06 15:37:50 ----D---- C:\WINDOWS\system32\drivers
2015-03-06 15:37:47 ----HD---- C:\WINDOWS\inf
2015-03-06 15:37:45 ----D---- C:\Program Files\Realtek
2015-03-06 15:37:41 ----HD---- C:\Program Files\InstallShield Installation Information
2015-03-06 15:34:34 ----D---- C:\WINDOWS\system32\ReinstallBackups
2015-03-06 15:14:54 ----RD---- C:\Program Files
2015-03-06 15:14:47 ----D---- C:\Program Files\The KMPlayer
2015-03-06 09:30:02 ----SHD---- C:\System Volume Information
2015-03-06 09:30:02 ----D---- C:\WINDOWS\system32\Restore
2015-03-05 20:42:07 ----D---- C:\WINDOWS\Prefetch
2015-03-05 11:32:22 ----A---- C:\WINDOWS\system.ini
2015-03-05 11:30:07 ----D---- C:\WINDOWS\AppPatch
2015-03-05 11:30:04 ----D---- C:\Program Files\Common Files
2015-03-04 21:14:29 ----D---- C:\WINDOWS\system32\LogFiles
2015-03-01 13:55:19 ----D---- C:\Download
2015-03-01 13:37:53 ----RSD---- C:\WINDOWS\assembly
2015-02-24 18:27:12 ----SHD---- C:\WINDOWS\Installer
2015-02-23 21:01:44 ----D---- C:\Program Files\Steam
2015-02-23 13:37:33 ----D---- C:\WINDOWS\Microsoft.NET
2015-02-23 10:37:48 ----D---- C:\Documents and Settings\Administrator\Application Data\uTorrent
2015-02-23 09:45:40 ----D---- C:\WINDOWS\WinSxS
2015-02-22 17:05:45 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2015-02-22 16:34:14 ----D---- C:\Program Files\AVG
2015-02-22 16:27:08 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG2015
2015-02-22 16:24:40 ----SD---- C:\WINDOWS\Downloaded Program Files
2015-02-22 16:21:56 ----RSD---- C:\WINDOWS\Fonts
2015-02-22 16:19:29 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-02-18 19:48:05 ----D---- C:\Documents and Settings\Administrator\Application Data\Apple Computer
2015-02-18 11:29:58 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype
2015-02-18 11:29:56 ----RD---- C:\Program Files\Skype
2015-02-11 07:38:28 ----D---- C:\WINDOWS\Debug
2015-02-11 07:23:54 ----D---- C:\WINDOWS\system32\MRT
2015-02-11 07:18:49 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2014-11-18 154904]
R0 Avglogx;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avglogx.sys [2014-07-18 230680]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2014-10-05 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2014-06-18 27416]
R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61824]
R1 AmdPPM;AMD HwPState Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 Avgdiskx;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiskx.sys [2014-06-18 121624]
R1 AVGIDSDriverl;AVGIDSDriverl; C:\WINDOWS\system32\DRIVERS\avgidsdriverlx.sys [2014-12-08 192792]
R1 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2014-06-18 21272]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2014-08-28 192792]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2014-10-10 200984]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2014-06-01 243128]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\system32\drivers\HWiNFO32.SYS []
R1 IDMTDI;IDMTDI; C:\WINDOWS\system32\DRIVERS\idmtdi.sys [2014-06-09 121440]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 VBoxDrv;VirtualBox Service; C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2014-05-16 204064]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2014-05-16 104736]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 ANPD;ANPD Service; \??\C:\WINDOWS\system32\ANPD.sys []
R2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2008-05-29 62848]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2014-06-19 7874560]
R3 genmcmnUSB;USB Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gflmouhid.sys [2003-08-07 6528]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2014-06-19 5630168]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2008-04-14 12160]
R3 rt2870;D-Link dnetr28u USB Extensible Wireless LAN Card Driver; C:\WINDOWS\System32\DRIVERS\Drt2870.sys [2011-11-14 1213632]
R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtKHDMI.sys [2014-06-19 4125352]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2014-12-04 441048]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys []
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2014-05-16 116512]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys [2014-05-16 126752]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2014-06-19 1691480]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2007-07-20 84992]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2014-06-19 1395800]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2008-09-29 133632]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2014-06-19 643072]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [2015-01-06 3440080]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [2015-01-06 309232]
R2 D-Link GO-USB-N150_PBC_WPS;D-Link GO-USB-N150_PBC_WPS Service; C:\Program Files\D-Link\GO-USB-N150\ALPBCSVC.exe [2010-08-16 61440]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2015-02-12 2161976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-24 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-22 267440]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-30 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-24 116648]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-30 881664]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [2014-10-28 244448]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-24 114288]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[Rudy]

Podle logu OK. Zkuste jště jeden restart, jestli se to objeví znovu.

[prometeusko]

2x zrestartovane a hlaska sa zobrazuje

[Rudy]

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

[prometeusko]

mbam pri threat scan nic nenasiel, komp stale mrzne, napriklad pri scanovani trhalo myskou, nedalo sa ani pisat na klavesnici, v klude vidim ze procesor je vytazeny na 50%, ked pozeram facebook jedno okno je vytazene CPU na 90%, nieco ho velmi zatazuje az neumerne a ja neviem co to moze byt, ale pri browsovani to robi velky problem

tu hlasku na wivc.exe zobrazuje stale neprestava

[Rudy]

Start>Spustit>(napsat) msconfig>OK. V záložce "Služby", nebo "Po spuštění" se koukněte a pokud tam najdete položku viwc, odstraňte u ní zatržítko. Nastavení uložte a restartujte PC.

[prometeusko]

nic take sa tam nenachadza

[Rudy]

Tak to zkusíme jinak. Start>Spustit>(napsat) regeditt>OK. Podle návodu: http://forum.viry.cz/viewtopic.php?f=46&t=2791 najděte příslušný klíč a smažte jej.