Velké využití paměti - internet

Zpráva

Jaccoob · #1 Příspěvek od **Jaccoob** » 09 pro 2015 21:52

Dobrý den... Při zapnutí internetu (prohlížeč chrome) mi vyletí pamět ram na 92% a zvedne se i dost využití CPU... Předem děkuji

Zde log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Mamka at 2015-12-09 21:44:43
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 4 GB (12%) free of 31 GB
Total RAM: 2038 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:45:03, on 9.12.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21376)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
c:\program files\common files\java\java update\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
c:\windows\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
c:\windows\system32\hkcmd.exe
c:\windows\system32\igfxtray.exe
c:\program files\common files\java\java update\jucheck.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Mamka\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Mamka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPlugin_Protection.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - (no file)
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 2871135140
O17 - HKLM\System\CCS\Services\Tcpip\..\{8A9FFB0B-885E-4E62-B5EF-DABC60307BFC}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: skype-ie-addon-data - (no CLSID) - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe

--
End of file - 7645 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

#2 Příspěvek od **Rudy** » 09 pro 2015 22:27

Zdravím!
Log není kompletní.

Jaccoob · #3 Příspěvek od **Jaccoob** » 09 pro 2015 22:35

Omlouvám se.....

Logfile of random's system information tool 1.10 (written by random/random)
Run by Mamka at 2015-12-09 21:44:43
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 4 GB (12%) free of 31 GB
Total RAM: 2038 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:45:03, on 9.12.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21376)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
c:\program files\common files\java\java update\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
c:\windows\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
c:\windows\system32\hkcmd.exe
c:\windows\system32\igfxtray.exe
c:\program files\common files\java\java update\jucheck.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Mamka\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Mamka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPlugin_Protection.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - (no file)
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 2871135140
O17 - HKLM\System\CCS\Services\Tcpip\..\{8A9FFB0B-885E-4E62-B5EF-DABC60307BFC}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: skype-ie-addon-data - (no CLSID) - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe

--
End of file - 7645 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
C:\Program Files\Epson Software\Event Manager\EEventManager.exe [2010-10-12 979328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4000 Series]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX230 Series]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
c:\windows\system32\hkcmd.exe [2014-02-06 166424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
c:\windows\system32\hkcmd.exe [2014-02-06 166424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
c:\windows\system32\igfxpers.exe [2014-02-06 137752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
c:\windows\system32\igfxtray.exe [2014-02-06 141848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter]
C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [2015-11-12 5893920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2010-03-16 718208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
c:\windows\system32\igfxpers.exe [2014-02-06 137752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2008-04-11 1276416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
C:\Program Files\Analog Devices\Core\smax4pnp.exe [2015-08-03 1044480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
c:\program files\common files\java\java update\jusched.exe [2015-04-10 271744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrackPointSrv]
C:\WINDOWS\system32\tp4mon.exe [2008-04-14 82944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Documents and Settings\Mamka\Data aplikací\uTorrent\utorrent.exe [2014-04-13 398760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViOrb]
C:\Program Files\extras\ViOrb\ViOrb.exe [2008-12-07 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VNT]
C:\Program Files\VNT\vntldr.exe [2014-10-09 196504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-03-31 833024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-03-31 833024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\38B0E9~1.141\SSSCHE~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Mamka^Nabídka Start^Programy^Po spuštění^PowerReg Scheduler.exe]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AdvancedSystemCareService8"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-02-06 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-12-14 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009\Windows XP Ultimate 2009.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009.theme
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ"
"C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe"="C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe:*:Enabled:aTube Catcher to download and convert videos."
"C:\Documents and Settings\Mamka\Data aplikací\uTorrent\utorrent.exe"="C:\Documents and Settings\Mamka\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=i420vfw.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.FMVC"=fmcodec.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"VIDC.X264"=x264vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2015-12-09 21:44:44 ----D---- C:\Program Files\trend micro
2015-12-09 21:44:43 ----D---- C:\rsit
2015-12-08 22:12:20 ----A---- C:\WINDOWS\system32\IObitSmartDefragExtension.dll20151209203752.dll
2015-12-07 14:34:05 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-06 22:42:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ashampoo
2015-12-06 22:42:26 ----D---- C:\Program Files\Ashampoo
2015-12-06 22:34:15 ----D---- C:\Program Files\CCleaner
2015-12-05 09:44:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Kerish Products
2015-11-30 20:10:45 ----D---- C:\Documents and Settings\Mamka\Data aplikací\AlawarEntertainment
2015-11-30 20:06:50 ----D---- C:\Program Files\The Treasures of Montezuma 5
2015-11-16 17:21:10 ----D---- C:\Program Files\Activision

======List of files/folders modified in the last 1 month======

2015-12-09 21:44:44 ----D---- C:\Program Files
2015-12-09 21:24:46 ----D---- C:\WINDOWS\Temp
2015-12-09 20:59:05 ----D---- C:\WINDOWS\system32\CatRoot2
2015-12-09 20:40:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\IObit
2015-12-09 20:38:13 ----D---- C:\Documents and Settings\Mamka\Data aplikací\IObit
2015-12-09 20:37:59 ----D---- C:\WINDOWS\system32
2015-12-09 20:37:59 ----D---- C:\Program Files\IObit
2015-12-09 20:37:52 ----SD---- C:\WINDOWS\Tasks
2015-12-09 20:37:51 ----D---- C:\WINDOWS\system32\drivers
2015-12-09 20:03:23 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-12-09 20:01:51 ----D---- C:\WINDOWS\Registration
2015-12-09 20:01:29 ----D---- C:\WINDOWS
2015-12-09 19:59:57 ----D---- C:\WINDOWS\Debug
2015-12-09 18:31:22 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-12-09 17:35:25 ----D---- C:\WINDOWS\system32\MRT
2015-12-09 17:23:49 ----A---- C:\WINDOWS\system32\MRT.exe
2015-12-08 22:12:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\ProductData
2015-12-08 22:09:35 ----D---- C:\WINDOWS\system32\config
2015-12-08 22:01:15 ----SH---- C:\boot.ini
2015-12-08 22:01:15 ----A---- C:\WINDOWS\win.ini
2015-12-08 22:01:15 ----A---- C:\WINDOWS\system.ini
2015-12-08 20:50:57 ----D---- C:\Documents and Settings\Mamka\Data aplikací\uTorrent
2015-12-08 14:35:55 ----D---- C:\WINDOWS\SoftwareDistribution
2015-12-07 21:44:14 ----D---- C:\WINDOWS\Prefetch
2015-12-04 21:56:05 ----SHD---- C:\WINDOWS\Installer
2015-12-01 18:36:45 ----D---- C:\WINDOWS\Network Diagnostic
2015-11-30 15:49:47 ----D---- C:\Documents and Settings\Mamka\Data aplikací\DAEMON Tools Lite
2015-11-28 12:15:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-27 14:42:52 ----D---- C:\Documents and Settings\Mamka\Data aplikací\Skype
2015-11-17 20:17:59 ----D---- C:\Program Files\The KMPlayer
2015-11-15 17:21:37 ----D---- C:\Program Files\EA Games
2015-11-13 15:29:19 ----D---- C:\Program Files\Webteh
2015-11-13 15:28:31 ----D---- C:\Documents and Settings\Mamka\Data aplikací\BSplayer PRO
2015-11-11 17:51:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-09-25 49776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-09-25 208664]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2015-09-25 55200]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-11-06 794952]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-11-06 435464]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2014-08-31 243128]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\system32\drivers\HWiNFO32.SYS []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 nvport;NVIDIA PORT IO Control Driver; \??\C:\WINDOWS\system32\Drivers\nvport.sys []
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-09-25 24016]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-09-25 76000]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2015-08-03 334848]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2015-08-03 94976]
R3 aracpi;aracpi; C:\WINDOWS\system32\DRIVERS\aracpi.sys [2008-12-26 22784]
R3 arhidfltr;MS Ar HID Filter Driver; C:\WINDOWS\system32\DRIVERS\arhidfltr.sys [2008-12-26 19200]
R3 arkbcfltr;Microsoft PS2 Keyboard Filter; C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys [2008-12-26 5376]
R3 armoucfltr;Microsoft PS2 Mouse Filter; C:\WINDOWS\system32\DRIVERS\armoucfltr.sys [2008-12-26 4992]
R3 ARPolicy;ARPolicy; C:\WINDOWS\system32\DRIVERS\arpolicy.sys [2008-12-26 10112]
R3 aswStmXP;Avast StreamFilter Driver; C:\WINDOWS\system32\drivers\aswStmXP.sys [2015-09-25 157888]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-10-22 161792]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2014-02-06 5854752]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2003-07-02 11344]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NETwLx32; Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETwLx32.sys [2014-02-06 6609920]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2006-03-29 9856]
R3 RegFilter;RegFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys []
R3 TwoTrack;IBM PS/2 TrackPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\TwoTrack.sys [2001-08-17 11520]
R3 UrlFilter;UrlFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys []
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2015-09-25 57888]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2014-02-27 52984]
S3 EagleXNt;EagleXNt; C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 massfilter;Mass Storage Filter Driver; C:\WINDOWS\system32\drivers\massfilter.sys []
S3 NETw4x32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2008-03-13 2530176]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2013-02-12 12928]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbser;USB RS-232 Emulation Driver; C:\WINDOWS\system32\drivers\usbser.sys [2013-08-29 26240]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WinUSB;Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2009-07-13 34944]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-12-14 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys []
S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys []
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys []
S4 FileMonitor;FileMonitor; \??\C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService8;Advanced SystemCare Service 8; C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe [2015-08-05 821024]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-09-25 146600]
R2 ehRecvr;Služba přijímače aplikace Media Center; C:\WINDOWS\eHome\ehRecvr.exe [2008-12-22 238592]
R2 ehSched;Služba plánování aplikace Media Center; C:\WINDOWS\eHome\ehSched.exe [2008-12-22 103424]
R2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2015-11-04 882464]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2015-11-10 2934048]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09 269504]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 IBMPMSVC;IBM PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2003-07-02 57344]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2015-08-03 182696]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2015-06-10 155520]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 HiSuiteOuc.exe;HiSuiteOuc.exe; C:\Documents and Settings\All Users\Data aplikací\HiSuiteOuc\HiSuiteOuc.exe [2014-09-05 117280]
S4 HuaweiHiSuiteService.exe;HuaweiHiSuiteService.exe; C:\Documents and Settings\All Users\Data aplikací\HandSetService\HuaweiHiSuiteService.exe [2014-09-05 180768]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]

-----------------EOF-----------------

#4 Příspěvek od **Rudy** » 09 pro 2015 22:40

Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Jaccoob · #5 Příspěvek od **Jaccoob** » 09 pro 2015 22:54

# AdwCleaner v5.024 - Logfile created 09/12/2015 at 22:48:36
# Updated 07/12/2015 by Xplode
# Database : 2015-12-07.3 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Mamka - S-C47CB8AD79BC4
# Running from : C:\Documents and Settings\Mamka\Plocha\adwcleaner_5.024.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikacĂ\apn
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikacĂ\AskPartnerNetwork
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikacĂ\Babylon
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikacĂ\ICQ\ICQToolbar
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikacĂ\Systweak
[-] Folder Deleted : C:\Documents and Settings\All Users\Data aplikacĂ\Trymedia
[-] Folder Deleted : C:\Documents and Settings\All Users\Dokumenty\ShopperPro
[-] Folder Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\PerformerSoft
[-] Folder Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\pluswinks
[-] Folder Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\ICQToolbarData
[-] Folder Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\Smartbar
[-] Folder Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\ValueApps
[-] Folder Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
[#] Folder Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\Extensions\savingsslider@mybrowserbar.com.xpi
[-] Folder Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\Extensions\143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com
[-] Folder Deleted : C:\Documents and Settings\Mamka\Local Settings\Data aplikacĂ\Amazon Browser Bar
[-] Folder Deleted : C:\Documents and Settings\Mamka\Local Settings\Data aplikacĂ\apn
[-] Folder Deleted : C:\Documents and Settings\Mamka\Local Settings\Data aplikacĂ\AskPartnerNetwork
[-] Folder Deleted : C:\Documents and Settings\Mamka\Local Settings\Data aplikacĂ\genienext
[-] Folder Deleted : C:\Documents and Settings\Mamka\Local Settings\Data aplikacĂ\iWebar
[-] Folder Deleted : C:\Documents and Settings\Mamka\Local Settings\Data aplikacĂ\Mobogenie
[-] Folder Deleted : C:\Documents and Settings\Mamka\Local Settings\Data aplikacĂ\NativeMessaging
[-] Folder Deleted : C:\Documents and Settings\Mamka\Local Settings\Data aplikacĂ\Object Browser
[-] Folder Deleted : C:\Documents and Settings\Mamka\Local Settings\Data aplikacĂ\PackageAware
[-] Folder Deleted : C:\Documents and Settings\Mamka\Local Settings\Data aplikacĂ\Sense
[-] Folder Deleted : C:\Documents and Settings\Mamka\Local Settings\Data aplikacĂ\VNT
[-] Folder Deleted : C:\Documents and Settings\Mamka\Local Settings\Data aplikacĂ\Amigo
[-] Folder Deleted : C:\Documents and Settings\Mamka\Local Settings\Data aplikacĂ\Installer\Install_15536
[-] Folder Deleted : C:\Documents and Settings\Mamka\Local Settings\Data aplikacĂ\Installer\Install_29159
[-] Folder Deleted : C:\Documents and Settings\Mamka\Local Settings\Data aplikacĂ\Installer\Install_31353
[-] Folder Deleted : C:\Program Files\Amazon Browser Bar
[-] Folder Deleted : C:\Program Files\Amazon\ABB
[-] Folder Deleted : C:\Program Files\ICQ6Toolbar

***** [ Files ] *****

[-] File Deleted : C:\Documents and Settings\Mamka\daemonprocess.txt
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-1.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-10.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-11.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-12.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-13.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-14.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-15.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-16.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-17.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-18.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-19.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-2.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-20.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-21.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-22.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-23.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-24.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-25.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-26.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-27.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-28.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-29.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-3.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-30.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-31.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-32.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-4.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-5.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-6.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-7.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-8.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin-9.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin.gif
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin.src
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\icqplugin.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\Extensions\abb@amazon.com.xpi
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\Extensions\pluswinks@PlusWinks.xpi
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\bprotector_extensions.rdf
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\invalidprefs.js
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\Askcom.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\askcomsearch.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\ask-search.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\browsemngr.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\searchplugins\daemon-search.xml
[-] File Deleted : C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\user.js
[-] File Deleted : C:\WINDOWS\system32\roboot.exe
[-] File Deleted : C:\WINDOWS\system32\sasnative32.exe

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
[-] Key Deleted : HKLM\SOFTWARE\microsoft\shared tools\msconfig\startupreg\ApnTBMon
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [BackgroundHost.exe]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD [BackgroundHost.exe]
[-] Key Deleted : HKCU\Software\5268bdde16dee49
[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7A4141A0-3851-4758-AEBD-B52BCBC21BC3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A0F21154-8751-468A-A40C-92E8324AB8F2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D5A3D96-8BE2-45F6-A365-D7B9FAE581EF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{7828DB55-A8EE-42C0-8D72-738CA9B3E48F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{867457A9-DA67-450A-964A-EA9185A09395}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0D6F486-7230-3139-1997-CB2FBCF4E080}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F443A627-5009-4323-9C1D-7FD598D0D712}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3c47ec0c-e636-4e9b-a34e-f24fcabeefd7}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7bbf042a-a70b-4e5f-9f45-a96f22c40dca}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9a04d610-46ab-4c1b-be07-b962f8065880}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c33e0157-aaeb-4071-b313-2452a01fd9fa}
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser [{10921475-03CE-4E04-90CE-E2E7EF20C814}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\AskPartnerNetwork
[-] Key Deleted : HKCU\Software\BI
[-] Key Deleted : HKCU\Software\distromatic
[-] Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
[-] Key Deleted : HKCU\Software\filescout
[-] Key Deleted : HKCU\Software\YahooPartnerToolbar
[-] Key Deleted : HKCU\Software\VNT
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
[-] Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
[-] Key Deleted : HKLM\SOFTWARE\DataMngr
[-] Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
[-] Key Deleted : HKLM\SOFTWARE\PIP
[-] Key Deleted : HKLM\SOFTWARE\Trymedia Systems
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Key Deleted : HKU\.DEFAULT\Software\IBUpdaterService
[-] Key Deleted : HKU\.DEFAULT\Software\VNT
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[!] Data Not Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{502496E0-E19F-4735-A284-F50046EDB5FF}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}

***** [ Web browsers ] *****

[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.FirstTimeFF3", "true");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.RestartDialogFirstTime", "false");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.RestartDialogShouldDisplay", "false");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3288691&SearchSource=2&CUI=UN16030985369298329&UM=99&q=");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.UserID", "UN16030985369298329");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.addressBarTakeOverEnabledInHidden", "true");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.appOptions", "{}");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.browser.search.defaultthis.engineName", true);
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.countryCode", "CZ");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.firstTimeDialogOpened", "true");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.fixPageNotFoundErrorByUser", "FALSE");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.fixPageNotFoundErrorInHidden", "true");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.fullUserID", "UN16030985369298329.IN.20140203155918");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.homepageuserchanged", true);
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.installType", "Unknown");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.isCheckedStartAsHidden", true);
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.isFirstTimeToolbarLoading", "false");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.keyword", true);
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.lastVersion", "10.30.1.502");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.originalHomepage", "chrome://branding/locale/browserconfig.properties");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.originalSearchAddressUrl", "hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p=");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.originalSearchEngine", "Yahoo!");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.originalSearchEngineName", "Yahoo!");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.performedDomainChangesMigration", "true");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.revertSettingsEnabled", "false");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.search.searchAppId", "10000002");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.search.searchCount", "1");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.searchFromAddressBarEnabledByUser", "true");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.searchInNewTabEnabledByUser", "true");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.searchInNewTabEnabledInHidden", "true");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.searchSuggestEnabledByUser", "TRUE");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.searchUserMode", 99);
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.serviceLayer_services_Configuration_lastUpdate", "1400002326633");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1396520836742");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.serviceLayer_services_appsMetadata_lastUpdate", "1396778172661");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1395595548529");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.serviceLayer_services_login_10.23.0.822_lastUpdate", "1396520836368");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.serviceLayer_services_login_10.29.0.520_lastUpdate", "1399215588381");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.serviceLayer_services_login_10.30.1.502_lastUpdate", "1400067993710");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1395595548530");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.serviceLayer_services_searchAPI_lastUpdate", "1400002326719");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.serviceLayer_services_serviceMap_lastUpdate", "1400002326496");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.serviceLayer_services_setupAPI_lastUpdate", "1395595532286");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.serviceLayer_services_toolbarContextMenu_lastUpdate", "1396778172611");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.serviceLayer_services_toolbarSettings_lastUpdate", "1400067994137");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.serviceLayer_services_translation_lastUpdate", "1400002326930");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.settingsINI", true);
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.showToolbarPermission", "false");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.smartbar.CTID", "CT3288691");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.smartbar.Uninstall", "0");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.smartbar.homepage", true);
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.smartbar.toolbarName", "DivX Browser Bar ");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.toolbarBornServerTime", "20-3-2014");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.toolbarCurrentServerTime", "14-5-2014");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.toolbarInstallDate", "23-03-2014 18:25:10");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3288691.toolbarLoginClientTime", "Sun Mar 23 2014 18:25:32 GMT+0100");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.UserID", "UN27732145462669921");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.dum", "2");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.fullUserID", "UN27732145462669921.IN.20140714185154");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.installerVersion", "1.11.0.11");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.toolbarInstallDate", "14-07-2014 18:51:59");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.versionFromInstaller", "10.33.0.5");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.xpeMode", "1");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?UM=99&ctid=CT3288691&SearchSource=13&CUI=UN16030985369298329");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("Smartbar.ConduitSearchEngineList", "DivX Browser Bar Customized Web Search");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3288691&SearchSource=2&CUI=UN16030985369298329&UM=99&q=");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p=");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("Smartbar.TBHomepagesList", "hxxp://search.conduit.com/?UM=99&ctid=CT3288691&SearchSource=13&CUI=UN16030985369298329");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("Smartbar.TBSearchEngineList", "DivX Browser Bar Customized Web Search");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("Smartbar.TBSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3288691&SearchSource=2&CUI=UN16030985369298329&UM=99&q=");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3288691");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?UM=99&ctid=CT3288691&SearchSource=13&CUI=UN16030985369298329");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("extensions.crossrider.bic", "148376c8e36e4a07537a7db887632faf");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("keyword.URL", "hxxps://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=501549&p=");
[-] [C:\Documents and Settings\Mamka\Data aplikacĂ\Mozilla\Firefox\Profiles\auxo714q.default\prefs.js] [Preference] Deleted : user_pref("network.hxxp.request.max-start-delay", 0);

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [37209 bytes] ##########

Jaccoob · #6 Příspěvek od **Jaccoob** » 10 pro 2015 16:12

Dobrý den,
chci se optat jak to vypadá.... Stále mi to jede na moc velký výkon.

#7 Příspěvek od **Rudy** » 10 pro 2015 21:12

Něco to smazalo. Dejte nový log RSIT.

Jaccoob · #8 Příspěvek od **Jaccoob** » 10 pro 2015 22:10

Logfile of random's system information tool 1.10 (written by random/random)
Run by Mamka at 2015-12-10 22:06:18
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (15%) free of 31 GB
Total RAM: 2038 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:06:47, on 10.12.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21376)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Mamka\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Mamka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - (no file)
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Documents and Settings\Mamka\Data aplikací\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 2871135140
O17 - HKLM\System\CCS\Services\Tcpip\..\{8A9FFB0B-885E-4E62-B5EF-DABC60307BFC}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: skype-ie-addon-data - (no CLSID) - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe

--
End of file - 6574 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-08-03 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} -

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-11-06 6133520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-12-19 40960]
"uTorrent"=C:\Documents and Settings\Mamka\Data aplikací\uTorrent\utorrent.exe [2014-04-13 398760]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-08-20 6490904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
c:\program files\common files\adobe\arm\1.0\adobearm.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
c:\program files\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe [2013-03-21 472992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 8]
C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe /Auto []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlwaysReady Power Message APP]
C:\WINDOWS\ARPWRMSG.EXE [2008-12-26 77312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvastUI.exe]
C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-11-06 6133520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
c:\program files\ccleaner\ccleaner.exe [2015-08-20 6490904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-12-19 40960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
C:\Program Files\Epson Software\Event Manager\EEventManager.exe [2010-10-12 979328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4000 Series]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX230 Series]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
c:\windows\system32\hkcmd.exe [2014-02-06 166424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
c:\windows\system32\hkcmd.exe [2014-02-06 166424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
c:\windows\system32\igfxpers.exe [2014-02-06 137752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
c:\windows\system32\igfxtray.exe [2014-02-06 141848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter]
C:\Program Files\IObit\IObit Malware Fighter\IMF.exe /autostart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2010-03-16 718208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
c:\windows\system32\igfxpers.exe [2014-02-06 137752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2008-04-11 1276416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
C:\Program Files\Analog Devices\Core\smax4pnp.exe [2015-08-03 1044480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
c:\program files\common files\java\java update\jusched.exe [2015-04-10 271744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrackPointSrv]
C:\WINDOWS\system32\tp4mon.exe [2008-04-14 82944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Documents and Settings\Mamka\Data aplikací\uTorrent\utorrent.exe [2014-04-13 398760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViOrb]
C:\Program Files\extras\ViOrb\ViOrb.exe [2008-12-07 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VNT]
C:\Program Files\VNT\vntldr.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-03-31 833024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-03-31 833024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\38B0E9~1.141\SSSCHE~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Mamka^Nabídka Start^Programy^Po spuštění^PowerReg Scheduler.exe]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AdvancedSystemCareService8"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-02-06 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-12-14 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009\Windows XP Ultimate 2009.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009.theme
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ"
"C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe"="C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe:*:Enabled:aTube Catcher to download and convert videos."
"C:\Documents and Settings\Mamka\Data aplikací\uTorrent\utorrent.exe"="C:\Documents and Settings\Mamka\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=i420vfw.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.FMVC"=fmcodec.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"VIDC.X264"=x264vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2015-12-10 21:58:25 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-09 22:46:38 ----D---- C:\AdwCleaner
2015-12-09 22:04:56 ----SHD---- C:\Config.Msi
2015-12-09 21:44:44 ----D---- C:\Program Files\trend micro
2015-12-09 21:44:43 ----D---- C:\rsit
2015-12-06 22:42:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ashampoo
2015-12-06 22:42:26 ----D---- C:\Program Files\Ashampoo
2015-12-06 22:34:15 ----D---- C:\Program Files\CCleaner
2015-12-05 09:44:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Kerish Products
2015-11-30 20:10:45 ----D---- C:\Documents and Settings\Mamka\Data aplikací\AlawarEntertainment
2015-11-30 20:06:50 ----D---- C:\Program Files\The Treasures of Montezuma 5
2015-11-16 17:21:10 ----D---- C:\Program Files\Activision

======List of files/folders modified in the last 1 month======

2015-12-10 22:06:24 ----D---- C:\WINDOWS\Prefetch
2015-12-10 22:02:11 ----D---- C:\Documents and Settings\Mamka\Data aplikací\uTorrent
2015-12-10 22:01:59 ----SD---- C:\WINDOWS\Tasks
2015-12-10 22:01:47 ----D---- C:\WINDOWS\Temp
2015-12-10 21:59:01 ----D---- C:\WINDOWS\Registration
2015-12-10 21:58:48 ----D---- C:\WINDOWS
2015-12-10 21:58:25 ----D---- C:\WINDOWS\system32
2015-12-10 21:58:22 ----D---- C:\Program Files\IObit
2015-12-10 21:57:31 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-12-10 21:55:26 ----D---- C:\WINDOWS\system32\CatRoot2
2015-12-09 22:48:49 ----D---- C:\Program Files
2015-12-09 22:48:48 ----D---- C:\Program Files\Amazon
2015-12-09 22:48:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2015-12-09 22:06:46 ----D---- C:\Documents and Settings\Mamka\Data aplikací\IObit
2015-12-09 22:05:06 ----SHD---- C:\WINDOWS\Installer
2015-12-09 22:05:05 ----D---- C:\Program Files\Google
2015-12-09 20:40:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\IObit
2015-12-09 20:37:51 ----D---- C:\WINDOWS\system32\drivers
2015-12-09 19:59:57 ----D---- C:\WINDOWS\Debug
2015-12-09 18:31:22 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-12-09 17:35:25 ----D---- C:\WINDOWS\system32\MRT
2015-12-09 17:23:49 ----A---- C:\WINDOWS\system32\MRT.exe
2015-12-08 22:12:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\ProductData
2015-12-08 22:09:35 ----D---- C:\WINDOWS\system32\config
2015-12-08 22:01:15 ----SH---- C:\boot.ini
2015-12-08 22:01:15 ----A---- C:\WINDOWS\win.ini
2015-12-08 22:01:15 ----A---- C:\WINDOWS\system.ini
2015-12-08 14:35:55 ----D---- C:\WINDOWS\SoftwareDistribution
2015-12-01 18:36:45 ----D---- C:\WINDOWS\Network Diagnostic
2015-11-30 15:49:47 ----D---- C:\Documents and Settings\Mamka\Data aplikací\DAEMON Tools Lite
2015-11-28 12:15:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-27 14:42:52 ----D---- C:\Documents and Settings\Mamka\Data aplikací\Skype
2015-11-17 20:17:59 ----D---- C:\Program Files\The KMPlayer
2015-11-15 17:21:37 ----D---- C:\Program Files\EA Games
2015-11-13 15:29:19 ----D---- C:\Program Files\Webteh
2015-11-13 15:28:31 ----D---- C:\Documents and Settings\Mamka\Data aplikací\BSplayer PRO
2015-11-11 17:51:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-09-25 49776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-09-25 208664]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2015-09-25 55200]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-11-06 794952]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-11-06 435464]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2014-08-31 243128]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\system32\drivers\HWiNFO32.SYS []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 nvport;NVIDIA PORT IO Control Driver; \??\C:\WINDOWS\system32\Drivers\nvport.sys []
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-09-25 24016]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-09-25 76000]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2015-08-03 334848]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2015-08-03 94976]
R3 aracpi;aracpi; C:\WINDOWS\system32\DRIVERS\aracpi.sys [2008-12-26 22784]
R3 arkbcfltr;Microsoft PS2 Keyboard Filter; C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys [2008-12-26 5376]
R3 armoucfltr;Microsoft PS2 Mouse Filter; C:\WINDOWS\system32\DRIVERS\armoucfltr.sys [2008-12-26 4992]
R3 ARPolicy;ARPolicy; C:\WINDOWS\system32\DRIVERS\arpolicy.sys [2008-12-26 10112]
R3 aswStmXP;Avast StreamFilter Driver; C:\WINDOWS\system32\drivers\aswStmXP.sys [2015-09-25 157888]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-10-22 161792]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2014-02-06 5854752]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2003-07-02 11344]
R3 NETwLx32; Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETwLx32.sys [2014-02-06 6609920]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2006-03-29 9856]
R3 TwoTrack;IBM PS/2 TrackPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\TwoTrack.sys [2001-08-17 11520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 arhidfltr;MS Ar HID Filter Driver; C:\WINDOWS\system32\DRIVERS\arhidfltr.sys [2008-12-26 19200]
S3 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2015-09-25 57888]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2014-02-27 52984]
S3 EagleXNt;EagleXNt; C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 massfilter;Mass Storage Filter Driver; C:\WINDOWS\system32\drivers\massfilter.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 NETw4x32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2008-03-13 2530176]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2013-02-12 12928]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbser;USB RS-232 Emulation Driver; C:\WINDOWS\system32\drivers\usbser.sys [2013-08-29 26240]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WinUSB;Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2009-07-13 34944]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-12-14 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys []
S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys []
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-09-25 146600]
R2 ehRecvr;Služba přijímače aplikace Media Center; C:\WINDOWS\eHome\ehRecvr.exe [2008-12-22 238592]
R2 ehSched;Služba plánování aplikace Media Center; C:\WINDOWS\eHome\ehSched.exe [2008-12-22 103424]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09 269504]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 IBMPMSVC;IBM PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2003-07-02 57344]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2015-08-03 182696]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2015-06-10 155520]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S4 HiSuiteOuc.exe;HiSuiteOuc.exe; C:\Documents and Settings\All Users\Data aplikací\HiSuiteOuc\HiSuiteOuc.exe [2014-09-05 117280]
S4 HuaweiHiSuiteService.exe;HuaweiHiSuiteService.exe; C:\Documents and Settings\All Users\Data aplikací\HandSetService\HuaweiHiSuiteService.exe [2014-09-05 180768]
S4 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2015-11-10 2934048]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]

-----------------EOF-----------------

#9 Příspěvek od **Rudy** » 10 pro 2015 22:34

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\PROGRA~1\MCAFEE~1\38B0E9~1.141

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]

:services
Skype C2C Service

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. P5ed skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

Jaccoob · #10 Příspěvek od **Jaccoob** » 10 pro 2015 22:46

Logfile of random's system information tool 1.10 (written by random/random)
Run by Mamka at 2015-12-10 22:46:16
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (17%) free of 31 GB
Total RAM: 2038 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:46:39, on 10.12.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21376)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Documents and Settings\Mamka\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Mamka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - (no file)
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Documents and Settings\Mamka\Data aplikací\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 2871135140
O17 - HKLM\System\CCS\Services\Tcpip\..\{8A9FFB0B-885E-4E62-B5EF-DABC60307BFC}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: skype-ie-addon-data - (no CLSID) - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe

--
End of file - 6246 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-11-06 6133520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-12-19 40960]
"uTorrent"=C:\Documents and Settings\Mamka\Data aplikací\uTorrent\utorrent.exe [2014-04-13 398760]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-08-20 6490904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
c:\program files\common files\adobe\arm\1.0\adobearm.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
c:\program files\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe [2013-03-21 472992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 8]
C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe /Auto []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlwaysReady Power Message APP]
C:\WINDOWS\ARPWRMSG.EXE [2008-12-26 77312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvastUI.exe]
C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-11-06 6133520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
c:\program files\ccleaner\ccleaner.exe [2015-08-20 6490904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-12-19 40960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
C:\Program Files\Epson Software\Event Manager\EEventManager.exe [2010-10-12 979328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4000 Series]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX230 Series]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
c:\windows\system32\hkcmd.exe [2014-02-06 166424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
c:\windows\system32\hkcmd.exe [2014-02-06 166424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
c:\windows\system32\igfxpers.exe [2014-02-06 137752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
c:\windows\system32\igfxtray.exe [2014-02-06 141848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter]
C:\Program Files\IObit\IObit Malware Fighter\IMF.exe /autostart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2010-03-16 718208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
c:\windows\system32\igfxpers.exe [2014-02-06 137752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2008-04-11 1276416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
C:\Program Files\Analog Devices\Core\smax4pnp.exe [2015-08-03 1044480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
c:\program files\common files\java\java update\jusched.exe [2015-04-10 271744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrackPointSrv]
C:\WINDOWS\system32\tp4mon.exe [2008-04-14 82944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Documents and Settings\Mamka\Data aplikací\uTorrent\utorrent.exe [2014-04-13 398760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViOrb]
C:\Program Files\extras\ViOrb\ViOrb.exe [2008-12-07 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VNT]
C:\Program Files\VNT\vntldr.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-03-31 833024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-03-31 833024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Mamka^Nabídka Start^Programy^Po spuštění^PowerReg Scheduler.exe]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AdvancedSystemCareService8"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-02-06 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-12-14 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009\Windows XP Ultimate 2009.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009.theme
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ"
"C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe"="C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe:*:Enabled:aTube Catcher to download and convert videos."
"C:\Documents and Settings\Mamka\Data aplikací\uTorrent\utorrent.exe"="C:\Documents and Settings\Mamka\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=i420vfw.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.FMVC"=fmcodec.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"VIDC.X264"=x264vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2015-12-10 22:42:59 ----D---- C:\_OTM
2015-12-10 21:58:25 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-09 22:46:38 ----D---- C:\AdwCleaner
2015-12-09 22:04:56 ----SHD---- C:\Config.Msi
2015-12-09 21:44:44 ----D---- C:\Program Files\trend micro
2015-12-09 21:44:43 ----D---- C:\rsit
2015-12-06 22:42:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ashampoo
2015-12-06 22:42:26 ----D---- C:\Program Files\Ashampoo
2015-12-06 22:34:15 ----D---- C:\Program Files\CCleaner
2015-12-05 09:44:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Kerish Products
2015-11-30 20:10:45 ----D---- C:\Documents and Settings\Mamka\Data aplikací\AlawarEntertainment
2015-11-30 20:06:50 ----D---- C:\Program Files\The Treasures of Montezuma 5
2015-11-16 17:21:10 ----D---- C:\Program Files\Activision

======List of files/folders modified in the last 1 month======

2015-12-10 22:45:57 ----D---- C:\Documents and Settings\Mamka\Data aplikací\uTorrent
2015-12-10 22:45:34 ----D---- C:\WINDOWS\Prefetch
2015-12-10 22:44:54 ----D---- C:\WINDOWS\Temp
2015-12-10 22:44:05 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-12-10 22:44:01 ----D---- C:\WINDOWS\Registration
2015-12-10 22:43:51 ----D---- C:\WINDOWS
2015-12-10 22:43:18 ----D---- C:\WINDOWS\system32\drivers
2015-12-10 22:01:59 ----SD---- C:\WINDOWS\Tasks
2015-12-10 21:58:25 ----D---- C:\WINDOWS\system32
2015-12-10 21:58:22 ----D---- C:\Program Files\IObit
2015-12-10 21:55:26 ----D---- C:\WINDOWS\system32\CatRoot2
2015-12-09 22:48:49 ----D---- C:\Program Files
2015-12-09 22:48:48 ----D---- C:\Program Files\Amazon
2015-12-09 22:48:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2015-12-09 22:06:46 ----D---- C:\Documents and Settings\Mamka\Data aplikací\IObit
2015-12-09 22:05:06 ----SHD---- C:\WINDOWS\Installer
2015-12-09 22:05:05 ----D---- C:\Program Files\Google
2015-12-09 20:40:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\IObit
2015-12-09 19:59:57 ----D---- C:\WINDOWS\Debug
2015-12-09 18:31:22 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-12-09 17:35:25 ----D---- C:\WINDOWS\system32\MRT
2015-12-09 17:23:49 ----A---- C:\WINDOWS\system32\MRT.exe
2015-12-08 22:12:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\ProductData
2015-12-08 22:09:35 ----D---- C:\WINDOWS\system32\config
2015-12-08 22:01:15 ----SH---- C:\boot.ini
2015-12-08 22:01:15 ----A---- C:\WINDOWS\win.ini
2015-12-08 22:01:15 ----A---- C:\WINDOWS\system.ini
2015-12-08 14:35:55 ----D---- C:\WINDOWS\SoftwareDistribution
2015-12-01 18:36:45 ----D---- C:\WINDOWS\Network Diagnostic
2015-11-30 15:49:47 ----D---- C:\Documents and Settings\Mamka\Data aplikací\DAEMON Tools Lite
2015-11-28 12:15:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-27 14:42:52 ----D---- C:\Documents and Settings\Mamka\Data aplikací\Skype
2015-11-17 20:17:59 ----D---- C:\Program Files\The KMPlayer
2015-11-15 17:21:37 ----D---- C:\Program Files\EA Games
2015-11-13 15:29:19 ----D---- C:\Program Files\Webteh
2015-11-13 15:28:31 ----D---- C:\Documents and Settings\Mamka\Data aplikací\BSplayer PRO
2015-11-11 17:51:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-09-25 49776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-09-25 208664]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2015-09-25 55200]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-11-06 794952]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-11-06 435464]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2014-08-31 243128]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\system32\drivers\HWiNFO32.SYS []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 nvport;NVIDIA PORT IO Control Driver; \??\C:\WINDOWS\system32\Drivers\nvport.sys []
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-09-25 24016]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-09-25 76000]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2015-08-03 334848]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2015-08-03 94976]
R3 aracpi;aracpi; C:\WINDOWS\system32\DRIVERS\aracpi.sys [2008-12-26 22784]
R3 arkbcfltr;Microsoft PS2 Keyboard Filter; C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys [2008-12-26 5376]
R3 armoucfltr;Microsoft PS2 Mouse Filter; C:\WINDOWS\system32\DRIVERS\armoucfltr.sys [2008-12-26 4992]
R3 ARPolicy;ARPolicy; C:\WINDOWS\system32\DRIVERS\arpolicy.sys [2008-12-26 10112]
R3 aswStmXP;Avast StreamFilter Driver; C:\WINDOWS\system32\drivers\aswStmXP.sys [2015-09-25 157888]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-10-22 161792]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2014-02-06 5854752]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2003-07-02 11344]
R3 NETwLx32; Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETwLx32.sys [2014-02-06 6609920]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2006-03-29 9856]
R3 TwoTrack;IBM PS/2 TrackPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\TwoTrack.sys [2001-08-17 11520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 arhidfltr;MS Ar HID Filter Driver; C:\WINDOWS\system32\DRIVERS\arhidfltr.sys [2008-12-26 19200]
S3 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2015-09-25 57888]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2014-02-27 52984]
S3 EagleXNt;EagleXNt; C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 massfilter;Mass Storage Filter Driver; C:\WINDOWS\system32\drivers\massfilter.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 NETw4x32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2008-03-13 2530176]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2013-02-12 12928]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbser;USB RS-232 Emulation Driver; C:\WINDOWS\system32\drivers\usbser.sys [2013-08-29 26240]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WinUSB;Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2009-07-13 34944]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-12-14 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys []
S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys []
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-09-25 146600]
R2 ehRecvr;Služba přijímače aplikace Media Center; C:\WINDOWS\eHome\ehRecvr.exe [2008-12-22 238592]
R2 ehSched;Služba plánování aplikace Media Center; C:\WINDOWS\eHome\ehSched.exe [2008-12-22 103424]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09 269504]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 IBMPMSVC;IBM PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2003-07-02 57344]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2015-08-03 182696]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2015-06-10 155520]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S4 HiSuiteOuc.exe;HiSuiteOuc.exe; C:\Documents and Settings\All Users\Data aplikací\HiSuiteOuc\HiSuiteOuc.exe [2014-09-05 117280]
S4 HuaweiHiSuiteService.exe;HuaweiHiSuiteService.exe; C:\Documents and Settings\All Users\Data aplikací\HandSetService\HuaweiHiSuiteService.exe [2014-09-05 180768]
S4 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2015-11-10 2934048]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]

-----------------EOF-----------------

#11 Příspěvek od **Rudy** » 11 pro 2015 17:19

Dvouklikem na soubor spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - (no file)
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O18 - Protocol: skype-ie-addon-data - (no CLSID) - (no file)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

Jaccoob · #12 Příspěvek od **Jaccoob** » 11 pro 2015 18:09

Hotovo.

#13 Příspěvek od **Rudy** » 11 pro 2015 18:21

Nastala nějaká změna?

VIRY.CZ

Velké využití paměti - internet

Velké využití paměti - internet

Re: Velké využití paměti - internet

Re: Velké využití paměti - internet

Re: Velké využití paměti - internet

Re: Velké využití paměti - internet

Re: Velké využití paměti - internet

Re: Velké využití paměti - internet

Re: Velké využití paměti - internet

Re: Velké využití paměti - internet

Re: Velké využití paměti - internet

Re: Velké využití paměti - internet

Re: Velké využití paměti - internet

Re: Velké využití paměti - internet