Pomalejší notebook

Zpráva

Jenda66 · #1 Příspěvek od **Jenda66** » 28 pro 2015 23:59

Zdravím,

poslední dobou mě trochu zlobí můj stařičký notebook. Hlavně se jedná o rychlost systému. Promazal jsem programy/věci, co již nebyly potřeba, ale moc to nepomohlo. Mám pocit, že jsem zřejmě někde chytil nějakou havěť. Zasílám log z RSIT. Předem moc děkuji!

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jenda at 2015-12-28 23:52:50
Systém Microsoft Windows XP Professional Service Pack 3
System drive D: has 412 GB (87%) free of 476 GB
Total RAM: 3036 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:53:03, on 28.12.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\AVAST Software\Avast\AvastSvc.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
D:\Program Files\Java\jre7\bin\jqs.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\SearchIndexer.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Analog Devices\Core\smax4pnp.exe
D:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
D:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
D:\Program Files\AVAST Software\Avast\AvastUI.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe
D:\WINDOWS\System32\alg.exe
D:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
D:\WINDOWS\system32\wbem\unsecapp.exe
D:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
D:\Documents and Settings\Jenda\Dokumenty\Stažené soubory\RSIT.exe
D:\WINDOWS\system32\SearchProtocolHost.exe
D:\WINDOWS\system32\SearchFilterHost.exe
D:\Program Files\trend micro\Jenda.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O4 - HKLM\..\Run: [SoundMAXPnP] D:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] D:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [QlbCtrl.exe] D:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WirelessAssistant] D:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [AvastUI.exe] "D:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [MSConfig] D:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [KB976002-v5] rundll32.exe advpack.dll,LaunchINFSection OPMWXPUP.inf,BrowserChoiceGoo (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [KB976002-v5] rundll32.exe advpack.dll,LaunchINFSection OPMWXPUP.inf,BrowserChoiceGoo (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://D:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - D:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - D:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - D:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - D:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - D:\Program Files\Skype\Updater\Updater.exe

--
End of file - 6008 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - D:\WINDOWS\system32\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe -check pepperplugin
D:\WINDOWS\tasks\Adobe Flash Player Updater.job - D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
D:\WINDOWS\tasks\avast! Emergency Update.job - D:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
D:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - D:\WINDOWS\system32\xp_eos.exe
D:\WINDOWS\tasks\Opera scheduled Autoupdate 1448040242.job - D:\Program Files\Opera\launcher.exe --scheduledautoupdate $(Arg0)
D:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - D:\WINDOWS\system32\xp_eos.exe -c
D:\WINDOWS\tasks\update-S-1-5-21-1417001333-2111687655-2146992267-1004.job - D:\Program Files\Skillbrains\Updater\Updater.exe -runmode=checkupdate
D:\WINDOWS\tasks\update-sys.job - D:\Program Files\Skillbrains\Updater\Updater.exe -runmode=checkupdate

=========Mozilla firefox=========

ProfilePath - D:\Documents and Settings\Jenda\Data aplikací\Mozilla\Firefox\Profiles\w06w7bvk.default-1448046860640

"{20a82645-c095-46ed-80e3-08825760534b}"=d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=D:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.235 Plugin
"Path"=D:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=D:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=D:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=d:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

D:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=D:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-07-20 1044480]
"SoundMAX"=D:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2008-07-25 888832]
"QlbCtrl.exe"=D:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 287800]
"WirelessAssistant"=D:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-03-10 506936]
"AvastUI.exe"=D:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-09-19 4085896]
"MSConfig"=D:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2008-04-14 171008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\3200 Scan2PC]
D:\WINDOWS\Twain_32\Samsung\SCX3200\Scan2pc.exe [2010-05-18 1989120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
D:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
D:\Program Files\CCleaner\CCleaner.exe [2015-12-08 6602152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IR_SERVER]
D:\PROGRA~1\Realtek\REALTE~1\IR_SERVER.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
D:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lightshot]
D:\Program Files\Skillbrains\lightshot\Lightshot.exe [2014-10-16 226560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
D:\Program Files\Pando Networks\Media Booster\PMB.exe [2013-03-19 4270640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr]
D:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe [2010-10-28 618496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
D:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 153672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
D:\Program Files\Steam\steam.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
D:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
D:\PROGRA~1\WINDOW~2\WINDOW~1.EXE [2010-06-24 123904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
D:\WINDOWS\system32\Ati2evxx.dll [2009-02-04 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
WgaLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2010-06-24 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=D:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2010-06-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Opera\opera.exe"="D:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"D:\Program Files\Winamp\winamp.exe"="D:\Program Files\Winamp\winamp.exe:*:Disabled:Winamp"
"D:\Documents and Settings\Jenda\Local Settings\Temp\Keygen.exe"="D:\Documents and Settings\Jenda\Local Settings\Temp\Keygen.exe:*:Enabled:Keygen"
"D:\Program Files\Pando Networks\Media Booster\PMB.exe"="D:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"D:\WINDOWS\twain_32\Samsung\ScanMgr.exe"="D:\WINDOWS\twain_32\Samsung\ScanMgr.exe:*:Enabled:Scan Manger"
"D:\WINDOWS\twain_32\Samsung\SCX3200\Scan2Pc.exe"="D:\WINDOWS\twain_32\Samsung\SCX3200\Scan2Pc.exe:*:Enabled:ScanToPC"
"D:\WINDOWS\twain_32\Samsung\SCX3200\Sscan2io.exe"="D:\WINDOWS\twain_32\Samsung\SCX3200\Sscan2io.exe:*:Enabled:SScanToIO"
"D:\Program Files\Unreal\Unreal Tournament 2004\System\UT2004.exe"="D:\Program Files\Unreal\Unreal Tournament 2004\System\UT2004.exe:*:Enabled:UT2004"
"D:\WINDOWS\system32\javaw.exe"="D:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\Program Files\TmNationsForever\TmForever.exe"="D:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"D:\Program Files\EA SPORTS\FIFA 07\fifa07.exe"="D:\Program Files\EA SPORTS\FIFA 07\fifa07.exe:*:Enabled:fifa07"
"D:\Program Files\MyPhoneExplorer\MyPhoneExplorer.exe"="D:\Program Files\MyPhoneExplorer\MyPhoneExplorer.exe:*:Enabled:MyPhoneExplorer"
"D:\Documents and Settings\Jenda\Plocha\Need for Speed Underground 2\speed2.exe"="D:\Documents and Settings\Jenda\Plocha\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2"
"D:\Program Files\City Car Driving\bin\win32\starter.exe"="D:\Program Files\City Car Driving\bin\win32\starter.exe:*:Enabled:starter"
"D:\Program Files\Duel of Champions\MMDoC-PDCLive\Launcher.exe"="D:\Program Files\Duel of Champions\MMDoC-PDCLive\Launcher.exe:*:Enabled:Launcher"
"D:\Program Files\Duel of Champions\MMDoC-PDCLive\GameData\Game.exe"="D:\Program Files\Duel of Champions\MMDoC-PDCLive\GameData\Game.exe:*:Enabled:Might & Magic : Duel of Champions"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.2380\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.2380\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Program Files\Battle.net\Battle.net.exe"="D:\Program Files\Battle.net\Battle.net.exe:*:Enabled:Battle.net"
"D:\Program Files\Hearthstone\Hearthstone.exe"="D:\Program Files\Hearthstone\Hearthstone.exe:*:Enabled:Hearthstone"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.beta.2417\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.beta.2417\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.beta.2426\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.beta.2426\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.beta.2514\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.beta.2514\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.2816\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.2816\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.2880\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.2880\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3147\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3147\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3182\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3182\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Program Files\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe"="D:\Program Files\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe:*:Enabled:Samsung Universal Print Driver 2"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3372\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3372\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Program Files\Diablo III\Diablo III.exe"="D:\Program Files\Diablo III\Diablo III.exe:*:Enabled:Diablo III"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3427\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3427\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3454\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3454\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3478\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3478\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3526\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3526\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3632\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3632\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3634\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3634\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3668\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3668\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3669\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3669\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3688\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3688\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Program Files\Valve\hl.exe"="D:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3689\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3689\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3715\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3715\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Program Files\Bonjour\mDNSResponder.exe"="D:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"D:\Program Files\iDisplay\iDisplay.exe"="D:\Program Files\iDisplay\iDisplay.exe:*:Enabled:iDisplay Server"
"D:\Program Files\Steam\Steam.exe"="D:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"D:\Program Files\Steam\bin\steamwebhelper.exe"="D:\Program Files\Steam\bin\steamwebhelper.exe:*:Enabled:Steam Web Helper"
"D:\Program Files\MyWIFIRouter\QWi-Fi.exe"="D:\Program Files\MyWIFIRouter\QWi-Fi.exe:*:Enabled:WIFI Router"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Program Files\Wi-Fi\Wi-Fi.exe"="D:\Program Files\Wi-Fi\Wi-Fi.exe:*:Enabled:Wi-Fi.exe"
"D:\Program Files\Mount&Blade Warband\mb_warband.exe"="D:\Program Files\Mount&Blade Warband\mb_warband.exe:*:Enabled:Mount&Blade: Warband"
"D:\Program Files\Mozilla Firefox\firefox.exe"="D:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (D:\Program Files\Mozilla Firefox)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Pando Networks\Media Booster\PMB.exe"="D:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"D:\Program Files\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe"="D:\Program Files\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe:*:Enabled:Samsung Universal Print Driver 2"
"D:\Program Files\MyWIFIRouter\QWi-Fi.exe"="D:\Program Files\MyWIFIRouter\QWi-Fi.exe:*:Enabled:WIFI Router"
"D:\Program Files\Wi-Fi\Wi-Fi.exe"="D:\Program Files\Wi-Fi\Wi-Fi.exe:*:Enabled:Wi-Fi.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=D:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"VIDC.X264"=x264vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"MSVideo8"=VfWWDM32.dll

======List of files/folders created in the last 1 month======

2015-12-26 15:44:28 ----D---- D:\WINDOWS\system32\HtmlData
2015-12-26 00:18:05 ----D---- D:\Program Files\CDisplay
2015-12-25 13:10:10 ----D---- D:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2015-12-28 23:53:02 ----A---- D:\Documents and Settings\All Users\Data aplikací\HPWALog.txt
2015-12-28 23:52:56 ----D---- D:\Program Files\trend micro
2015-12-28 23:44:33 ----D---- D:\WINDOWS\Temp
2015-12-28 23:43:45 ----A---- D:\WINDOWS\win.ini
2015-12-28 23:43:45 ----A---- D:\WINDOWS\system.ini
2015-12-28 23:42:47 ----D---- D:\WINDOWS
2015-12-28 23:42:05 ----SHD---- D:\Config.Msi
2015-12-28 23:41:20 ----A---- D:\WINDOWS\SchedLgU.Txt
2015-12-28 23:41:18 ----D---- D:\WINDOWS\system32\CatRoot2
2015-12-28 23:40:30 ----SHD---- D:\WINDOWS\Installer
2015-12-28 23:40:29 ----D---- D:\WINDOWS\WinSxS
2015-12-28 23:37:17 ----D---- D:\WINDOWS\Microsoft.NET
2015-12-28 23:37:11 ----D---- D:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2015-12-28 23:37:10 ----RSD---- D:\WINDOWS\assembly
2015-12-28 23:35:51 ----SD---- D:\Documents and Settings\All Users\Data aplikací\Microsoft
2015-12-28 23:35:51 ----D---- D:\Program Files\Common Files\Microsoft Shared
2015-12-28 23:35:51 ----D---- D:\Program Files
2015-12-28 23:34:42 ----RSD---- D:\WINDOWS\Fonts
2015-12-28 23:34:16 ----D---- D:\Program Files\MSBuild
2015-12-28 23:34:09 ----AD---- D:\WINDOWS\system32
2015-12-28 23:34:08 ----D---- D:\Program Files\Common Files
2015-12-28 23:33:40 ----D---- D:\WINDOWS\Prefetch
2015-12-28 23:30:08 ----D---- D:\Program Files\Common Files\System
2015-12-28 23:28:25 ----HD---- D:\WINDOWS\inf
2015-12-28 23:24:15 ----D---- D:\WINDOWS\Debug
2015-12-28 23:11:04 ----D---- D:\Program Files\SystemRequirementsLab
2015-12-28 23:06:28 ----A---- D:\WINDOWS\system32\FlashPlayerApp.exe
2015-12-28 23:04:38 ----D---- D:\Documents and Settings\Jenda\Data aplikací\SHAPE
2015-12-28 22:05:27 ----D---- D:\Program Files\Battle.net
2015-12-26 13:16:07 ----D---- D:\Program Files\Mozilla Maintenance Service
2015-12-25 13:47:26 ----D---- D:\Documents and Settings\Jenda\Data aplikací\.minecraft
2015-12-23 20:30:53 ----D---- D:\Program Files\Mount&Blade Warband
2015-12-17 22:23:03 ----D---- D:\Program Files\Hearthstone
2015-12-11 18:58:21 ----D---- D:\Documents and Settings\All Users\Data aplikací\Battle.net
2015-12-11 18:58:20 ----D---- D:\Documents and Settings\Jenda\Data aplikací\Battle.net
2015-12-10 18:22:00 ----D---- D:\Program Files\Opera
2015-12-10 18:21:56 ----SD---- D:\WINDOWS\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; D:\WINDOWS\system32\drivers\aswRvrt.sys [2014-09-19 49944]
R0 aswVmm;avast! VM Monitor; D:\WINDOWS\system32\drivers\aswVmm.sys [2014-09-19 192352]
R0 PxHelp20;PxHelp20; D:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 SFAUDIO;Sonic Focus DSP Driver; D:\WINDOWS\system32\drivers\sfaudio.sys [2008-03-28 24064]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2010-06-24 77568]
R1 AswRdr;aswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [2014-09-19 55112]
R1 aswSnx;aswSnx; D:\WINDOWS\system32\drivers\aswSnx.sys [2014-11-21 779536]
R1 aswSP;aswSP; D:\WINDOWS\system32\drivers\aswSP.sys [2014-09-19 414520]
R1 aswTdi;aswTdi; D:\WINDOWS\system32\drivers\aswTdi.sys [2014-09-19 57800]
R1 intelppm;Řadič procesoru Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; D:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 aswHwid;avast! HardwareID; D:\WINDOWS\system32\drivers\aswHwid.sys [2014-09-19 24184]
R2 aswMonFlt;aswMonFlt; D:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-09-19 67824]
R2 npf;NetGroup Packet Filter Driver; D:\WINDOWS\system32\drivers\npf.sys [2013-03-01 36600]
R2 rspndr;Odpovídající zařízení zjišťování topologie linkové vrstvy; D:\WINDOWS\system32\DRIVERS\rspndr.sys [2010-06-24 62848]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; D:\WINDOWS\system32\drivers\ADIHdAud.sys [2009-07-20 339456]
R3 AEAudio;AE Audio Service; D:\WINDOWS\system32\drivers\AEAudio.sys [2009-03-12 112896]
R3 ati2mtag;ati2mtag; D:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-04 3488768]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; D:\WINDOWS\system32\drivers\AtiHdmi.sys [2009-04-01 93184]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; D:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2013-03-16 2697600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HpqKbFiltr;HpqKbFilter Driver; D:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 16768]
R3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; D:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Wdf01000; D:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; D:\WINDOWS\system32\drivers\WmBEnum.sys [2010-04-27 22856]
R3 WmXlCore;Logitech Translation Layer Driver; D:\WINDOWS\system32\drivers\WmXlCore.sys [2010-04-27 66632]
S1 DumpDrv;Crash Dump Driver; D:\WINDOWS\system32\drivers\DumpDrv.sys [2010-06-24 9472]
S1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 DgiVecp;DgiVecp; \??\D:\WINDOWS\system32\Drivers\DgiVecp.sys []
S2 SSPORT;SSPORT; \??\D:\WINDOWS\system32\Drivers\SSPORT.sys []
S3 AR9271;Wireless Network Adapter Service; D:\WINDOWS\system32\DRIVERS\athuw.sys [2013-06-28 1763584]
S3 CCDECODE;Dekodér Closed Caption; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 esgiguard;esgiguard; \??\D:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 iDispService;iDispService; D:\WINDOWS\system32\DRIVERS\idisplayminiport.sys [2012-08-31 14248]
S3 MPE;BDA MPE Filter; D:\WINDOWS\system32\DRIVERS\MPE.sys [2004-07-09 15104]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; D:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-11 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; D:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 RTL2832U_IRHID;HID Infrared Remote Receiver; D:\WINDOWS\system32\DRIVERS\RTL2832U_IRHID.sys [2009-10-05 31872]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; D:\WINDOWS\system32\drivers\RTL2832UBDA.sys [2010-01-22 143264]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; D:\WINDOWS\System32\Drivers\RTL2832UUSB.sys [2010-01-22 32800]
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; D:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WinUSB;Sony sa0102 ADB Interface; D:\WINDOWS\system32\DRIVERS\WinUSB.sys [2009-07-13 34944]
S3 WmFilter;Logitech Gaming HID Filter Driver; D:\WINDOWS\system32\drivers\WmFilter.sys [2010-04-27 37704]
S3 WmHidLo;Logitech Gaming USB Filter Driver; D:\WINDOWS\system32\drivers\WmHidLo.sys [2010-04-27 31816]
S3 WmVirHid;Logitech Virtual Hid Device Driver; D:\WINDOWS\system32\drivers\WmVirHid.sys [2010-04-27 15048]
S3 WpdUsb;WpdUsb; D:\WINDOWS\system32\DRIVERS\wpdusb.sys [2010-06-24 38528]
S3 WSTCODEC;World Standard Teletext Codec; D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2010-06-24 82944]
S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; D:\WINDOWS\system32\DRIVERS\yk51x86.sys [2009-07-17 297728]
S4 exFat;exFat; D:\WINDOWS\system32\drivers\exFat.sys [2010-06-24 133632]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [2009-02-04 602112]
R2 avast! Antivirus;avast! Antivirus; D:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-09-19 50344]
R2 Bonjour Service;Bonjour Service; D:\Program Files\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre7\bin\jqs.exe [2014-07-25 182696]
R2 WSearch;Windows Search; D:\WINDOWS\system32\SearchIndexer.exe [2010-06-24 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2010-06-24 14848]
R2 yksvc;Marvell Yukon Service; D:\WINDOWS\System32\svchost.exe [2010-06-24 14848]
R3 Com4QLBEx;Com4QLBEx; D:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]
R3 hpqwmiex;hpqwmiex; D:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 SkypeUpdate;Skype Updater; D:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-28 269504]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-12-25 146888]
S3 WinRM;Windows Remote Management (WS-Management); D:\WINDOWS\system32\svchost.exe [2010-06-24 14848]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; D:\Program Files\Windows Media Player\WMPNetwk.exe [2010-06-24 913920]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; d:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 29 pro 2015 10:24

Zdravim

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Udelejte !!!kompletni!!! kontrolu s MBAM http://www.bleepingcomputer.com/downloa ... re/dl/241/ (musite stahnout verzi 1.75, odmitnout upgrade na novejsi verzi a aktualizovat jen virovou databazi) a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce. Navod zde http://forum.viry.cz/viewtopic.php?f=29&t=115222

Jenda66 · #3 Příspěvek od **Jenda66** » 29 pro 2015 12:58

Děkuji. Přikládám log z AdwCleaner. MBAM jdu spustit teď, log pak dodám.

# AdwCleaner v5.026 - Logfile created 29/12/2015 at 12:52:50
# Updated 21/12/2015 by Xplode
# Database : 2015-12-23.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Jenda - NOTEBOOK
# Running from : D:\Documents and Settings\Jenda\Plocha\adwcleaner_5.026.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : D:\Documents and Settings\All Users\Data aplikací\Tbccint
[!] Folder Not Deleted : D:\Documents and Settings\All Users\Data aplikací\Tbccint
[-] Folder Deleted : D:\Documents and Settings\Jenda\Local Settings\Data aplikací\Tbccint
[-] Folder Deleted : D:\Documents and Settings\Jenda\Local Settings\Data aplikací\MalwareProtectionLive
[!] Folder Not Deleted : D:\Documents and Settings\Jenda\Local Settings\Data aplikací\Tbccint

***** [ Files ] *****

[-] File Deleted : D:\END

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

[-] Task Deleted : update-sys
[-] Task Deleted : update-S-1-5-21-1417001333-2111687655-2146992267-1004
[-] Task Deleted : update-sys

***** [ Registry ] *****

[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3329621
[-] Key Deleted : HKCU\Software\Classes\CLSID\{1BBF13E0-551E-42DD-91F4-1A547443FFDA}
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\Tbccint
[-] Key Deleted : HKCU\Software\Tbccint_HKLM
[-] Key Deleted : HKCU\Software\TbccintSearchScopes
[!] Key Not Deleted : HKCU\Software\Tbccint
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AACA122C-DFA9-43E6-9634-CBE70CFA0833}

***** [ Web browsers ] *****

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - D:\AdwCleaner\AdwCleaner[C2].txt - [1930 bytes] ##########

Jenda66 · #4 Příspěvek od **Jenda66** » 29 pro 2015 14:31

A ještě MBAM. Chvilku to trvalo.

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2015.12.29.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Jenda :: NOTEBOOK [administrátor]

Ochrana: Zakázána

29.12.2015 13:02:05
MBAM-log-2015-12-29 (14-30-25).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 353839
Uplynulý čas: 1 hodin, 10 minut, 9 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 2
HKCU\Software\SmartBar\UninstallerData (PUP.Optional.ConduitTB.Gen) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\SMARTBAR (PUP.Optional.SmartBar) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 1
HKCU\Software\Smartbar|GlobalUserId (PUP.Optional.SmartBar) -> Data: CC78F2C6-6EE7-40E5-9C6D-41B5AFC23EDC -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 8
C:\Temp\DVUXW.CFG (Trojan.BitCoinMiner) -> Nebyla provedena žádná instrukce.
D:\AdwCleaner\Quarantine\D\Documents and Settings\All Users\Data aplikací\Tbccint\IE\CT3329621\UninstallerUI.exe.vir (PUP.Optional.ClientConnect) -> Nebyla provedena žádná instrukce.
D:\AdwCleaner\Quarantine\D\Documents and Settings\All Users\Data aplikací\Tbccint\Multi\CT3329621\UninstallerUI.exe.vir (PUP.Optional.ClientConnect) -> Nebyla provedena žádná instrukce.
D:\AdwCleaner\Quarantine\D\Documents and Settings\Jenda\Local Settings\Data aplikací\Tbccint\Community Alerts\Alert.dll.vir (PUP.Optional.ClientConnect) -> Nebyla provedena žádná instrukce.
D:\Documents and Settings\Jenda\Dokumenty\Stažené soubory\WiFiHotSpotCreatorSetup.exe (PUP.Optional.InstallIQ) -> Nebyla provedena žádná instrukce.
D:\System Volume Information\_restore{F5F0CD00-5B6C-489C-9E68-06C7FF70F552}\RP686\A0112918.exe (PUP.Optional.ClientConnect) -> Nebyla provedena žádná instrukce.
D:\System Volume Information\_restore{F5F0CD00-5B6C-489C-9E68-06C7FF70F552}\RP686\A0112919.exe (PUP.Optional.ClientConnect) -> Nebyla provedena žádná instrukce.
D:\System Volume Information\_restore{F5F0CD00-5B6C-489C-9E68-06C7FF70F552}\RP686\A0112920.dll (PUP.Optional.ClientConnect) -> Nebyla provedena žádná instrukce.

(konec)

#5 Příspěvek od **Márty84** » 29 pro 2015 18:26

Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

Jenda66 · #6 Příspěvek od **Jenda66** » 29 pro 2015 21:23

Log z MBAM.

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2015.12.29.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Jenda :: NOTEBOOK [administrátor]

Ochrana: Povolena

29.12.2015 19:18:28
mbam-log-2015-12-29 (19-18-28).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 369042
Uplynulý čas: 59 minut, 32 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

#7 Příspěvek od **Márty84** » 30 pro 2015 10:00

MBAM odinstalujte.

Dejte novy log z RSIT

a k tomu

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

Jenda66 · #8 Příspěvek od **Jenda66** » 30 pro 2015 12:53

RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jenda at 2015-12-30 12:53:16
Systém Microsoft Windows XP Professional Service Pack 3
System drive D: has 413 GB (87%) free of 476 GB
Total RAM: 3036 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:53:23, on 30.12.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\AVAST Software\Avast\AvastSvc.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Java\jre7\bin\jqs.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\SearchIndexer.exe
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\WINDOWS\System32\alg.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Analog Devices\Core\smax4pnp.exe
D:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
D:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
D:\Program Files\AVAST Software\Avast\AvastUI.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
D:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
D:\WINDOWS\system32\wbem\unsecapp.exe
D:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\WINDOWS\system32\SearchProtocolHost.exe
D:\WINDOWS\system32\SearchFilterHost.exe
D:\Documents and Settings\Jenda\Dokumenty\Stažené soubory\RSIT.exe
D:\Program Files\trend micro\Jenda.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O4 - HKLM\..\Run: [SoundMAXPnP] D:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] D:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [QlbCtrl.exe] D:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WirelessAssistant] D:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [AvastUI.exe] "D:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [KB976002-v5] rundll32.exe advpack.dll,LaunchINFSection OPMWXPUP.inf,BrowserChoiceGoo (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [KB976002-v5] rundll32.exe advpack.dll,LaunchINFSection OPMWXPUP.inf,BrowserChoiceGoo (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://D:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - D:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - D:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - D:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - D:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - D:\Program Files\Skype\Updater\Updater.exe

--
End of file - 5862 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - D:\WINDOWS\system32\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe -check pepperplugin
D:\WINDOWS\tasks\Adobe Flash Player Updater.job - D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
D:\WINDOWS\tasks\avast! Emergency Update.job - D:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
D:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - D:\WINDOWS\system32\xp_eos.exe
D:\WINDOWS\tasks\Opera scheduled Autoupdate 1448040242.job - D:\Program Files\Opera\launcher.exe --scheduledautoupdate $(Arg0)
D:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - D:\WINDOWS\system32\xp_eos.exe -c

=========Mozilla firefox=========

ProfilePath - D:\Documents and Settings\Jenda\Data aplikací\Mozilla\Firefox\Profiles\w06w7bvk.default-1448046860640

"{20a82645-c095-46ed-80e3-08825760534b}"=d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=D:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=D:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=D:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=D:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=d:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

D:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=D:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-07-20 1044480]
"SoundMAX"=D:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2008-07-25 888832]
"QlbCtrl.exe"=D:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 287800]
"WirelessAssistant"=D:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-03-10 506936]
"AvastUI.exe"=D:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-09-19 4085896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\3200 Scan2PC]
D:\WINDOWS\Twain_32\Samsung\SCX3200\Scan2pc.exe [2010-05-18 1989120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
D:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
D:\Program Files\CCleaner\CCleaner.exe [2015-12-08 6602152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IR_SERVER]
D:\PROGRA~1\Realtek\REALTE~1\IR_SERVER.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
D:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lightshot]
D:\Program Files\Skillbrains\lightshot\Lightshot.exe [2014-10-16 226560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
D:\Program Files\Pando Networks\Media Booster\PMB.exe [2013-03-19 4270640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr]
D:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe [2010-10-28 618496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
D:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 153672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
D:\Program Files\Steam\steam.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
D:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
D:\PROGRA~1\WINDOW~2\WINDOW~1.EXE [2010-06-24 123904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
D:\WINDOWS\system32\Ati2evxx.dll [2009-02-04 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
WgaLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2010-06-24 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=D:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2010-06-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Opera\opera.exe"="D:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"D:\Program Files\Winamp\winamp.exe"="D:\Program Files\Winamp\winamp.exe:*:Disabled:Winamp"
"D:\Documents and Settings\Jenda\Local Settings\Temp\Keygen.exe"="D:\Documents and Settings\Jenda\Local Settings\Temp\Keygen.exe:*:Enabled:Keygen"
"D:\Program Files\Pando Networks\Media Booster\PMB.exe"="D:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"D:\WINDOWS\twain_32\Samsung\ScanMgr.exe"="D:\WINDOWS\twain_32\Samsung\ScanMgr.exe:*:Enabled:Scan Manger"
"D:\WINDOWS\twain_32\Samsung\SCX3200\Scan2Pc.exe"="D:\WINDOWS\twain_32\Samsung\SCX3200\Scan2Pc.exe:*:Enabled:ScanToPC"
"D:\WINDOWS\twain_32\Samsung\SCX3200\Sscan2io.exe"="D:\WINDOWS\twain_32\Samsung\SCX3200\Sscan2io.exe:*:Enabled:SScanToIO"
"D:\Program Files\Unreal\Unreal Tournament 2004\System\UT2004.exe"="D:\Program Files\Unreal\Unreal Tournament 2004\System\UT2004.exe:*:Enabled:UT2004"
"D:\WINDOWS\system32\javaw.exe"="D:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\Program Files\TmNationsForever\TmForever.exe"="D:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"D:\Program Files\EA SPORTS\FIFA 07\fifa07.exe"="D:\Program Files\EA SPORTS\FIFA 07\fifa07.exe:*:Enabled:fifa07"
"D:\Program Files\MyPhoneExplorer\MyPhoneExplorer.exe"="D:\Program Files\MyPhoneExplorer\MyPhoneExplorer.exe:*:Enabled:MyPhoneExplorer"
"D:\Documents and Settings\Jenda\Plocha\Need for Speed Underground 2\speed2.exe"="D:\Documents and Settings\Jenda\Plocha\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2"
"D:\Program Files\City Car Driving\bin\win32\starter.exe"="D:\Program Files\City Car Driving\bin\win32\starter.exe:*:Enabled:starter"
"D:\Program Files\Duel of Champions\MMDoC-PDCLive\Launcher.exe"="D:\Program Files\Duel of Champions\MMDoC-PDCLive\Launcher.exe:*:Enabled:Launcher"
"D:\Program Files\Duel of Champions\MMDoC-PDCLive\GameData\Game.exe"="D:\Program Files\Duel of Champions\MMDoC-PDCLive\GameData\Game.exe:*:Enabled:Might & Magic : Duel of Champions"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.2380\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.2380\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Program Files\Battle.net\Battle.net.exe"="D:\Program Files\Battle.net\Battle.net.exe:*:Enabled:Battle.net"
"D:\Program Files\Hearthstone\Hearthstone.exe"="D:\Program Files\Hearthstone\Hearthstone.exe:*:Enabled:Hearthstone"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.beta.2417\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.beta.2417\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.beta.2426\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.beta.2426\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.beta.2514\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.beta.2514\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.2816\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.2816\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.2880\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.2880\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3147\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3147\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3182\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3182\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Program Files\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe"="D:\Program Files\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe:*:Enabled:Samsung Universal Print Driver 2"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3372\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3372\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Program Files\Diablo III\Diablo III.exe"="D:\Program Files\Diablo III\Diablo III.exe:*:Enabled:Diablo III"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3427\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3427\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3454\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3454\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3478\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3478\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3526\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3526\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3632\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3632\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3634\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3634\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3668\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3668\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3669\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3669\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3688\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3688\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Program Files\Valve\hl.exe"="D:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3689\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3689\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3715\Agent.exe"="D:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.3715\Agent.exe:*:Enabled:Battle.net Update Agent"
"D:\Program Files\Bonjour\mDNSResponder.exe"="D:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"D:\Program Files\iDisplay\iDisplay.exe"="D:\Program Files\iDisplay\iDisplay.exe:*:Enabled:iDisplay Server"
"D:\Program Files\Steam\Steam.exe"="D:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"D:\Program Files\Steam\bin\steamwebhelper.exe"="D:\Program Files\Steam\bin\steamwebhelper.exe:*:Enabled:Steam Web Helper"
"D:\Program Files\MyWIFIRouter\QWi-Fi.exe"="D:\Program Files\MyWIFIRouter\QWi-Fi.exe:*:Enabled:WIFI Router"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Program Files\Wi-Fi\Wi-Fi.exe"="D:\Program Files\Wi-Fi\Wi-Fi.exe:*:Enabled:Wi-Fi.exe"
"D:\Program Files\Mount&Blade Warband\mb_warband.exe"="D:\Program Files\Mount&Blade Warband\mb_warband.exe:*:Enabled:Mount&Blade: Warband"
"D:\Program Files\Mozilla Firefox\firefox.exe"="D:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (D:\Program Files\Mozilla Firefox)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Pando Networks\Media Booster\PMB.exe"="D:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"D:\Program Files\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe"="D:\Program Files\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe:*:Enabled:Samsung Universal Print Driver 2"
"D:\Program Files\MyWIFIRouter\QWi-Fi.exe"="D:\Program Files\MyWIFIRouter\QWi-Fi.exe:*:Enabled:WIFI Router"
"D:\Program Files\Wi-Fi\Wi-Fi.exe"="D:\Program Files\Wi-Fi\Wi-Fi.exe:*:Enabled:Wi-Fi.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=D:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"VIDC.X264"=x264vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"MSVideo8"=VfWWDM32.dll

======List of files/folders created in the last 1 month======

2015-12-29 13:17:30 ----D---- D:\Program Files\Mozilla Firefox
2015-12-26 15:44:28 ----D---- D:\WINDOWS\system32\HtmlData
2015-12-26 00:18:05 ----D---- D:\Program Files\CDisplay

======List of files/folders modified in the last 1 month======

2015-12-30 12:53:24 ----D---- D:\WINDOWS\Prefetch
2015-12-30 12:53:19 ----D---- D:\Program Files\trend micro
2015-12-30 12:52:13 ----D---- D:\WINDOWS\system32\drivers
2015-12-30 12:52:13 ----D---- D:\Program Files
2015-12-30 06:15:27 ----A---- D:\Documents and Settings\All Users\Data aplikací\HPWALog.txt
2015-12-29 23:43:27 ----D---- D:\Program Files\Battle.net
2015-12-29 19:49:37 ----D---- D:\WINDOWS\Temp
2015-12-29 19:13:37 ----D---- D:\Program Files\Mozilla Maintenance Service
2015-12-29 19:13:06 ----D---- D:\WINDOWS\BitLockerDiscoveryVolumeContents
2015-12-29 19:12:32 ----A---- D:\WINDOWS\SchedLgU.Txt
2015-12-29 12:52:52 ----SD---- D:\WINDOWS\Tasks
2015-12-29 12:52:50 ----D---- D:\AdwCleaner
2015-12-29 01:07:36 ----AD---- D:\WINDOWS\system32
2015-12-29 01:07:35 ----A---- D:\WINDOWS\system32\FlashPlayerApp.exe
2015-12-29 00:59:42 ----RSD---- D:\WINDOWS\assembly
2015-12-29 00:56:53 ----D---- D:\WINDOWS\Microsoft.NET
2015-12-28 23:43:45 ----A---- D:\WINDOWS\win.ini
2015-12-28 23:43:45 ----A---- D:\WINDOWS\system.ini
2015-12-28 23:42:47 ----D---- D:\WINDOWS
2015-12-28 23:42:05 ----SHD---- D:\Config.Msi
2015-12-28 23:41:18 ----D---- D:\WINDOWS\system32\CatRoot2
2015-12-28 23:40:30 ----SHD---- D:\WINDOWS\Installer
2015-12-28 23:40:29 ----D---- D:\WINDOWS\WinSxS
2015-12-28 23:37:11 ----D---- D:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2015-12-28 23:35:51 ----SD---- D:\Documents and Settings\All Users\Data aplikací\Microsoft
2015-12-28 23:35:51 ----D---- D:\Program Files\Microsoft.NET
2015-12-28 23:35:51 ----D---- D:\Program Files\Common Files\Microsoft Shared
2015-12-28 23:34:42 ----RSD---- D:\WINDOWS\Fonts
2015-12-28 23:34:16 ----D---- D:\Program Files\MSBuild
2015-12-28 23:34:08 ----D---- D:\Program Files\Common Files
2015-12-28 23:30:08 ----D---- D:\Program Files\Common Files\System
2015-12-28 23:28:25 ----HD---- D:\WINDOWS\inf
2015-12-28 23:24:15 ----D---- D:\WINDOWS\Debug
2015-12-28 23:11:04 ----D---- D:\Program Files\SystemRequirementsLab
2015-12-28 23:04:38 ----D---- D:\Documents and Settings\Jenda\Data aplikací\SHAPE
2015-12-25 13:47:26 ----D---- D:\Documents and Settings\Jenda\Data aplikací\.minecraft
2015-12-23 20:30:53 ----D---- D:\Program Files\Mount&Blade Warband
2015-12-17 22:23:03 ----D---- D:\Program Files\Hearthstone
2015-12-11 18:58:21 ----D---- D:\Documents and Settings\All Users\Data aplikací\Battle.net
2015-12-11 18:58:20 ----D---- D:\Documents and Settings\Jenda\Data aplikací\Battle.net
2015-12-10 18:22:00 ----D---- D:\Program Files\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; D:\WINDOWS\system32\drivers\aswRvrt.sys [2014-09-19 49944]
R0 aswVmm;avast! VM Monitor; D:\WINDOWS\system32\drivers\aswVmm.sys [2014-09-19 192352]
R0 PxHelp20;PxHelp20; D:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 SFAUDIO;Sonic Focus DSP Driver; D:\WINDOWS\system32\drivers\sfaudio.sys [2008-03-28 24064]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2010-06-24 77568]
R1 AswRdr;aswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [2014-09-19 55112]
R1 aswSnx;aswSnx; D:\WINDOWS\system32\drivers\aswSnx.sys [2014-11-21 779536]
R1 aswSP;aswSP; D:\WINDOWS\system32\drivers\aswSP.sys [2014-09-19 414520]
R1 aswTdi;aswTdi; D:\WINDOWS\system32\drivers\aswTdi.sys [2014-09-19 57800]
R1 intelppm;Řadič procesoru Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; D:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 aswHwid;avast! HardwareID; D:\WINDOWS\system32\drivers\aswHwid.sys [2014-09-19 24184]
R2 aswMonFlt;aswMonFlt; D:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-09-19 67824]
R2 npf;NetGroup Packet Filter Driver; D:\WINDOWS\system32\drivers\npf.sys [2013-03-01 36600]
R2 rspndr;Odpovídající zařízení zjišťování topologie linkové vrstvy; D:\WINDOWS\system32\DRIVERS\rspndr.sys [2010-06-24 62848]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; D:\WINDOWS\system32\drivers\ADIHdAud.sys [2009-07-20 339456]
R3 AEAudio;AE Audio Service; D:\WINDOWS\system32\drivers\AEAudio.sys [2009-03-12 112896]
R3 ati2mtag;ati2mtag; D:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-04 3488768]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; D:\WINDOWS\system32\drivers\AtiHdmi.sys [2009-04-01 93184]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; D:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2013-03-16 2697600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HpqKbFiltr;HpqKbFilter Driver; D:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 16768]
R3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; D:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Wdf01000; D:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; D:\WINDOWS\system32\drivers\WmBEnum.sys [2010-04-27 22856]
R3 WmXlCore;Logitech Translation Layer Driver; D:\WINDOWS\system32\drivers\WmXlCore.sys [2010-04-27 66632]
S1 DumpDrv;Crash Dump Driver; D:\WINDOWS\system32\drivers\DumpDrv.sys [2010-06-24 9472]
S1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 DgiVecp;DgiVecp; \??\D:\WINDOWS\system32\Drivers\DgiVecp.sys []
S2 SSPORT;SSPORT; \??\D:\WINDOWS\system32\Drivers\SSPORT.sys []
S3 AR9271;Wireless Network Adapter Service; D:\WINDOWS\system32\DRIVERS\athuw.sys [2013-06-28 1763584]
S3 CCDECODE;Dekodér Closed Caption; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 esgiguard;esgiguard; \??\D:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 iDispService;iDispService; D:\WINDOWS\system32\DRIVERS\idisplayminiport.sys [2012-08-31 14248]
S3 MPE;BDA MPE Filter; D:\WINDOWS\system32\DRIVERS\MPE.sys [2004-07-09 15104]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; D:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-11 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; D:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 RTL2832U_IRHID;HID Infrared Remote Receiver; D:\WINDOWS\system32\DRIVERS\RTL2832U_IRHID.sys [2009-10-05 31872]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; D:\WINDOWS\system32\drivers\RTL2832UBDA.sys [2010-01-22 143264]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; D:\WINDOWS\System32\Drivers\RTL2832UUSB.sys [2010-01-22 32800]
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; D:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WinUSB;Sony sa0102 ADB Interface; D:\WINDOWS\system32\DRIVERS\WinUSB.sys [2009-07-13 34944]
S3 WmFilter;Logitech Gaming HID Filter Driver; D:\WINDOWS\system32\drivers\WmFilter.sys [2010-04-27 37704]
S3 WmHidLo;Logitech Gaming USB Filter Driver; D:\WINDOWS\system32\drivers\WmHidLo.sys [2010-04-27 31816]
S3 WmVirHid;Logitech Virtual Hid Device Driver; D:\WINDOWS\system32\drivers\WmVirHid.sys [2010-04-27 15048]
S3 WpdUsb;WpdUsb; D:\WINDOWS\system32\DRIVERS\wpdusb.sys [2010-06-24 38528]
S3 WSTCODEC;World Standard Teletext Codec; D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2010-06-24 82944]
S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; D:\WINDOWS\system32\DRIVERS\yk51x86.sys [2009-07-17 297728]
S4 exFat;exFat; D:\WINDOWS\system32\drivers\exFat.sys [2010-06-24 133632]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [2009-02-04 602112]
R2 avast! Antivirus;avast! Antivirus; D:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-09-19 50344]
R2 Bonjour Service;Bonjour Service; D:\Program Files\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre7\bin\jqs.exe [2014-07-25 182696]
R2 WSearch;Windows Search; D:\WINDOWS\system32\SearchIndexer.exe [2010-06-24 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2010-06-24 14848]
R2 yksvc;Marvell Yukon Service; D:\WINDOWS\System32\svchost.exe [2010-06-24 14848]
R3 Com4QLBEx;Com4QLBEx; D:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]
R3 hpqwmiex;hpqwmiex; D:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; D:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-29 269504]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-12-29 146888]
S3 WinRM;Windows Remote Management (WS-Management); D:\WINDOWS\system32\svchost.exe [2010-06-24 14848]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; D:\Program Files\Windows Media Player\WMPNetwk.exe [2010-06-24 913920]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; d:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Jenda66 · #9 Příspěvek od **Jenda66** » 30 pro 2015 13:01

FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:29-12-2015
Ran by Jenda (administrator) on NOTEBOOK (30-12-2015 12:57:50)
Running from D:\Documents and Settings\Jenda\Plocha
Loaded Profiles: Jenda (Available Profiles: Jenda)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) D:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) D:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) D:\Program Files\Bonjour\mDNSResponder.exe
(Oracle Corporation) D:\Program Files\Java\jre7\bin\jqs.exe
(Microsoft Corporation) D:\WINDOWS\system32\wscntfy.exe
(Analog Devices, Inc.) D:\Program Files\Analog Devices\Core\smax4pnp.exe
( Hewlett-Packard Development Company, L.P.) D:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Hewlett-Packard) D:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Development Company, L.P.) D:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Development Company, L.P.) D:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Microsoft Corporation) D:\WINDOWS\system32\wbem\unsecapp.exe
() D:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Mozilla Corporation) D:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) D:\Documents and Settings\Jenda\Plocha\FRSTLauncher.exe
(Microsoft Corporation) D:\WINDOWS\system32\cmd.exe
(Microsoft Corporation) D:\WINDOWS\system32\ping.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SoundMAXPnP] => D:\Program Files\Analog Devices\Core\smax4pnp.exe [1044480 2009-07-20] (Analog Devices, Inc.)
HKLM\...\Run: [SoundMAX] => D:\Program Files\Analog Devices\SoundMAX\Smax4.exe [888832 2008-07-25] (Analog Devices, Inc.)
HKLM\...\Run: [QlbCtrl.exe] => D:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [287800 2010-02-25] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [WirelessAssistant] => D:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [506936 2009-03-10] (Hewlett-Packard)
HKLM\...\Run: [AvastUI.exe] => D:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-19] (AVAST Software)
Winlogon\Notify\AtiExtEvent: D:\WINDOWS\system32\Ati2evxx.dll [2009-02-04] (ATI Technologies Inc.)
Winlogon\Notify\WgaLogon: WgaLogon.dll [X]
HKU\S-1-5-18\...\Run: [KB976002-v5] => rundll32.exe advpack.dll,LaunchINFSection OPMWXPUP.inf,BrowserChoiceGoo
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - D:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2010-06-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Program Files\AVAST Software\Avast\ashShell.dll [2014-09-19] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 04 D:\Program Files\Bonjour\mdnsNSP.dll [152864 2010-10-07] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{A25950CE-AAFD-44BD-BB4D-4D8DBEAA6E0C}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://www.google.com" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

FireFox:
========
FF ProfilePath: D:\Documents and Settings\Jenda\Data aplikací\Mozilla\Firefox\Profiles\w06w7bvk.default-1448046860640
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> D:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @adobe.com/ShockwavePlayer -> D:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll [2013-01-30] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> D:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> d:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-03-19] (Pando Networks)
FF Plugin: Adobe Reader -> D:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1417001333-2111687655-2146992267-1004: pandonetworks.com/PandoWebPlugin -> D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-03-19] (Pando Networks)
FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Extension: Seznam Calib Software - D:\Documents and Settings\Jenda\Data aplikací\Mozilla\Firefox\Profiles\w06w7bvk.default-1448046860640\extensions\SeznamAdmin@software.xpi [2015-12-19] [not signed]
FF Extension: Adblock Plus - D:\Documents and Settings\Jenda\Data aplikací\Mozilla\Firefox\Profiles\w06w7bvk.default-1448046860640\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-15]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-03-16] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - D:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - D:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-19]

Opera:
=======
OPR Extension: (AdBlock) - D:\Documents and Settings\Jenda\Data aplikací\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2015-11-20]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; D:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-19] (AVAST Software)
R2 JavaQuickStarterService; D:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-07-25] (Oracle Corporation)
R2 yksvc; D:\WINDOWS\System32\yk51x86.dll [282624 2009-07-17] (Marvell)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AR9271; D:\WINDOWS\System32\DRIVERS\athuw.sys [1763584 2013-06-28] (Atheros Communications, Inc.)
R2 aswHwid; D:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-09-19] ()
R2 aswMonFlt; D:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-09-19] (AVAST Software)
R1 AswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-09-19] (AVAST Software)
R0 aswRvrt; D:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-09-19] ()
R1 aswSnx; D:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-11-21] (AVAST Software)
R1 aswSP; D:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-09-19] (AVAST Software)
R1 aswTdi; D:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-09-19] (AVAST Software)
R0 aswVmm; D:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-09-19] ()
R3 BCM43XX; D:\WINDOWS\System32\DRIVERS\bcmwl5.sys [2697600 2013-03-16] (Broadcom Corporation)
S3 CCDECODE; D:\WINDOWS\System32\DRIVERS\CCDECODE.sys [16384 2004-07-09] (Microsoft Corporation)
S1 DumpDrv; D:\WINDOWS\system32\Drivers\DumpDrv.sys [9472 2010-06-24] (Microsoft Corporation)
S3 iDispService; D:\WINDOWS\System32\DRIVERS\idisplayminiport.sys [14248 2012-08-31] (SHAPE Services)
S3 MPE; D:\WINDOWS\System32\DRIVERS\MPE.sys [15104 2004-07-09] (Microsoft Corporation)
S3 NdisIP; D:\WINDOWS\System32\DRIVERS\NdisIP.sys [10112 2004-07-09] (Microsoft Corporation)
R2 npf; D:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 RTL2832UBDA; D:\WINDOWS\System32\drivers\RTL2832UBDA.sys [143264 2010-01-22] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; D:\WINDOWS\System32\Drivers\RTL2832UUSB.sys [32800 2010-01-22] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832U_IRHID; D:\WINDOWS\System32\DRIVERS\RTL2832U_IRHID.sys [31872 2009-10-05] (Realtek)
R0 SFAUDIO; D:\WINDOWS\System32\drivers\sfaudio.sys [24064 2008-03-28] (Sonic Focus, Inc)
R3 WmBEnum; D:\WINDOWS\System32\drivers\WmBEnum.sys [22856 2010-04-27] (Logitech Inc.)
S3 WmFilter; D:\WINDOWS\System32\drivers\WmFilter.sys [37704 2010-04-27] (Logitech Inc.)
S3 WmHidLo; D:\WINDOWS\System32\drivers\WmHidLo.sys [31816 2010-04-27] (Logitech Inc.)
S3 WmVirHid; D:\WINDOWS\System32\drivers\WmVirHid.sys [15048 2010-04-27] (Logitech Inc.)
R3 WmXlCore; D:\WINDOWS\System32\drivers\WmXlCore.sys [66632 2010-04-27] (Logitech Inc.)
S3 yukonwxp; D:\WINDOWS\System32\DRIVERS\yk51x86.sys [297728 2009-07-17] (Marvell)
S2 DgiVecp; \??\D:\WINDOWS\system32\Drivers\DgiVecp.sys [X]
S3 esgiguard; \??\D:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S4 IntelIde; no ImagePath
U5 Sdbus; D:\Windows\System32\Drivers\Sdbus.sys [80384 2010-06-24] (Microsoft Corporation)
S2 SSPORT; \??\D:\WINDOWS\system32\Drivers\SSPORT.sys [X]
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-30 12:57 - 2015-12-30 12:58 - 00011144 _____ D:\Documents and Settings\Jenda\Plocha\FRST.txt
2015-12-30 12:57 - 2015-12-30 12:57 - 00000000 ____D D:\FRST
2015-12-30 12:56 - 2015-12-30 12:56 - 00029696 _____ D:\Documents and Settings\Jenda\Local Settings\Data aplikací\MSGBOX.EXE
2015-12-30 12:56 - 2015-12-30 12:56 - 00015327 _____ D:\Documents and Settings\Jenda\Plocha\LM.bat
2015-12-30 12:55 - 2015-12-30 12:56 - 00112640 _____ (forum.viry.cz) D:\Documents and Settings\Jenda\Plocha\FRSTLauncher.exe
2015-12-30 12:54 - 2015-12-30 12:54 - 01721856 _____ (Farbar) D:\Documents and Settings\Jenda\Plocha\FRST.exe
2015-12-30 12:50 - 2015-12-30 12:50 - 00000000 ___RD D:\Documents and Settings\Jenda\Nabídka Start\Programy\Nástroje pro správu
2015-12-29 14:30 - 2015-12-29 14:30 - 00005236 _____ D:\Documents and Settings\Jenda\Plocha\MBAM-log-2015-12-29 (14-30-25).txt
2015-12-29 13:17 - 2015-12-29 14:29 - 00000000 ____D D:\Program Files\Mozilla Firefox
2015-12-29 12:49 - 2015-12-29 12:49 - 10284816 _____ (Malwarebytes Corporation ) D:\Documents and Settings\Jenda\Plocha\mbam-setup-1.75.0.1300.exe
2015-12-29 12:48 - 2015-12-29 12:48 - 01743360 _____ D:\Documents and Settings\Jenda\Plocha\adwcleaner_5.026.exe
2015-12-28 23:18 - 2015-12-28 23:18 - 00000682 _____ D:\Documents and Settings\All Users\Plocha\CCleaner.lnk
2015-12-28 23:02 - 2015-12-28 23:02 - 00000000 ____D D:\Documents and Settings\Jenda\Dokumenty\Splashtop Whiteboard
2015-12-28 23:02 - 2015-12-28 23:02 - 00000000 ____D D:\Documents and Settings\Jenda\Dokumenty\Splashtop Presenter
2015-12-26 15:44 - 2015-12-26 15:44 - 00000000 ____D D:\WINDOWS\system32\HtmlData
2015-12-26 00:18 - 2015-12-26 00:18 - 00000000 ____D D:\Program Files\CDisplay
2015-12-26 00:18 - 2015-12-26 00:18 - 00000000 ____D D:\Documents and Settings\All Users\Nabídka Start\Programy\CDisplay

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-30 12:58 - 2013-03-16 13:44 - 00000000 ____D D:\Documents and Settings\Jenda\Local Settings\Temp
2015-12-30 12:57 - 2013-03-16 13:44 - 00000000 ____D D:\Documents and Settings\Jenda\Plocha
2015-12-30 12:57 - 2013-03-16 10:47 - 00000000 ____D D:\WINDOWS
2015-12-30 12:56 - 2013-03-16 20:17 - 00000000 ____D D:\Documents and Settings\Jenda\Dokumenty\Stažené soubory
2015-12-30 12:56 - 2013-03-16 13:44 - 00000000 ___HD D:\Documents and Settings\Jenda\Local Settings\Data aplikací
2015-12-30 12:53 - 2013-03-16 15:05 - 00000000 ____D D:\Program Files\trend micro
2015-12-30 12:52 - 2013-03-16 14:14 - 00000000 ___RD D:\Documents and Settings\All Users\Nabídka Start\Programy
2015-12-30 12:52 - 2013-03-16 14:14 - 00000000 ____D D:\Documents and Settings\All Users\Plocha
2015-12-30 12:50 - 2013-03-16 13:44 - 00000000 ___RD D:\Documents and Settings\Jenda\Nabídka Start\Programy
2015-12-30 06:15 - 2013-03-16 14:38 - 00355115 _____ D:\Documents and Settings\All Users\Data aplikací\HPWALog.txt
2015-12-30 06:06 - 2013-07-01 10:57 - 00000914 _____ D:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-30 03:08 - 2013-03-16 14:41 - 00000364 ____H D:\WINDOWS\Tasks\avast! Emergency Update.job
2015-12-29 23:43 - 2013-12-07 14:35 - 00000000 ____D D:\Documents and Settings\Jenda\Local Settings\Data aplikací\Battle.net
2015-12-29 23:43 - 2013-12-07 14:34 - 00000000 ____D D:\Program Files\Battle.net
2015-12-29 23:43 - 2009-02-04 00:13 - 00121808 _____ D:\WINDOWS\system32\ativvaxx.cap
2015-12-29 19:16 - 2013-03-16 14:14 - 00000000 __RHD D:\Documents and Settings\All Users\Data aplikací
2015-12-29 19:15 - 2015-11-20 18:24 - 00000406 _____ D:\WINDOWS\Tasks\Opera scheduled Autoupdate 1448040242.job
2015-12-29 19:15 - 2015-09-04 18:41 - 00000222 _____ D:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-12-29 19:13 - 2013-03-16 14:50 - 00000000 ____D D:\Program Files\Mozilla Maintenance Service
2015-12-29 19:13 - 2013-03-16 13:41 - 00000006 ____H D:\WINDOWS\Tasks\SA.DAT
2015-12-29 19:13 - 2013-03-16 13:20 - 00000000 ____D D:\WINDOWS\BitLockerDiscoveryVolumeContents
2015-12-29 19:12 - 2013-03-16 13:44 - 00000178 ___SH D:\Documents and Settings\Jenda\ntuser.ini
2015-12-29 19:12 - 2013-03-16 13:41 - 00032538 _____ D:\WINDOWS\SchedLgU.Txt
2015-12-29 12:52 - 2014-05-18 12:21 - 00000000 ____D D:\AdwCleaner
2015-12-29 01:07 - 2015-11-20 18:37 - 00000958 _____ D:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-12-29 01:07 - 2013-03-16 15:27 - 00796864 _____ (Adobe Systems Incorporated) D:\WINDOWS\system32\FlashPlayerApp.exe
2015-12-29 01:07 - 2013-03-16 15:27 - 00142528 _____ (Adobe Systems Incorporated) D:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-12-28 23:44 - 2013-03-16 13:52 - 00080496 _____ D:\Documents and Settings\Jenda\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2015-12-28 23:43 - 2013-03-16 00:39 - 00000491 _____ D:\WINDOWS\win.ini
2015-12-28 23:43 - 2013-03-16 00:39 - 00000227 _____ D:\WINDOWS\system.ini
2015-12-28 23:42 - 2013-03-16 14:13 - 00329888 _____ D:\WINDOWS\system32\FNTCACHE.DAT
2015-12-28 23:37 - 2013-03-18 13:54 - 00000000 ____D D:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2015-12-28 23:35 - 2013-03-16 14:14 - 00000000 ____D D:\Program Files\Common Files\Microsoft Shared
2015-12-28 23:35 - 2013-03-16 14:13 - 00000000 ____D D:\Documents and Settings\All Users
2015-12-28 23:34 - 2013-03-16 13:22 - 00000000 ____D D:\Program Files\MSBuild
2015-12-28 23:30 - 2013-03-16 13:31 - 00000000 ____D D:\Program Files\Common Files\System
2015-12-28 23:28 - 2013-03-16 10:47 - 00000000 ___HD D:\WINDOWS\inf
2015-12-28 23:27 - 2013-03-16 15:09 - 00000000 ____D D:\Documents and Settings\Jenda\Dokumenty\Záloha CC
2015-12-28 23:26 - 2013-03-16 13:44 - 00000000 ____D D:\Documents and Settings\Jenda
2015-12-28 23:18 - 2013-03-16 15:09 - 00000000 ____D D:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
2015-12-28 23:16 - 2013-04-01 01:15 - 00000000 ___RD D:\Documents and Settings\Jenda\Plocha\Games
2015-12-28 23:16 - 2013-03-16 15:20 - 00000000 ____D D:\Documents and Settings\Jenda\Plocha\Programy
2015-12-28 23:15 - 2015-11-18 18:50 - 00000000 ____D D:\Documents and Settings\Jenda\Plocha\Nájem
2015-12-28 23:15 - 2013-03-16 23:48 - 00000000 ___RD D:\Documents and Settings\Jenda\Plocha\Aktuální semestr
2015-12-28 23:14 - 2013-03-20 12:02 - 00000000 ___RD D:\Documents and Settings\Jenda\Plocha\Data
2015-12-28 23:12 - 2013-03-18 21:22 - 00000000 ___RD D:\Documents and Settings\Jenda\Plocha\Hudba
2015-12-28 23:11 - 2013-04-03 13:22 - 00000000 ____D D:\Program Files\SystemRequirementsLab
2015-12-28 23:04 - 2015-06-01 19:49 - 00000000 ____D D:\Documents and Settings\Jenda\Data aplikací\SHAPE
2015-12-28 23:02 - 2013-03-16 13:44 - 00000000 __RHD D:\Documents and Settings\Jenda\Data aplikací
2015-12-28 23:02 - 2013-03-16 13:44 - 00000000 ___RD D:\Documents and Settings\Jenda\Dokumenty
2015-12-28 22:58 - 2013-03-16 20:17 - 00000000 ___RD D:\Documents and Settings\Jenda\Plocha\Stažené soubory
2015-12-28 22:56 - 2015-04-03 12:00 - 00000000 ____D D:\Documents and Settings\Jenda\Plocha\HS
2015-12-28 22:53 - 2013-03-20 11:56 - 00000000 ___RD D:\Documents and Settings\Jenda\Plocha\Prace seznam
2015-12-28 18:19 - 2013-03-18 13:59 - 00131072 _____ D:\WINDOWS\system32\config\OAlerts.evt
2015-12-26 13:16 - 2013-03-16 00:39 - 00002206 _____ D:\WINDOWS\system32\wpa.dbl
2015-12-25 13:47 - 2014-10-24 20:10 - 00000000 ____D D:\Documents and Settings\Jenda\Data aplikací\.minecraft
2015-12-23 20:50 - 2015-07-09 16:25 - 00000000 ____D D:\Documents and Settings\Jenda\Dokumenty\Mount&Blade Warband Savegames
2015-12-23 20:30 - 2015-07-09 16:20 - 00000000 ____D D:\Program Files\Mount&Blade Warband
2015-12-17 22:23 - 2013-12-07 14:37 - 00000000 ____D D:\Program Files\Hearthstone
2015-12-11 18:58 - 2013-12-07 14:35 - 00000000 ____D D:\Documents and Settings\Jenda\Data aplikací\Battle.net
2015-12-11 18:58 - 2013-12-07 14:32 - 00000000 ____D D:\Documents and Settings\All Users\Data aplikací\Battle.net
2015-12-10 18:22 - 2013-03-16 14:44 - 00000000 ____D D:\Program Files\Opera
2015-12-08 15:00 - 2015-09-04 18:41 - 00000216 _____ D:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-12-07 20:47 - 2013-04-23 17:39 - 00000664 _____ D:\WINDOWS\system32\d3d9caps.dat

==================== Files in the root of some directories =======

2013-03-16 14:34 - 2013-03-16 14:34 - 0000000 _____ () D:\Documents and Settings\Jenda\Local Settings\Data aplikací\AtStart.txt
2013-03-16 14:34 - 2013-03-16 14:34 - 0000000 _____ () D:\Documents and Settings\Jenda\Local Settings\Data aplikací\DSwitch.txt
2015-10-12 18:43 - 2015-10-12 18:43 - 0000000 _____ () D:\Documents and Settings\Jenda\Local Settings\Data aplikací\FnF4.txt
2015-12-30 12:56 - 2015-12-30 12:56 - 0029696 _____ () D:\Documents and Settings\Jenda\Local Settings\Data aplikací\MSGBOX.EXE
2013-03-16 14:34 - 2013-03-16 14:34 - 0000000 _____ () D:\Documents and Settings\Jenda\Local Settings\Data aplikací\QSwitch.txt
2015-11-14 13:49 - 2015-11-14 13:49 - 0000003 _____ () D:\Documents and Settings\Jenda\Local Settings\Data aplikací\updater.log
2015-11-14 13:49 - 2015-11-14 13:49 - 0000412 _____ () D:\Documents and Settings\Jenda\Local Settings\Data aplikací\UserProducts.xml
2013-03-16 14:38 - 2015-12-30 06:15 - 0355115 _____ () D:\Documents and Settings\All Users\Data aplikací\HPWALog.txt
2013-11-24 23:16 - 2013-11-25 00:05 - 95025368 ____T () D:\Documents and Settings\All Users\Data aplikací\v7tlcj6b.bxx
2013-11-24 23:16 - 2013-11-25 00:04 - 0000000 _____ () D:\Documents and Settings\All Users\Data aplikací\v7tlcj6b.fvv

Some files in TEMP:
====================
D:\Documents and Settings\Jenda\Local Settings\Temp\SetupUtil.exe
D:\Documents and Settings\Jenda\Local Settings\Temp\sqlite3.dll
D:\Documents and Settings\Jenda\Local Settings\Temp\SRLDetectionLibrary7610788412252961512.dll
D:\Documents and Settings\Jenda\Local Settings\Temp\winpcap4.1.3repark.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

D:\WINDOWS\explorer.exe => File is digitally signed
D:\WINDOWS\system32\winlogon.exe => File is digitally signed
D:\WINDOWS\system32\svchost.exe => File is digitally signed
D:\WINDOWS\system32\services.exe => File is digitally signed
D:\WINDOWS\system32\User32.dll => File is digitally signed
D:\WINDOWS\system32\userinit.exe => File is digitally signed
D:\WINDOWS\system32\rpcss.dll => File is digitally signed
D:\WINDOWS\system32\dnsapi.dll => File is digitally signed
D:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

#10 Příspěvek od **Márty84** » 31 pro 2015 09:59

Napiste mi velikost adresare plochy (D:\Documents and Settings\Jenda\Plocha)

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-18\...\Run: [KB976002-v5] => rundll32.exe advpack.dll,LaunchINFSection OPMWXPUP.inf,BrowserChoiceGoo

HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://www.google.com" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File

FF Plugin: @pandonetworks.com/PandoWebPlugin -> D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-03-19] (Pando Networks)
FF Plugin HKU\S-1-5-21-1417001333-2111687655-2146992267-1004: pandonetworks.com/PandoWebPlugin -> D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-03-19] (Pando Networks)

R2 JavaQuickStarterService; D:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-07-25] (Oracle Corporation)
S3 esgiguard; \??\D:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S2 SkypeUpdate;Skype Updater; D:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]

2015-12-29 14:30 - 2015-12-29 14:30 - 00005236 _____ D:\Documents and Settings\Jenda\Plocha\MBAM-log-2015-12-29 (14-30-25).txt
2015-12-29 12:49 - 2015-12-29 12:49 - 10284816 _____ (Malwarebytes Corporation ) D:\Documents and Settings\Jenda\Plocha\mbam-setup-1.75.0.1300.exe

Task: D:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => D:\WINDOWS\system32\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe
Task: D:\WINDOWS\Tasks\Adobe Flash Player Updater.job => D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: D:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => D:\WINDOWS\system32\xp_eos.exe
Task: D:\WINDOWS\Tasks\Opera scheduled Autoupdate 1448040242.job => D:\Program Files\Opera\launcher.exe
Task: D:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => D:\WINDOWS\system32\xp_eos.exe

AlternateDataStreams: D:\WINDOWS\system32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
AlternateDataStreams: D:\Documents and Settings\All Users\Data aplikací\TEMP:FB6A21E3

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\3200 Scan2PC
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IR_SERVER
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lightshot
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

Jenda66 · #11 Příspěvek od **Jenda66** » 31 pro 2015 10:12

Velikost složky je 24,5 GB.

Zde přikládám log.
Fix result of Farbar Recovery Scan Tool (x86) Version:29-12-2015
Ran by Jenda (2015-12-31 10:02:52) Run:1
Running from D:\Documents and Settings\Jenda\Plocha
Loaded Profiles: Jenda (Available Profiles: Jenda)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-18\...\Run: [KB976002-v5] => rundll32.exe advpack.dll,LaunchINFSection OPMWXPUP.inf,BrowserChoiceGoo

HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://www.google.com" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File

FF Plugin: @pandonetworks.com/PandoWebPlugin -> D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-03-19] (Pando Networks)
FF Plugin HKU\S-1-5-21-1417001333-2111687655-2146992267-1004: pandonetworks.com/PandoWebPlugin -> D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-03-19] (Pando Networks)

R2 JavaQuickStarterService; D:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-07-25] (Oracle Corporation)
S3 esgiguard; \??\D:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S2 SkypeUpdate;Skype Updater; D:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]

2015-12-29 14:30 - 2015-12-29 14:30 - 00005236 _____ D:\Documents and Settings\Jenda\Plocha\MBAM-log-2015-12-29 (14-30-25).txt
2015-12-29 12:49 - 2015-12-29 12:49 - 10284816 _____ (Malwarebytes Corporation ) D:\Documents and Settings\Jenda\Plocha\mbam-setup-1.75.0.1300.exe

Task: D:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => D:\WINDOWS\system32\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe
Task: D:\WINDOWS\Tasks\Adobe Flash Player Updater.job => D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: D:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => D:\WINDOWS\system32\xp_eos.exe
Task: D:\WINDOWS\Tasks\Opera scheduled Autoupdate 1448040242.job => D:\Program Files\Opera\launcher.exe
Task: D:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => D:\WINDOWS\system32\xp_eos.exe

AlternateDataStreams: D:\WINDOWS\system32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
AlternateDataStreams: D:\Documents and Settings\All Users\Data aplikací\TEMP:FB6A21E3

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\3200 Scan2PC
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IR_SERVER
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lightshot
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\KB976002-v5 => value removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => key removed successfully.
HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully.
HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key not found.
"HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => key removed successfully.
D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll => moved successfully
"HKU\S-1-5-21-1417001333-2111687655-2146992267-1004\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin" => key removed successfully.
D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll => not found.
JavaQuickStarterService => service removed successfully.
esgiguard => service removed successfully.
SkypeUpdate => service removed successfully.
D:\Documents and Settings\Jenda\Plocha\MBAM-log-2015-12-29 (14-30-25).txt => moved successfully
D:\Documents and Settings\Jenda\Plocha\mbam-setup-1.75.0.1300.exe => moved successfully
D:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => moved successfully
D:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully
D:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => moved successfully
D:\WINDOWS\Tasks\Opera scheduled Autoupdate 1448040242.job => moved successfully
D:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => moved successfully
D:\WINDOWS\system32 => ":{4B9A1497-0817-47C4-9612-D6A1C53ACF57}" ADS removed successfully..
D:\Documents and Settings\All Users\Data aplikací\TEMP => ":FB6A21E3" ADS removed successfully..
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\3200 Scan2PC => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IR_SERVER => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lightshot => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched => key removed successfully.
D:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 1.1 GB temporary data Removed.

The system needed a reboot.

==== End of Fixlog 10:06:19 ====

#12 Příspěvek od **Márty84** » 31 pro 2015 10:28

Jenda66 píše:Velikost složky je 24,5 GB.

Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remove disinfection tools

Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak to s pc vypada.

Jenda66 · #13 Příspěvek od **Jenda66** » 31 pro 2015 11:51

Děkuji za radu ohledně velikosti plochy. To jsem opravdu netušil. Všechno jsem přenesl na disk a vytvořil pouze zástupce. Velikost plochy je nyní 100 mb, takže by to snad mohlo pomoct. Dole přikládám log. Jinak defragmentaci jsem dělal předevčírem a Ccleaner používám pravidelně. Počítač se jeví v mnohem lepším stavu.

# DelFix v1.011 - Logfile created 31/12/2015 at 11:36:43
# Updated 18/08/2015 by Xplode
# Username : Jenda - NOTEBOOK
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

~ Removing disinfection tools ...

Deleted : D:\RSIT
Deleted : D:\FRST
Deleted : D:\AdwCleaner
Deleted : D:\Documents and Settings\Jenda\Plocha\adwcleaner_5.026.exe
Deleted : D:\Documents and Settings\Jenda\Plocha\Fixlog.txt
Deleted : D:\Documents and Settings\Jenda\Plocha\FRST.exe
Deleted : D:\Documents and Settings\Jenda\Plocha\FRSTLauncher.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

########## - EOF - ##########

#14 Příspěvek od **Márty84** » 31 pro 2015 18:00

A je to uz v norme a muzem tema uzavrit, nebo se koukneme hloubeji?

Jenda66 · #15 Příspěvek od **Jenda66** » 01 led 2016 17:35

Vzhledem k tomu, že jsem notebook dlouho nečistil, tak bych se klidně podíval hlouběji, ale záleží hlavně na Vás. Zase Vás nechci zbytečně otravovat, určitě máte dost práce mimo mě. Jinak moc děkuji za veškerou pomoc!

VIRY.CZ

Pomalejší notebook

Pomalejší notebook

Re: Pomalejší notebook

Re: Pomalejší notebook

Re: Pomalejší notebook

Re: Pomalejší notebook

Re: Pomalejší notebook

Re: Pomalejší notebook

Re: Pomalejší notebook

Re: Pomalejší notebook

Re: Pomalejší notebook

Re: Pomalejší notebook

Re: Pomalejší notebook

Re: Pomalejší notebook

Re: Pomalejší notebook

Re: Pomalejší notebook