Prosím o preventívnu kontrolu PC

[Windowsák]

...ako mám postupovať?

[Windowsák]

Aha, moja chyba, sorry, neprečítal som si návod: Tu je log z FRST

Additional scan result of Farbar Recovery Scan Tool (x86) Version:07-06-2016
Ran by Andrej (2016-06-08 18:49:48)
Running from C:\Documents and Settings\Andrej.JANO\Desktop
Systém Microsoft Windows XP Professional Service Pack 3 (X86) (2005-05-07 15:24:05)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-117609710-1336601894-1801674531-500 - Administrator - Enabled)
Andrej (S-1-5-21-117609710-1336601894-1801674531-1157 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Andrej.JANO
ASPNET (S-1-5-21-117609710-1336601894-1801674531-1150 - Limited - Enabled)
Guest (S-1-5-21-117609710-1336601894-1801674531-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-117609710-1336601894-1801674531-1000 - Limited - Disabled)
PC1 (S-1-5-21-117609710-1336601894-1801674531-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\PC1
SUPPORT_388945a0 (S-1-5-21-117609710-1336601894-1801674531-1002 - Limited - Disabled)
UpdatusUser (S-1-5-21-117609710-1336601894-1801674531-1008 - Limited - Enabled) => %SystemDrive%\Documents and Settings\TEMP.JANO.002

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActivInspire v2 (HKLM\...\{84007E42-A06F-4FFE-90D2-85F82CB48615}) (Version: 2.4.66096 - Promethean)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Reader 7.0 (HKLM\...\{AC76BA86-7AD7-1033-7646-A70000000000}) (Version: 7.0.0 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 1.8.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.8.15 - NVIDIA Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Compiled Driver Disk (HTC) 1.0 (HKLM\...\{3DCF00F5-04A5-4543-A088-705480811203}_is1) (Version: 1.0.9.6 - COMPELSON Labs)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX218 Series Manuál (HKLM\...\EPSON SX218 Series Manual) (Version: - )
EPSON SX218 Series Printer Uninstall (HKLM\...\EPSON SX218 Series) (Version: - SEIKO EPSON Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Spoločnosť Google Inc.)
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.17.0.001 - HTC Corporation)
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
K-Lite Mega Codec Pack 6.2.0 (HKLM\...\KLiteCodecPack_is1) (Version: 6.2.0 - )
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 sk) (HKLM\...\Mozilla Firefox 46.0.1 (x86 sk)) (Version: 46.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9713 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
Ovládací panel NVIDIA 301.42 (Version: 301.42 - NVIDIA Corporation) Hidden
PS TO PC CONVERTER (HKLM\...\{C0EA1DDF-896F-426A-A8FC-500743EECC36}) (Version: 2007.07.3 - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5366 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.21 (HKLM\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 7.21.100 - Skype Technologies S.A.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
VGA Utility (HKLM\...\{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}) (Version: 1.00.07.07.17 - GIGABYTE)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows XP Service Pack 4 (HKLM\...\Windows XP Service Pack) (Version: 20141115.000000 - Charalampos Kazakos )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\ParetoLogic Registration3.job => rundll32.exe C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\WINDOWS\Tasks\WGASetup.job => C:\WINDOWS\system32\KB905474\wgasetup.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2004-08-04 00:56 - 2008-04-14 02:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2004-08-04 00:56 - 2008-04-14 02:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2016-06-08 17:49 - 2014-02-10 13:44 - 04592128 _____ () C:\Documents and Settings\Andrej.JANO\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2016-06-08 17:49 - 2014-02-10 13:44 - 00112128 _____ () C:\Documents and Settings\Andrej.JANO\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:D282699C [204]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Robesaimpi => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{1a3e09be-1e45-494b-9174-d7385b45bbf5} => ""=""

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKLM\...\regfile\shell\open\command: C:\WINDOWS\REGEDIT.EXE /M "%L" <===== ATTENTION
HKLM\...\batfile\DefaultIcon: <===== ATTENTION
HKLM\...\batfile\shell\open\command: C:\WINDOWS\system32\CMD.EXE /C Call "%L" %* <===== ATTENTION
HKLM\...\cmdfile\shell\open\command: C:\WINDOWS\system32\CMD.EXE /C Call "%L" %* <===== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2001-08-23 14:00 - 2001-08-23 14:00 - 00000734 ____N C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> (None)
HKU\S-1-5-19.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> (None)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> (None)
HKU\S-1-5-20.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> (None)
HKU\S-1-5-21-117609710-1336601894-1801674531-1008\Control Panel\Desktop\\Wallpaper -> (None)
HKU\S-1-5-21-117609710-1336601894-1801674531-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> (None)
HKU\S-1-5-21-117609710-1336601894-1801674531-1008.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> (None)
HKU\S-1-5-21-117609710-1336601894-1801674531-1157\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Andrej.JANO\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
HKU\S-1-5-21-117609710-1336601894-1801674531-1157-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Andrej.JANO\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
DNS Servers: 192.168.0.1
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^PC1^Start Menu^Programs^Startup^GIGABYTE VGA Utility.lnk => C:\WINDOWS\pss\GIGABYTE VGA Utility.lnkStartup
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: EEventManager => "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: NvMediaCenter => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
MSCONFIG\startupreg: RTHDCPL => RTHDCPL.EXE
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

DomainProfile\AuthorizedApplications: [%SystemRoot%\Network Diagnostic\XPNetDiag.Exe] => :LocalSubNet:Enabled:@%SystemRoot%\System32\XPSP3Res.Dll,-20000
DomainProfile\AuthorizedApplications: [%SystemRoot%\System32\DMAdmin.Exe] => :LocalSubnet:Enabled:Logical Disk Manager service process
DomainProfile\AuthorizedApplications: [%SystemRoot%\System32\DMRemote.Exe] => :LocalSubnet:Enabled:Logical Disk Manager component
DomainProfile\AuthorizedApplications: [%SystemRoot%\System32\FTP.Exe] => Enabled:Windows® FTP Client
DomainProfile\AuthorizedApplications: [%SystemRoot%\System32\MMC.Exe] => :LocalSubNet:Enabled:Microsoft Management Console
DomainProfile\AuthorizedApplications: [%SystemRoot%\System32\SessMgr.Exe] => :LocalSubnet:Enabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22019
DomainProfile\AuthorizedApplications: [%SystemRoot%\System32\TCPSvcS.Exe] => :LocalSubNet:Enabled:Windows® TCP/IP Services Application
DomainProfile\AuthorizedApplications: [%SystemRoot%\System32\TFTPD.EXE] => :LocalSubNet:Enabled:Windows® Trivial File Transfer Service
DomainProfile\AuthorizedApplications: [%SystemRoot%\System32\TlntSvr.Exe] => :LocalSubnet:Enabled:Windows® Telnet Service
DomainProfile\AuthorizedApplications: [%SystemRoot%\System32\WBEM\UnSecApp.Exe] => :LocalSubNet:Enabled:Windows® Management Instrumentation
DomainProfile\AuthorizedApplications: [%ProgramFiles%\NetMeeting\Conf.Exe] => :LocalSubNet:Disabled:Windows® NetMeeting®
DomainProfile\AuthorizedApplications: [%SystemRoot%\System32\MNMSrvC.Exe] => :LocalSubNet:Disabled:Windows® NetMeeting® Remote Desktop Sharing
DomainProfile\AuthorizedApplications: [%ProgramFiles%\Windows Media Player\MPlayer2.Exe] => :LocalSubnet:Enabled:Windows® Media Player
DomainProfile\AuthorizedApplications: [%ProgramFiles%\Windows Media Player\WMPlayer.Exe] => :LocalSubnet:Enabled:Windows® Media Player
DomainProfile\AuthorizedApplications: [%SystemRoot%\PCHealth\HelpCtr\Binaries\HelpSvc.Exe] => %SystemRoot%\PCHealth\HelpCtr\Binaries\HelpSvc.exe:LocalSubNet:Enabled:Offer Remote Assistance
DomainProfile\AuthorizedApplications: [%SystemRoot%\PCHealth\HelpCtr\Binaries\HelpCtr.Exe] => %SystemRoot%\PCHealth\HelpCtr\Binaries\HelpCtr.exe:LocalSubNet:Enabled:Remote Assistance - Windows Messenger and Voice
DomainProfile\AuthorizedApplications: [D:\Winamp\winamp.exe] => Enabled:Winamp
DomainProfile\AuthorizedApplications: [C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe] => Enabled:HTCSyncManager
DomainProfile\AuthorizedApplications: [C:\Program Files\Winamp\winamp.exe] => Enabled:Winamp
StandardProfile\AuthorizedApplications: [%SystemRoot%\Network Diagnostic\XPNetDiag.Exe] => :LocalSubNet:Enabled:@%SystemRoot%\System32\XPSP3Res.Dll,-20000
StandardProfile\AuthorizedApplications: [%SystemRoot%\System32\DMAdmin.Exe] => :LocalSubnet:Enabled:Logical Disk Manager service process
StandardProfile\AuthorizedApplications: [%SystemRoot%\System32\DMRemote.Exe] => :LocalSubnet:Enabled:Logical Disk Manager component
StandardProfile\AuthorizedApplications: [%SystemRoot%\System32\FTP.Exe] => Enabled:Windows® FTP Client
StandardProfile\AuthorizedApplications: [%SystemRoot%\System32\MMC.Exe] => :LocalSubNet:Enabled:Microsoft Management Console
StandardProfile\AuthorizedApplications: [%SystemRoot%\System32\SessMgr.Exe] => :LocalSubnet:Enabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22019
StandardProfile\AuthorizedApplications: [%SystemRoot%\System32\TCPSvcS.Exe] => :LocalSubNet:Enabled:Windows® TCP/IP Services Application
StandardProfile\AuthorizedApplications: [%SystemRoot%\System32\TFTPD.EXE] => :LocalSubNet:Enabled:Windows® Trivial File Transfer Service
StandardProfile\AuthorizedApplications: [%SystemRoot%\System32\TlntSvr.Exe] => :LocalSubnet:Enabled:Windows® Telnet Service
StandardProfile\AuthorizedApplications: [%SystemRoot%\System32\WBEM\UnSecApp.Exe] => :LocalSubNet:Enabled:Windows® Management Instrumentation
StandardProfile\AuthorizedApplications: [%ProgramFiles%\NetMeeting\Conf.Exe] => :LocalSubNet:Disabled:Windows® NetMeeting®
StandardProfile\AuthorizedApplications: [%SystemRoot%\System32\MNMSrvC.Exe] => :LocalSubNet:Disabled:Windows® NetMeeting® Remote Desktop Sharing
StandardProfile\AuthorizedApplications: [%ProgramFiles%\Windows Media Player\MPlayer2.Exe] => :LocalSubnet:Enabled:Windows® Media Player
StandardProfile\AuthorizedApplications: [%ProgramFiles%\Windows Media Player\WMPlayer.Exe] => :LocalSubnet:Enabled:Windows® Media Player
StandardProfile\AuthorizedApplications: [%SystemRoot%\PCHealth\HelpCtr\Binaries\HelpSvc.Exe] => %SystemRoot%\PCHealth\HelpCtr\Binaries\HelpSvc.exe:LocalSubNet:Enabled:Offer Remote Assistance
StandardProfile\AuthorizedApplications: [%SystemRoot%\PCHealth\HelpCtr\Binaries\HelpCtr.Exe] => %SystemRoot%\PCHealth\HelpCtr\Binaries\HelpCtr.exe:LocalSubNet:Enabled:Remote Assistance - Windows Messenger and Voice
StandardProfile\AuthorizedApplications: [C:\Program Files\Epson Software\Event Manager\EEventManager.exe] => Enabled:EEventManager Application
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE] => Enabled:Microsoft OneNote
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE] => Enabled:Microsoft Office Outlook
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Phone\Skype.exe] => Enabled:Skype
StandardProfile\AuthorizedApplications: [C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe] => Enabled:HTCSyncManager
StandardProfile\AuthorizedApplications: [C:\Program Files\Winamp\winamp.exe] => Enabled:Winamp
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
DomainProfile\GloballyOpenPorts: [135:TCP] => :LocalSubNet:Enabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22019
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22002
DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22005
DomainProfile\GloballyOpenPorts: [445:UDP] => :LocalSubNet:Enabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22003
DomainProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22007
DomainProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22008
DomainProfile\GloballyOpenPorts: [3389:TCP] => :LocalSubNet:Enabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22009
DomainProfile\GloballyOpenPorts: [500:UDP] => Disabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22017
DomainProfile\GloballyOpenPorts: [1701:UDP] => Disabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22016
DomainProfile\GloballyOpenPorts: [1723:TCP] => Disabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22015
DomainProfile\GloballyOpenPorts: [4500:UDP] => Disabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22018
DomainProfile\GloballyOpenPorts: [80:TCP] => :LocalSubNet:Enabled:Windows® Remote Management
DomainProfile\GloballyOpenPorts: [443:TCP] => :LocalSubNet:Enabled:Windows® Remote Management
StandardProfile\GloballyOpenPorts: [135:TCP] => :LocalSubNet:Enabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22019
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22002
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22005
StandardProfile\GloballyOpenPorts: [445:UDP] => :LocalSubNet:Enabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22003
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22008
StandardProfile\GloballyOpenPorts: [3389:TCP] => :LocalSubNet:Enabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22009
StandardProfile\GloballyOpenPorts: [500:UDP] => Disabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22017
StandardProfile\GloballyOpenPorts: [1701:UDP] => Disabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22016
StandardProfile\GloballyOpenPorts: [1723:TCP] => Disabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22015
StandardProfile\GloballyOpenPorts: [4500:UDP] => Disabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22018
StandardProfile\GloballyOpenPorts: [80:TCP] => :LocalSubNet:Enabled:Windows® Remote Management
StandardProfile\GloballyOpenPorts: [443:TCP] => :LocalSubNet:Enabled:Windows® Remote Management

==================== Restore Points =========================

08-06-2016 18:13:58 Kontrolný bod systému

==================== Faulty Device Manager Devices =============

Name: USB Device(VID_1f3a_PID_efe8)
Description: USB Device(VID_1f3a_PID_efe8)
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: USB Devices
Service: usbUDisc
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/08/2016 06:50:10 PM) (Source: MsiInstaller) (EventID: 11260) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1260. Politika obmedzenia softvéru neumožňuje systému Windows spustiť program. Ďalšie informácie nájdete v programe Zobrazovač udalostí, prípadne sa obráťte na správcu systému.
(NULL)(NULL)(NULL)(NULL)

Error: (06/08/2016 06:25:57 PM) (Source: LoadPerf) (EventID: 3011) (User: )
Description: Nepodarilo sa uvoľniť z pamäte reťazce počítadiel výkonu pre službu ASP.NET_2.0.50727 (ASP.NET_2.0.50727). Kód chyby
je prvý údaj DWORD v údajovej časti.

Error: (06/08/2016 06:25:57 PM) (Source: LoadPerf) (EventID: 3012) (User: )
Description: Hodnota reťazcov výkonu, ktoré sa nachádzajú v kľúči Performance databázy Registry je poškodená, keď
sa spracúva poskytovateľ rozšírených počítadiel Performance. Hodnota BaseIndex z kľúča Performance
databázy Registry je prvý údaj DWORD v údajovej časti, hodnota LastCounter value je druhý údaj
DWORD v údajovej časti a hodnota LastHelp je tretí údaj DWORD v údajovej časti.

Error: (06/08/2016 06:23:14 PM) (Source: LoadPerf) (EventID: 3011) (User: )
Description: Nepodarilo sa uvoľniť z pamäte reťazce počítadiel výkonu pre službu ASP.NET_2.0.50727 (ASP.NET_2.0.50727). Kód chyby
je prvý údaj DWORD v údajovej časti.

Error: (06/08/2016 06:23:14 PM) (Source: LoadPerf) (EventID: 3012) (User: )
Description: Hodnota reťazcov výkonu, ktoré sa nachádzajú v kľúči Performance databázy Registry je poškodená, keď
sa spracúva poskytovateľ rozšírených počítadiel Performance. Hodnota BaseIndex z kľúča Performance
databázy Registry je prvý údaj DWORD v údajovej časti, hodnota LastCounter value je druhý údaj
DWORD v údajovej časti a hodnota LastHelp je tretí údaj DWORD v údajovej časti.

Error: (06/08/2016 06:22:59 PM) (Source: LoadPerf) (EventID: 3011) (User: )
Description: Nepodarilo sa uvoľniť z pamäte reťazce počítadiel výkonu pre službu .NETFramework (.NETFramework). Kód chyby
je prvý údaj DWORD v údajovej časti.

Error: (06/08/2016 06:22:59 PM) (Source: LoadPerf) (EventID: 3012) (User: )
Description: Hodnota reťazcov výkonu, ktoré sa nachádzajú v kľúči Performance databázy Registry je poškodená, keď
sa spracúva poskytovateľ rozšírených počítadiel Performance. Hodnota BaseIndex z kľúča Performance
databázy Registry je prvý údaj DWORD v údajovej časti, hodnota LastCounter value je druhý údaj
DWORD v údajovej časti a hodnota LastHelp je tretí údaj DWORD v údajovej časti.

Error: (06/08/2016 06:20:27 PM) (Source: LoadPerf) (EventID: 3011) (User: )
Description: Nepodarilo sa uvoľniť z pamäte reťazce počítadiel výkonu pre službu ASP.NET_1.1.4322 (ASP.NET_1.1.4322). Kód chyby
je prvý údaj DWORD v údajovej časti.

Error: (06/08/2016 06:20:27 PM) (Source: LoadPerf) (EventID: 3012) (User: )
Description: Hodnota reťazcov výkonu, ktoré sa nachádzajú v kľúči Performance databázy Registry je poškodená, keď
sa spracúva poskytovateľ rozšírených počítadiel Performance. Hodnota BaseIndex z kľúča Performance
databázy Registry je prvý údaj DWORD v údajovej časti, hodnota LastCounter value je druhý údaj
DWORD v údajovej časti a hodnota LastHelp je tretí údaj DWORD v údajovej časti.

Error: (06/08/2016 06:20:13 PM) (Source: System.EnterpriseServices) (EventID: 0) (User: )
Description: System.EnterpriseServices failed to install. Please fix the problem (see exception below) and run 'regasm System.EnterpriseServices.dll' again to install System.EnterpriseServices.

Exception:
'System.Runtime.InteropServices.COMException (0x8004E00F): Model COM+ nemohol nadviazať spojenie s koordinátorom Microsoft Distributed Transaction Coordinator.
at System.EnterpriseServices.Admin.ICatalog2.CurrentPartition(String bstrPartitionIDOrName)
at System.EnterpriseServices.RegistrationHelperTx.InstallUtilityApplication(Type t)'


System errors:
=============
Error: (06/08/2016 06:25:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba COM+ System Application sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 1000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (06/08/2016 06:25:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Machine Debug Manager sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát.

Error: (06/08/2016 06:23:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba COM+ System Application sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 1000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (06/08/2016 06:20:13 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Distributed Transaction Coordinator bola ukončená s chybou služby 3221229584 (0xC0001010).

Error: (06/08/2016 06:19:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
ntiowp

Error: (06/08/2016 06:14:01 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Distributed Transaction Coordinator bola ukončená s chybou služby 3221229584 (0xC0001010).

Error: (06/08/2016 06:12:27 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
ntiowp

Error: (06/08/2016 05:54:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MBAMService sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát.

Error: (06/08/2016 05:24:01 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
ntiowp

Error: (06/08/2016 05:19:41 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
ntiowp


==================== Memory info ===========================

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+
Percentage of memory in use: 77%
Total physical RAM: 959.48 MB
Available physical RAM: 215.41 MB
Total Virtual: 2313.4 MB
Available Virtual: 1057.18 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:39.06 GB) (Free:16.82 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:109.98 GB) (Free:68.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: 07260725)
Partition 1: (Active) - (Size=39.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================


EDIT: MBAM našiel 2 malvéry (screenshot v prílohe)

[Windowsák]

Ad. 1: Hore som si všimol, že je MS Windows XP Professional SP3, ale je to Unofficial SP4 - systém je legálny, o to nemajte strach, len aktualizovaný na tento USP4.

Ad. 2: Tie errory vznikli po aktualizácií a boote do OS, objavujú sa len po prvom reštarte po aktualizácií na USP4. . Všetko zatiaľ beží fajn.

Ad. 3: Snáď nevadí, že počas skenu FRST bežal aj AV sken MBAM.

Ad. 4: Sorry za spam

[cernohous13]

Zdravím,

1 - zdejší poradci si hlídají témata, které sami řeší a pak témata bez odpovědi
ty sis odpovídal sám a proto bys mohl být přehlédnut

2 - nálezy MBAM nech Odstranit/do karantény
pak nový test a log mi ukaž

3 - dej mi log RSIT http://forum.viry.cz/viewtopic.php?f=30&t=130787

[Windowsák]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Andrej at 2016-06-09 15:11:13
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 17 GB (42%) free of 40 GB
Total RAM: 959 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:11:27, on 9. 6. 2016
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.23765)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Andrej.JANO\My Documents\Downloads\SkypeSetup.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Andrej.JANO\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Andrej.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [DWPersistentQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE -a
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-117609710-1336601894-1801674531-1008\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-117609710-1336601894-1801674531-1008\..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\XPNetDiag.Exe
O9 - Extra 'Tools' menuitem: @C:\WINDOWS\system32\XPSP3RES.DLL,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\XPNetDiag.Exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 1439483703
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe

--
End of file - 7229 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\WGASetup.job - C:\WINDOWS\system32\KB905474\wgasetup.exe /autoauto

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Andrej.JANO\Application Data\Mozilla\Firefox\Profiles\ld92202i.default

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1040]
"Description"=6.0.12.1040
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-04-22 462400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-22 173120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []
"DWPersistentQueuedReporting"=C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [2013-03-06 520424]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2016-04-01 596504]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
C:\Program Files\Epson Software\Event Manager\EEventManager.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX218 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGDE.EXE [2009-09-14 200704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2012-05-15 15504192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
NvMCTray.dll,NvTaskbarInit -login []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2007-01-30 16116224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~2.0\Reader\READER~1.EXE [2005-09-23 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^PC1^Start Menu^Programs^Startup^GIGABYTE VGA Utility.lnk]
[]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2014-11-15 133632]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=C:\WINDOWS\system32\MSAPSSPC.DLL, C:\WINDOWS\system32\SCHANNEL.DLL, C:\WINDOWS\system32\DIGEST.DLL, C:\WINDOWS\system32\MSNSSPC.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Robesaimpi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153
"HonorAutoRunSetting"=1
"NoViewContextMenu"=0
"NoClose"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%SystemRoot%\Network Diagnostic\XPNetDiag.Exe"="%SystemRoot%\Network Diagnostic\XPNetDiag.Exe:LocalSubNet:Enabled:@%SystemRoot%\System32\XPSP3Res.Dll,-20000"
"%SystemRoot%\System32\DMAdmin.Exe"="%SystemRoot%\System32\DMAdmin.Exe:LocalSubnet:Enabled:Logical Disk Manager service process"
"%SystemRoot%\System32\DMRemote.Exe"="%SystemRoot%\System32\DMRemote.Exe:LocalSubnet:Enabled:Logical Disk Manager component"
"%SystemRoot%\System32\FTP.Exe"="%SystemRoot%\System32\FTP.Exe:*:Enabled:Windows® FTP Client"
"%SystemRoot%\System32\MMC.Exe"="%SystemRoot%\System32\MMC.Exe:LocalSubNet:Enabled:Microsoft Management Console"
"%SystemRoot%\System32\SessMgr.Exe"="%SystemRoot%\System32\SessMgr.Exe:LocalSubnet:Enabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22019"
"%SystemRoot%\System32\TCPSvcS.Exe"="%SystemRoot%\System32\TCPSvcS.Exe:LocalSubNet:Enabled:Windows® TCP/IP Services Application"
"%SystemRoot%\System32\TFTPD.EXE"="%SystemRoot%\System32\TFTPD.EXE:LocalSubNet:Enabled:Windows® Trivial File Transfer Service"
"%SystemRoot%\System32\TlntSvr.Exe"="%SystemRoot%\System32\TlntSvr.Exe:LocalSubnet:Enabled:Windows® Telnet Service"
"%SystemRoot%\System32\WBEM\UnSecApp.Exe"="%SystemRoot%\System32\WBEM\UnSecApp.Exe:LocalSubNet:Enabled:Windows® Management Instrumentation"
"%ProgramFiles%\NetMeeting\Conf.Exe"="%ProgramFiles%\NetMeeting\Conf.Exe:LocalSubNet:Disabled:Windows® NetMeeting®"
"%SystemRoot%\System32\MNMSrvC.Exe"="%SystemRoot%\System32\MNMSrvC.Exe:LocalSubNet:Disabled:Windows® NetMeeting® Remote Desktop Sharing"
"%ProgramFiles%\Windows Media Player\MPlayer2.Exe"="%ProgramFiles%\Windows Media Player\MPlayer2.Exe:LocalSubnet:Enabled:Windows® Media Player"
"%ProgramFiles%\Windows Media Player\WMPlayer.Exe"="%ProgramFiles%\Windows Media Player\WMPlayer.Exe:LocalSubnet:Enabled:Windows® Media Player"
"%SystemRoot%\PCHealth\HelpCtr\Binaries\HelpSvc.Exe"="%SystemRoot%\PCHealth\HelpCtr\Binaries\HelpSvc.exe:LocalSubNet:Enabled:Offer Remote Assistance"
"%SystemRoot%\PCHealth\HelpCtr\Binaries\HelpCtr.Exe"="%SystemRoot%\PCHealth\HelpCtr\Binaries\HelpCtr.exe:LocalSubNet:Enabled:Remote Assistance - Windows Messenger and Voice"
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe"="C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe:*:Enabled:HTCSyncManager"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%SystemRoot%\Network Diagnostic\XPNetDiag.Exe"="%SystemRoot%\Network Diagnostic\XPNetDiag.Exe:LocalSubNet:Enabled:@%SystemRoot%\System32\XPSP3Res.Dll,-20000"
"%SystemRoot%\System32\DMAdmin.Exe"="%SystemRoot%\System32\DMAdmin.Exe:LocalSubnet:Enabled:Logical Disk Manager service process"
"%SystemRoot%\System32\DMRemote.Exe"="%SystemRoot%\System32\DMRemote.Exe:LocalSubnet:Enabled:Logical Disk Manager component"
"%SystemRoot%\System32\FTP.Exe"="%SystemRoot%\System32\FTP.Exe:*:Enabled:Windows® FTP Client"
"%SystemRoot%\System32\MMC.Exe"="%SystemRoot%\System32\MMC.Exe:LocalSubNet:Enabled:Microsoft Management Console"
"%SystemRoot%\System32\SessMgr.Exe"="%SystemRoot%\System32\SessMgr.Exe:LocalSubnet:Enabled:@%SystemRoot%\System32\XPSP2Res.Dll,-22019"
"%SystemRoot%\System32\TCPSvcS.Exe"="%SystemRoot%\System32\TCPSvcS.Exe:LocalSubNet:Enabled:Windows® TCP/IP Services Application"
"%SystemRoot%\System32\TFTPD.EXE"="%SystemRoot%\System32\TFTPD.EXE:LocalSubNet:Enabled:Windows® Trivial File Transfer Service"
"%SystemRoot%\System32\TlntSvr.Exe"="%SystemRoot%\System32\TlntSvr.Exe:LocalSubnet:Enabled:Windows® Telnet Service"
"%SystemRoot%\System32\WBEM\UnSecApp.Exe"="%SystemRoot%\System32\WBEM\UnSecApp.Exe:LocalSubNet:Enabled:Windows® Management Instrumentation"
"%ProgramFiles%\NetMeeting\Conf.Exe"="%ProgramFiles%\NetMeeting\Conf.Exe:LocalSubNet:Disabled:Windows® NetMeeting®"
"%SystemRoot%\System32\MNMSrvC.Exe"="%SystemRoot%\System32\MNMSrvC.Exe:LocalSubNet:Disabled:Windows® NetMeeting® Remote Desktop Sharing"
"%ProgramFiles%\Windows Media Player\MPlayer2.Exe"="%ProgramFiles%\Windows Media Player\MPlayer2.Exe:LocalSubnet:Enabled:Windows® Media Player"
"%ProgramFiles%\Windows Media Player\WMPlayer.Exe"="%ProgramFiles%\Windows Media Player\WMPlayer.Exe:LocalSubnet:Enabled:Windows® Media Player"
"%SystemRoot%\PCHealth\HelpCtr\Binaries\HelpSvc.Exe"="%SystemRoot%\PCHealth\HelpCtr\Binaries\HelpSvc.exe:LocalSubNet:Enabled:Offer Remote Assistance"
"%SystemRoot%\PCHealth\HelpCtr\Binaries\HelpCtr.Exe"="%SystemRoot%\PCHealth\HelpCtr\Binaries\HelpCtr.exe:LocalSubNet:Enabled:Remote Assistance - Windows Messenger and Voice"
"D:\Winamp\winamp.exe"="D:\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe"="C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe:*:Enabled:HTCSyncManager"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.tscc"=tsccvid.dll

======File associations======

.cmd - open - C:\WINDOWS\system32\CMD.EXE /C Call "%L" %*
.scr - install - C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\DESK.CPL,InstallScreenSaver %L

======List of files/folders created in the last 1 month======

2016-06-09 15:11:13 ----D---- C:\rsit
2016-06-09 15:11:13 ----D---- C:\Program Files\trend micro
2016-06-09 15:01:42 ----D---- C:\AdwCleaner
2016-06-08 21:27:56 ----D---- C:\Documents and Settings\Andrej.JANO\Application Data\Promethean
2016-06-08 21:24:15 ----D---- C:\Program Files\Mozilla Firefox
2016-06-08 21:16:23 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2016-06-08 21:16:23 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2016-06-08 21:16:18 ----D---- C:\Documents and Settings\Andrej.JANO\Application Data\Winamp
2016-06-08 19:47:51 ----D---- C:\Program Files\IrfanView
2016-06-08 19:46:14 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-06-08 19:33:40 ----D---- C:\Documents and Settings\Andrej.JANO\Application Data\Adobe
2016-06-08 18:11:56 ----D---- C:\WINDOWS\Prefetch
2016-06-08 18:07:12 ----D---- C:\Program Files\Messenger
2016-06-08 18:07:08 ----N---- C:\WINDOWS\system32\winUsbCoinstaller.dll
2016-06-08 18:07:08 ----N---- C:\WINDOWS\system32\WdfCoInstaller01007.dll
2016-06-08 18:06:25 ----A---- C:\WINDOWS\000002_.tmp
2016-06-08 16:28:32 ----D---- C:\Documents and Settings\Andrej.JANO\Application Data\Mozilla
2016-06-08 16:28:11 ----D---- C:\Documents and Settings\Andrej.JANO\Application Data\Identities
2016-06-08 16:27:56 ----SD---- C:\Documents and Settings\Andrej.JANO\Application Data\Microsoft
2016-06-08 16:27:56 ----D---- C:\Documents and Settings\Andrej.JANO\Application Data\AVAST Software
2016-06-08 16:27:56 ----ASH---- C:\Documents and Settings\Andrej.JANO\Application Data\desktop.ini
2016-06-08 13:28:43 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2016-05-18 19:07:21 ----A---- C:\WINDOWS\system32\drivers\qcserxp.sys
2016-05-18 19:07:15 ----D---- C:\Program Files\Spirent Communications

======List of files/folders modified in the last 1 month======

2016-06-09 15:11:13 ----D---- C:\Program Files
2016-06-09 15:09:05 ----SHD---- C:\WINDOWS\Installer
2016-06-09 15:09:05 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2016-06-09 15:09:04 ----SHD---- C:\Config.Msi
2016-06-09 15:09:04 ----D---- C:\WINDOWS\system32
2016-06-09 15:09:03 ----RD---- C:\Program Files\Skype
2016-06-09 15:05:01 ----D---- C:\WINDOWS\Temp
2016-06-09 15:04:48 ----D---- C:\Documents and Settings
2016-06-09 15:03:27 ----A---- C:\WINDOWS\SchedLgU.Txt
2016-06-09 15:03:00 ----SD---- C:\WINDOWS\Tasks
2016-06-09 15:03:00 ----D---- C:\WINDOWS
2016-06-09 14:57:55 ----D---- C:\Program Files\Common Files
2016-06-08 21:19:00 ----SH---- C:\boot.ini
2016-06-08 21:19:00 ----A---- C:\WINDOWS\win.ini
2016-06-08 21:19:00 ----A---- C:\WINDOWS\system.ini
2016-06-08 21:18:26 ----HD---- C:\WINDOWS\inf
2016-06-08 21:18:24 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2016-06-08 21:16:35 ----D---- C:\Program Files\Winamp
2016-06-08 19:48:27 ----AD---- C:\WINDOWS\system32\catroot2
2016-06-08 19:39:38 ----D---- C:\Program Files\Google
2016-06-08 19:37:25 ----AC---- C:\WINDOWS\cdplayer.ini
2016-06-08 19:26:45 ----D---- C:\WINDOWS\Debug
2016-06-08 19:17:44 ----D---- C:\WINDOWS\system32\drivers
2016-06-08 18:26:16 ----D---- C:\WINDOWS\Microsoft.NET
2016-06-08 18:25:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-08 18:25:54 ----RSD---- C:\WINDOWS\assembly
2016-06-08 18:25:49 ----D---- C:\WINDOWS\WinSxS
2016-06-08 18:25:28 ----D---- C:\WINDOWS\Registration
2016-06-08 18:15:54 ----D---- C:\WINDOWS\system32\inetsrv
2016-06-08 18:13:41 ----SHD---- C:\System Volume Information
2016-06-08 18:10:34 ----D---- C:\WINDOWS\security
2016-06-08 18:09:12 ----D---- C:\Program Files\Windows Media Player
2016-06-08 18:07:12 ----RSHDC---- C:\WINDOWS\system32\dllcache
2016-06-08 18:07:06 ----D---- C:\WINDOWS\Help
2016-06-08 18:07:05 ----D---- C:\WINDOWS\AppPatch
2016-06-08 18:07:04 ----D---- C:\WINDOWS\system32\CatRoot
2016-06-08 18:05:58 ----D---- C:\WINDOWS\system32\en-US
2016-06-08 16:35:01 ----SHD---- C:\RECYCLER
2016-06-08 16:29:15 ----D---- C:\WINDOWS\system32\appmgmt
2016-06-08 14:45:02 ----D---- C:\WINDOWS\Minidump
2016-06-08 14:06:38 ----D---- C:\Documents and Settings\All Users\Application Data\Package Cache
2016-06-04 21:16:48 ----D---- C:\Temp
2016-06-04 20:59:58 ----D---- C:\MagicPlusMini
2016-05-28 17:36:30 ----D---- C:\Program Files\Common Files\InstallShield
2016-05-28 17:35:45 ----HD---- C:\Program Files\InstallShield Installation Information
2016-05-23 18:22:42 ----RSD---- C:\WINDOWS\Fonts
2016-05-23 17:22:56 ----D---- C:\Program Files\Common Files\DESIGNER
2016-05-19 18:22:19 ----D---- C:\Documents and Settings\All Users\Application Data\HTC
2016-05-19 18:21:47 ----A---- C:\WINDOWS\system32\lMMLDeleteUserData42107612FX.tmp
2016-05-18 19:08:05 ----D---- C:\Program Files\HTC
2016-05-18 19:07:22 ----DC---- C:\WINDOWS\system32\DRVSTORE
2016-05-13 17:55:14 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2016-05-12 16:03:36 ----D---- C:\WINDOWS\system32\config
2016-05-12 16:03:15 ----D---- C:\WINDOWS\system32\wbem

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-10-18 105472]
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2010-04-08 168040]
R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2011-03-04 45648]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2012-12-29 24184]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2014-11-15 91904]
R1 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-23 12032]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2002-05-06 17005]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2014-11-15 62848]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-01-30 4474368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-03-23 12653120]
R3 NVENETFD;NVIDIA nForce 10/100 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2010-03-04 70912]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2010-03-04 13824]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S1 DumpDrv;Crash Dump Driver; C:\WINDOWS\system32\drivers\DumpDrv.sys [2014-11-15 9472]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S1 ntiowp;ntiowp; C:\WINDOWS\system32\drivers\ntiowp.sys []
S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys []
S3 awUSB;awUSB; C:\WINDOWS\system32\DRIVERS\USBDrv.sys [2015-08-20 13824]
S3 BULKUSB;USB Bulk Transfer Svc; C:\WINDOWS\System32\Drivers\BULKUSB.sys [2011-09-26 23000]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 cpuz134;cpuz134; \??\C:\DOCUME~1\ANDREJ~2\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys []
S3 DrvAgent32;DrvAgent32; \??\C:\WINDOWS\system32\Drivers\DrvAgent32.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 ggflt;SOMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2014-06-30 13528]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2014-01-23 25200]
S3 ggsomc;SOMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsomc.sys [2014-06-30 26328]
S3 hid8103;hid8103; C:\WINDOWS\system32\drivers\hid8103.sys []
S3 HTCAND32;HTC Device Driver; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys []
S3 htcnprot;HTC NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [2013-10-17 21248]
S3 ksapi;ksapi; \??\C:\WINDOWS\system32\drivers\ksapi.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys []
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 qcserxp;HTC Diagnostic Port; C:\WINDOWS\system32\DRIVERS\qcserxp.sys [2009-01-24 103424]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0017bus.sys []
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0017mdfl.sys []
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0017mdm.sys []
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0017mgmt.sys []
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS); C:\WINDOWS\system32\DRIVERS\s0017nd5.sys []
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0017obex.sys []
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM); C:\WINDOWS\system32\DRIVERS\s0017unic.sys []
S3 SciandroidU2S;Spreadtrum Anroid USB to Serial port driver for DL; C:\WINDOWS\system32\DRIVERS\SciU2S.sys []
S3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2014-11-15 12928]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbUDisc;usbUDisc; C:\WINDOWS\system32\DRIVERS\USBDrv.sys [2015-08-20 13824]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2015-11-10 122936]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys []
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WinUSB;Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2009-07-13 34944]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2014-11-15 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2014-11-15 132224]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2014-11-15 133632]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-17 166912]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2014-11-15 14848]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-06-08 154440]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-05-15 164160]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13 269504]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2014-11-15 69632]
S3 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2014-11-15 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-06-08 154440]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2014-11-15 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-06-08 146888]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2014-11-15 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2014-11-15 132096]

-----------------EOF-----------------

[cernohous13]

Proč tam nevidím žádný Antivir?

Jak dopadl nový MBAM?

Stáhni OTM z jednoho odkazu a rozbal nejlépe na plochu.
http://oldtimer.geekstogo.com/OTM.exe
http://www.itxassociates.com/OT-Tools/OTM.exe

Spusť program „OTM.exe“
Do okna pod žlutou čáru vlož celý text zeleným písmem ze „Scriptu“

Klikni na červené „MoveIt!“

Při nabídce restartu „YES“
a log potom najdeš v C:\_OTM\MovedFiles\ - dej mi ho sem na kontrolu

Script OTM

Kód: Vybrat vše

:Commands
[resethosts]
[emptytemp]
[emptyflash]
[emptyjava]
[clearallrestorepoints]

:Files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
C:\Documents and Settings\Andrej.JANO\Application Data\AVAST Software
C:\Documents and Settings\All Users\Application Data\Avira
C:\WINDOWS\000002_.tmp

:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"=-
"DWPersistentQueuedReporting"=-
"SunJavaUpdateSched"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

:Services
gupdate
gupdatem
nvUpdatusService

[Windowsák]

MBAM log po druhom skenovaní:

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 9. 6. 2016
Čas skenování: 15:22:36
Protokol: mbam log.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.06.09.03
Databáze rootkitů: v2016.05.27.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows XP Service Pack 3
CPU: x86
Souborový systém: NTFS
Uživatel: Andrej

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 733796
Uplynulý čas: 31 min, 5 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Windowsák]

OTM log:

All processes killed
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Andrej

User: Andrej.JANO
->Temp folder emptied: 13390378 bytes
->Temporary Internet Files folder emptied: 7730430 bytes
->FireFox cache emptied: 5861252 bytes
->Google Chrome cache emptied: 30024671 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33615 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1031052 bytes

User: PC1

User: TEMP
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

User: TEMP.JANO
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: TEMP.JANO.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: TEMP.JANO.001
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: TEMP.JANO.002
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: TEMP.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: TEMP.NT AUTHORITY.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

User: TEMP.NT AUTHORITY.001
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33237 bytes

User: TEMP.NT AUTHORITY.002
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

User: TEMP.NT AUTHORITY.003
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: TEMP.NT AUTHORITY.004
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

User: TEMP.NT AUTHORITY.005
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 15835392 bytes
%systemroot%\System32 .tmp files removed: 5 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16852 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 903156339 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1480931 bytes

Total Files Cleaned = 934,00 mb


[EMPTYFLASH]

User: All Users

User: Andrej

User: Andrej.JANO

User: Default User

User: LocalService

User: NetworkService

User: PC1

User: TEMP

User: TEMP.JANO

User: TEMP.JANO.000

User: TEMP.JANO.001

User: TEMP.JANO.002

User: TEMP.NT AUTHORITY

User: TEMP.NT AUTHORITY.000

User: TEMP.NT AUTHORITY.001

User: TEMP.NT AUTHORITY.002

User: TEMP.NT AUTHORITY.003

User: TEMP.NT AUTHORITY.004

User: TEMP.NT AUTHORITY.005

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Andrej

User: Andrej.JANO

User: Default User

User: LocalService

User: NetworkService

User: PC1

User: TEMP

User: TEMP.JANO

User: TEMP.JANO.000

User: TEMP.JANO.001

User: TEMP.JANO.002

User: TEMP.NT AUTHORITY

User: TEMP.NT AUTHORITY.000

User: TEMP.NT AUTHORITY.001

User: TEMP.NT AUTHORITY.002

User: TEMP.NT AUTHORITY.003

User: TEMP.NT AUTHORITY.004

User: TEMP.NT AUTHORITY.005

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb


Restore point Set: OTM Restore Point
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1040.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1083.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP112C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP11BE.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP13B3.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP180.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1CA.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1D0.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1E8.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP294.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2F1.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP30A.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP34E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP39B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP39E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3A3.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP42E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP44B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP457.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP459.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP45B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP493.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4C6.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4D0.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4D9.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4E2.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4F3.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E3.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6B6.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7E3.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP802.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP825.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP898.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB22.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB38.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB9.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC3F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD36.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF4.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF6.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI12.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI13.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI14.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI15.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI16.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI4E.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI51.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI54.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI55.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI57.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI58.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI59.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI5A.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI5B.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI5D.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI5F.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI60.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI61.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI62.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI63.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI64.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI6C.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI6D.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI6E.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI6F.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI71.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI84.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI85.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI88.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI89.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI8A.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI8B.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI8C.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI8.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI91.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI92.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI93.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI94.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI94.tmp-0 folder moved successfully.
C:\WINDOWS\Installer\MSI95.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI96.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI97.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI99.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI99.tmp-0 folder moved successfully.
C:\WINDOWS\Installer\MSI9A.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI9B.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI9B.tmp-0 folder moved successfully.
C:\WINDOWS\Installer\MSI9C.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI9C.tmp-0 folder moved successfully.
C:\WINDOWS\Installer\MSI9D.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSI9D.tmp-0 folder moved successfully.
C:\WINDOWS\Installer\MSI9E.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSIA2.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSIA3.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSIA5.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSIA6.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSIA8.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSIA9.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSIAA.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSIAB.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSIAD.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSIB.tmp- folder moved successfully.
C:\WINDOWS\Installer\MSIF.tmp- folder moved successfully.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job moved successfully.
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job moved successfully.
C:\Documents and Settings\Andrej.JANO\Application Data\AVAST Software\Avast folder moved successfully.
C:\Documents and Settings\Andrej.JANO\Application Data\AVAST Software folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Avira folder moved successfully.
File/Folder C:\WINDOWS\000002_.tmp not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UserFaultCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DWPersistentQueuedReporting deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}\ deleted successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service nvUpdatusService stopped successfully!
Service nvUpdatusService deleted successfully!

OTM by OldTimer - Version 3.1.21.0 log created on 06092016_160113

[Windowsák]

Paráda (nie ironicky ), cca polovica programov po spustení mi zmizla (myslím tie neaktivované, neviem, ako som ich mal vymazať z msconfig ) po skene tým OTM.

[cernohous13]

Spusť opět OTM -> CleanUp! - odinstaluje a vyčistí po sobě.

Mohu doporučit kontrolu a vyčištění Ccleanerem

Stáhni Ccleaner - http://www.filehippo.com/download_ccleaner
Při instalaci vyhodit fajfku u instalace různých toolbarů

zavřít Internetový prohlížeč a
spustit "Čistič" > "Spustit Ccleaner" - odstraní nepotřebné
spustit "Registry" > "Hledej problémy" > "Opravit vybrané problémy"
souhlas se zálohou registrů - opakovat dokud nebudou registry čisté.
spustit "Nástroje" > "Start" - tady můžeš zkusit deaktivovat procesy, které při spuštění nepotřebuješ (pokud by ti potom něco nechodilo, stejným způsobem je povolíš)
Návod:http://jnp.zive.cz/Clanky/Prirucka-do-k ... fault.aspx

Ten si můžeš nechat i na budoucí občasné čištění.

neodpověděl jsi mi na otázku o Antiviru

programy, které se nespouští automaticky můžeš spustit v případě potřeby ručně - jinak ti jen zpomalují start OS

[Windowsák]

Zase taký noob nie som Ccleanerom kontrolujem PC cca raz za 2 týždne, no nedržím Ccleaner stále nainštalovaný - inštalácia trvá chvíľu.

[cernohous13]

V jakém stavu je PC - ještě nějaký problém?

a jestli hodláš je bez AV je to tvoje volba

[Windowsák]

Nie, už nie je žiaden problém. AV nemám, pretože sa práve rozhodujem medzi ESETom a Avastom, doteraz som mal Avast, ale skúsiť ESET ma láka. Čoskoro ten AV nainštalovaný bude, no stress.

[cernohous13]

Pokud se rozhodneš pro Eset/Nod tak můžeš vyzkoušet a pak ho koupit
rozhodně bez cracku - to by byla dost velká blbost