VIRY.CZ

Zde je log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 01-12-2013
Ran by Ivan at 2013-12-02 22:23:53 Run:1
Running from C:\Documents and Settings\Ivan\Plocha
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-05-16] (Nero AG)
HKCU\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
MountPoints2: {5c4830c1-a02e-11e1-8a0d-0025225c5197} - G:\VW100_Modem_Installation.exe
MountPoints2: {f2ce0c40-3d4a-11e2-bfa4-0025225c5197} - G:\LaunchU3.exe -a
HKU\Lubinak\...\Run: [swg] - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\Lubinak\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [ 2007-05-16] (Nero AG)

Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

S2 ekrn; "C:\Program Files\ESET\ESET Smart Security\ekrn.exe" [x]
S3 AmdLLD; system32\DRIVERS\AmdLLD.sys [x]
S1 ehdrv; system32\DRIVERS\ehdrv.sys [x]
U5 Epfwndis; C:\Windows\System32\Drivers\Epfwndis.sys [33096 2009-02-06] (ESET)
S4 IntelIde; No ImagePath
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 RTL8192su; system32\DRIVERS\RTL8192su.sys [x]
U1 WS2IFSL;
S3 ZTEusbnet; system32\DRIVERS\ZTEusbnet.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

2013-12-02 20:57 - 2013-12-02 20:57 - 00029696 _____ C:\Documents and Settings\Ivan\Local Settings\Data aplikací\MSGBOX.EXE
2013-12-02 20:57 - 2013-12-02 20:57 - 00015327 _____ C:\Documents and Settings\Ivan\Plocha\LM.bat
2013-12-02 20:55 - 2013-12-02 20:55 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Ivan\Plocha\FRSTLauncher.exe
2013-12-02 20:55 - 2013-03-09 14:19 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Avira
C:\Documents and Settings\Ivan\Local Settings\Temp\avgnt.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Ivan\Local Settings\Temp\tbBit0.dll
C:\Documents and Settings\Ivan\Local Settings\Temp\uninst1.exe
C:\Documents and Settings\Lubinak\Local Settings\Temp\avgnt.exe
C:\Documents and Settings\Lubinak\Local Settings\Temp\setup.exe
2013-12-02 22:01 - 2013-12-02 22:01 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Ivan\Plocha\FRSTLauncher (1).exe
2013-12-02 22:01 - 2013-12-02 22:01 - 00112107 _____ (forum.viry.cz) C:\Documents and Settings\Ivan\Plocha\VerzeOS.exe

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:D0757AAB

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\MSMSGS => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5c4830c1-a02e-11e1-8a0d-0025225c5197} => Key deleted successfully.
HKCR\CLSID\{5c4830c1-a02e-11e1-8a0d-0025225c5197} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f2ce0c40-3d4a-11e2-bfa4-0025225c5197} => Key deleted successfully.
HKCR\CLSID\{f2ce0c40-3d4a-11e2-bfa4-0025225c5197} => Key not found.
HKU\Lubinak\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Value deleted successfully.
HKU\Lubinak\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
ekrn => Service deleted successfully.
AmdLLD => Service deleted successfully.
ehdrv => Service deleted successfully.
Epfwndis => Service deleted successfully.
IntelIde => Service deleted successfully.
massfilter => Service deleted successfully.
RTL8192su => Service deleted successfully.
WS2IFSL => Service deleted successfully.
ZTEusbnet => Service deleted successfully.
ZTEusbnmea => Service deleted successfully.
ZTEusbser6k => Service deleted successfully.
"C:\Documents and Settings\Ivan\Local Settings\Data aplikací\MSGBOX.EXE" => File/Directory not found.
"C:\Documents and Settings\Ivan\Plocha\LM.bat" => File/Directory not found.
C:\Documents and Settings\Ivan\Plocha\FRSTLauncher.exe => Moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Avira => Moved successfully.
"C:\Documents and Settings\Ivan\Local Settings\Temp\avgnt.exe" => File/Directory not found.
C:\Documents and Settings\Ivan\Local Settings\Temp\Quarantine.exe => Moved successfully.
C:\Documents and Settings\Ivan\Local Settings\Temp\tbBit0.dll => Moved successfully.
C:\Documents and Settings\Ivan\Local Settings\Temp\uninst1.exe => Moved successfully.
C:\Documents and Settings\Lubinak\Local Settings\Temp\avgnt.exe => Moved successfully.
C:\Documents and Settings\Lubinak\Local Settings\Temp\setup.exe => Moved successfully.
"C:\Documents and Settings\Ivan\Plocha\FRSTLauncher (1).exe" => File/Directory not found.
"C:\Documents and Settings\Ivan\Plocha\VerzeOS.exe" => File/Directory not found.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\WINDOWS\Tasks\avast! Emergency Update.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Documents and Settings\All Users\Data aplikací\TEMP => ":D0757AAB" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========


==== End of Fixlog ====

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Dobře tedy, já vám moc děkuji za vaši odbornou pomoc a za váš čas . Zde pro jistotu dokládám log z rsitu a čistky ze všech programů jsem provedl. Ještě jednou díky moc!

Logfile of random's system information tool 1.09 (written by random/random)
Run by Ivan at 2013-12-02 22:49:42
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 20 GB (29%) free of 70 GB
Total RAM: 2047 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:49:51, on 2.12.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ivan\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Ivan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 1290755859
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

--
End of file - 6806 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2013-09-03 68480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-02 606544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-02 606544]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-04-06 102400]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2009-12-03 33718272]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-12-02 3568312]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
bthprops.cpl,,BluetoothAuthenticationAgent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
F:\Ivan\Kraviny\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2013-05-15 2255184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2013-04-19 18678376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WheelMouse]
C:\ADVANC~1\wh_exec.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^GamePark klient 2.lnk]
C:\PROGRA~1\GAMEPA~1\gpcl.exe [2011-07-29 409088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Ivan^Nabídka Start^Programy^Po spuštění^PowerReg Scheduler V3.exe]
C:\Documents and Settings\Ivan\Nabídka Start\Programy\Po spuštění\PowerReg Scheduler V3.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SkypeUpdate"=2
"ose"=3
"Hamachi2Svc"=2
"gusvc"=3

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-04-07 159744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe"="C:\Program Files\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe:*:Enabled:GPGNet - Supreme Commander"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"F:\Ivan\dddddddddddd\Launcher.exe"="F:\Ivan\dddddddddddd\Launcher.exe:*:Enabled:Need for Speed(TM) Hot Pursuit"
"F:\Ivan\dddddddddddd\NFS11.exe"="F:\Ivan\dddddddddddd\NFS11.exe:*:Disabled:Need for Speed(TM) Hot Pursuit Application"
"F:\Ivan\TDU2\UpLauncher.exe"="F:\Ivan\TDU2\UpLauncher.exe:*:Enabled:UpLauncher"
"F:\Ivan\TDU2\_UpLauncher.exe"="F:\Ivan\TDU2\_UpLauncher.exe:*:Enabled:UpLauncher"
"F:\Ivan\TDU2\TestDrive2.exe"="F:\Ivan\TDU2\TestDrive2.exe:*:Enabled:Test Drive Unlimited 2"
"C:\Program Files\Ubisoft\H5 tribes of the east\bina2\bin\H5_Game.exe"="C:\Program Files\Ubisoft\H5 tribes of the east\bina2\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V- Tribes of the East"
"C:\Program Files\Codemasters\F1 2010\F1_2010_game.exe"="C:\Program Files\Codemasters\F1 2010\F1_2010_game.exe:*:Disabled:F1 2010 Executable"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe"="C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe:*:Enabled:RtWlan"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"F:\Ivan\Hry\WarThunder\launcher.exe"="F:\Ivan\Hry\WarThunder\launcher.exe:*:Enabled:War Thunder launcher"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.lhacm"=lhacm.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-12-02 22:49:42 ----D---- C:\rsit
2013-12-02 21:22:09 ----D---- C:\Documents and Settings\Ivan\Data aplikací\AVAST Software
2013-12-02 21:21:43 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2013-12-02 21:21:43 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2013-12-02 21:21:43 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2013-12-02 21:21:43 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2013-12-02 21:21:43 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2013-12-02 21:21:43 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2013-12-02 21:21:43 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2013-12-02 21:21:42 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2013-12-02 21:21:42 ----A---- C:\WINDOWS\system32\aswBoot.exe
2013-12-02 21:21:25 ----D---- C:\Program Files\AVAST Software
2013-12-02 16:31:07 ----D---- C:\WINDOWS\ERUNT
2013-12-02 16:28:58 ----A---- C:\WINDOWS\system32\javaws.exe
2013-12-02 16:28:53 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-12-02 16:28:53 ----A---- C:\WINDOWS\system32\javaw.exe
2013-12-02 16:28:53 ----A---- C:\WINDOWS\system32\java.exe
2013-12-02 16:13:37 ----D---- C:\Program Files\trend micro
2013-11-23 03:03:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2868626$
2013-11-23 03:03:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2900986$
2013-11-23 03:02:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2862152$
2013-11-23 03:02:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2876331$
2013-11-03 13:21:31 ----D---- C:\Program Files\SupportAppCB

======List of files/folders modified in the last 1 month======

2013-12-02 22:49:51 ----D---- C:\WINDOWS\Prefetch
2013-12-02 22:49:18 ----D---- C:\WINDOWS
2013-12-02 22:47:34 ----D---- C:\WINDOWS\Temp
2013-12-02 22:46:31 ----N---- C:\WINDOWS\SchedLgU.Txt
2013-12-02 22:46:16 ----D---- C:\WINDOWS\system32
2013-12-02 22:43:42 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-02 22:37:17 ----SHD---- C:\System Volume Information
2013-12-02 22:37:17 ----D---- C:\WINDOWS\system32\Restore
2013-12-02 22:25:45 ----D---- C:\WINDOWS\system32\config
2013-12-02 22:23:54 ----SD---- C:\WINDOWS\Tasks
2013-12-02 22:23:54 ----D---- C:\WINDOWS\system32\drivers\etc
2013-12-02 21:21:43 ----D---- C:\WINDOWS\system32\drivers
2013-12-02 21:21:42 ----D---- C:\WINDOWS\WinSxS
2013-12-02 21:21:25 ----RD---- C:\Program Files
2013-12-02 21:21:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-12-02 16:29:00 ----SHD---- C:\WINDOWS\Installer
2013-12-02 16:28:53 ----D---- C:\Program Files\Java
2013-12-02 16:27:25 ----HD---- C:\Program Files\InstallShield Installation Information
2013-12-02 16:27:09 ----HD---- C:\WINDOWS\inf
2013-12-02 16:27:08 ----D---- C:\WINDOWS\system32\CatRoot2
2013-12-02 16:22:01 ----D---- C:\Program Files\Google
2013-12-02 16:20:42 ----ASH---- C:\boot.ini
2013-12-02 16:20:42 ----AC---- C:\WINDOWS\win.ini
2013-12-02 16:20:42 ----AC---- C:\WINDOWS\system.ini
2013-12-02 16:19:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2013-12-02 16:18:46 ----D---- C:\WINDOWS\pss
2013-12-02 16:15:18 ----D---- C:\Documents and Settings\Ivan\Data aplikací\Media Player Classic
2013-12-02 16:13:34 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-12-02 16:13:34 ----D---- C:\Program Files\Microsoft
2013-12-02 16:12:34 ----D---- C:\Program Files\BitTorrent
2013-12-02 16:12:06 ----D---- C:\Program Files\CCleaner
2013-12-02 06:22:13 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2013-12-01 12:53:34 ----AC---- C:\WINDOWS\NeroDigital.ini
2013-11-23 19:22:44 ----D---- C:\WINDOWS\Logs
2013-11-23 19:22:44 ----D---- C:\WINDOWS\Debug
2013-11-23 03:03:06 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-11-23 03:02:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-11-23 03:02:35 ----D---- C:\Program Files\Internet Explorer
2013-11-23 03:02:29 ----D---- C:\WINDOWS\ie8updates
2013-11-23 03:02:15 ----D---- C:\WINDOWS\system32\MRT
2013-11-23 03:00:16 ----AC---- C:\WINDOWS\system32\MRT.exe
2013-11-03 13:26:04 ----SD---- C:\Documents and Settings\Ivan\Data aplikací\Microsoft
2013-11-03 13:21:40 ----D---- C:\WINDOWS\system32\CatRoot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-12-02 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-12-02 178304]
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2008-08-18 145952]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2013-04-22 466008]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 aswRdr;aswRdr; \??\C:\WINDOWS\system32\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; \??\C:\WINDOWS\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; \??\C:\WINDOWS\system32\drivers\aswSP.sys []
R1 aswTdi;aswTdi; \??\C:\WINDOWS\system32\drivers\aswTdi.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2013-07-22 242240]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2013-02-19 21361]
R2 aswFsBlk;aswFsBlk; \??\C:\WINDOWS\system32\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-04-07 4687872]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2009-11-19 95232]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NVENETFD;NVIDIA nForce 10/100 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-03-25 54400]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-03-25 22016]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2009-11-25 1617408]
S3 am3xp3kf;am3xp3kf; C:\WINDOWS\system32\drivers\am3xp3kf.sys []
S3 AMBFilt;AMBFilt; C:\WINDOWS\system32\drivers\AMBFilt.sys [2009-06-26 1656960]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2012-06-04 80824]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 MonFilt;MonFilt; C:\WINDOWS\system32\drivers\MonFilt.sys [2008-12-02 1389056]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2010-12-21 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2010-12-21 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2010-12-21 123648]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2012-06-04 181432]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 whfltr2k;WheelMouse USB Lower Filter Driver; C:\WINDOWS\system32\DRIVERS\whfltr2k.sys [2007-01-25 6784]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-04-07 602112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-02 50344]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-10-08 182696]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2013-03-26 76888]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2013-12-02 214520]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-06 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-06 135664]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2013-05-15 1435984]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]

-----------------EOF-----------------

Otevrete si poznamkovy blok

• Start->spustit->notepad
• Vlozte text nize

• Kód: Vybrat vše

  Windows Registry Editor Version 5.00
  
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WheelMouse]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^GamePark klient 2.lnk]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Ivan^Nabídka Start^Programy^Po spuštění^PowerReg Scheduler V3.exe]
  

• Soubor ulozte jako oprava.reg
• Pri ukladani dejte ulozit jako typ Vsechny soubory (nastevni je uvedeno na obrazku nize)
• 
• Zavrit notepad a spustit dvojklikem oprava.reg
• Pripadny dotaz na zmenu registru potvrdte
• Okno jen problikne a opravi regsitry - soubor muzete smazat

Jinak OK