Zpomalení - preventivka

[Ondra16]

Dobrý den, v poslední době mi přijde počítač docela pomalý. Ccleaner ani další čističe nic výrazného neudělali, defragmentace taky moc nepomohla. Tak se chci ujistit, jestli není chyba někde jinde. Předem děkuji a přikládám log z Rsitu.


Logfile of random's system information tool 1.09 (written by random/random)
Run by Sobolovi at 2011-10-26 23:07:04
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 401 GB (56%) free of 715 GB
Total RAM: 2814 MB (24% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:07:12, on 26.10.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\NetLimiter 2 Monitor\NLClient.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Windows\System32\mobsync.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Users\Sobolovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sobolovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sobolovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sobolovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sobolovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sobolovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sobolovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sobolovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sobolovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sobolovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sobolovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sobolovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Users\Sobolovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sobolovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sobolovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sobolovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sobolovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sobolovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sobolovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sobolovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sobolovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sobolovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sobolovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sobolovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sobolovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Sobolovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Windows\system32\taskeng.exe
C:\Ondra\Staženo\RSIT.exe
C:\Program Files\trend micro\Sobolovi.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.volny.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [Google Update] "C:\Users\Sobolovi\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 9348 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GlaryInitialize.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-832894828-2003885280-3080844110-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-832894828-2003885280-3080844110-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Sobolovi\AppData\Roaming\Mozilla\Firefox\Profiles\m80pbj08.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.csfd.cz"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, personas@christopher.beard:1.6.2, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, linkalert.conlan@addons.mozilla.com:1.0.2, bkmrksync@nokia.com:1.0.0.732, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, wrc@avast.com:20110101, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"bkmrksync@nokia.com"=C:\Petr\Nokia PC Suite 7\bkmrksync\
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFF12.DLL
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Sobolovi\AppData\Roaming\Mozilla\Firefox\Profiles\m80pbj08.default\extensions\
linkalert.conlan@addons.mozilla.com
personas@christopher.beard
plugin2@gameplaylabs.com
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{20a82645-c095-46ed-80e3-08825760534b}

C:\Users\Sobolovi\AppData\Roaming\Mozilla\Firefox\Profiles\m80pbj08.default\searchplugins\
daemon-search.xml
sfd.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2011-09-06 806456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-07-19 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2011-09-06 806456]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-09-09 6281760]
"USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2011-09-06 3722416]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-10-29 1352272]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-07-05 421888]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29 497648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11 249856]
"Google Update"=C:\Users\Sobolovi\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-06 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Petr\Nokia PC Suite 7\PCSuite.exe [2010-05-14 1479680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=i420vfw.dll
"vidc.yvu9"=iyvu9_32.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=AC3ACM.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"Msacm.l3codec"=L3codecp.acm
"VIDC.WMV3"=wmv9vcm.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.DIVX"=DivX.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll
"vidc.mjpg"=pvmjpg30.dll
"msacm.divxa32"=msaud32_divx.acm
"VIDC.IV41"=ir41_32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2011-10-26 23:07:04 ----D---- C:\rsit
2011-10-26 23:05:36 ----D---- C:\Users\Sobolovi\AppData\Roaming\GlarySoft
2011-10-26 22:55:32 ----A---- C:\Windows\isRS-000.tmp
2011-10-26 22:50:04 ----D---- C:\Program Files\Glary Utilities
2011-10-26 13:20:25 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2011-10-26 12:19:23 ----D---- C:\ProgramData\eSellerate
2011-10-26 12:19:22 ----D---- C:\ProgramData\SmartSound Software Inc
2011-10-26 12:19:18 ----D---- C:\Program Files\SmartSound Software
2011-10-26 12:18:31 ----D---- C:\Program Files\Common Files\Adobe AIR
2011-10-13 17:13:18 ----A---- C:\Windows\system32\mshtmled.dll
2011-10-13 17:13:18 ----A---- C:\Windows\system32\iertutil.dll
2011-10-13 17:13:17 ----A---- C:\Windows\system32\wininet.dll
2011-10-13 17:13:17 ----A---- C:\Windows\system32\jscript.dll
2011-10-13 17:13:17 ----A---- C:\Windows\system32\ieui.dll
2011-10-13 17:13:16 ----A---- C:\Windows\system32\urlmon.dll
2011-10-13 17:13:16 ----A---- C:\Windows\system32\url.dll
2011-10-13 17:13:16 ----A---- C:\Windows\system32\jsproxy.dll
2011-10-13 17:13:16 ----A---- C:\Windows\system32\jscript9.dll
2011-10-13 17:13:15 ----A---- C:\Windows\system32\ieframe.dll
2011-10-13 17:13:14 ----A---- C:\Windows\system32\mshtml.dll
2011-10-12 15:52:21 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-12 15:52:20 ----A---- C:\Windows\system32\win32k.sys
2011-10-12 15:52:11 ----A---- C:\Windows\system32\UIAutomationCore.dll
2011-10-12 15:52:11 ----A---- C:\Windows\system32\oleacc.dll
2011-10-12 15:52:10 ----A---- C:\Windows\system32\oleaut32.dll
2011-10-12 15:52:10 ----A---- C:\Windows\system32\oleaccrc.dll
2011-10-09 12:52:05 ----A---- C:\Windows\system32\pncrt.dll
2011-10-09 12:52:04 ----RASH---- C:\Windows\system32\TAKDSDecoder.dll
2011-10-01 14:52:28 ----A---- C:\Users\Sobolovi\AppData\Roaming\glide_wrapper.zbag.ini
2011-09-28 14:37:03 ----D---- C:\Program Files\QuickTime
2011-09-28 14:37:02 ----D---- C:\ProgramData\Apple Computer
2011-09-28 14:32:24 ----D---- C:\Program Files\Apple Software Update

======List of files/folders modified in the last 1 month======

2011-10-26 23:07:12 ----D---- C:\Windows\Prefetch
2011-10-26 23:07:07 ----D---- C:\Windows\Temp
2011-10-26 23:07:07 ----D---- C:\Program Files\trend micro
2011-10-26 22:58:20 ----D---- C:\Windows
2011-10-26 22:55:34 ----D---- C:\Windows\Tasks
2011-10-26 22:52:59 ----D---- C:\Users\Sobolovi\AppData\Roaming\Skype
2011-10-26 22:52:53 ----D---- C:\Program Files
2011-10-26 22:52:24 ----SHD---- C:\System Volume Information
2011-10-26 22:50:11 ----D---- C:\Windows\system32\Tasks
2011-10-26 22:37:52 ----D---- C:\Ondra
2011-10-26 20:41:47 ----D---- C:\Users\Sobolovi\AppData\Roaming\Mozilla
2011-10-26 17:46:30 ----D---- C:\Users\Sobolovi\AppData\Roaming\uTorrent
2011-10-26 13:43:09 ----D---- C:\ProgramData\Adobe
2011-10-26 13:22:29 ----D---- C:\Users\Sobolovi\AppData\Roaming\Adobe
2011-10-26 13:20:25 ----D---- C:\ProgramData
2011-10-26 12:20:27 ----D---- C:\Program Files\InstallShield Installation Information
2011-10-26 12:20:07 ----SHD---- C:\Windows\Installer
2011-10-26 12:19:24 ----D---- C:\Windows\System32
2011-10-26 12:18:39 ----D---- C:\Program Files\Common Files\Adobe
2011-10-26 12:18:34 ----D---- C:\Program Files\Adobe
2011-10-26 12:18:31 ----D---- C:\Program Files\Common Files
2011-10-26 12:05:31 ----RSD---- C:\Windows\Fonts
2011-10-26 12:03:43 ----D---- C:\Windows\winsxs
2011-10-26 12:03:27 ----D---- C:\Windows\system32\catroot
2011-10-26 12:02:03 ----D---- C:\Windows\system32\drivers
2011-10-26 12:02:03 ----D---- C:\Windows\inf
2011-10-26 12:02:03 ----D---- C:\Program Files\Common Files\PX Storage Engine
2011-10-26 11:58:26 ----D---- C:\Windows\system32\drivers\etc
2011-10-26 11:54:19 ----D---- C:\Users\Sobolovi\AppData\Roaming\Microsoft
2011-10-26 10:57:16 ----D---- C:\Windows\system32\spool
2011-10-26 10:56:45 ----D---- C:\Program Files\Google
2011-10-26 10:56:38 ----D---- C:\Windows\Debug
2011-10-26 10:53:04 ----D---- C:\Users\Sobolovi\AppData\Roaming\DAEMON Tools Lite
2011-10-26 10:14:21 ----D---- C:\Users\Sobolovi\AppData\Roaming\Winamp
2011-10-26 10:12:19 ----D---- C:\Windows\WindowsMobile
2011-10-26 10:12:18 ----D---- C:\Windows\system32\winevt
2011-10-26 10:12:18 ----D---- C:\Windows\system32\sysprep
2011-10-26 10:12:17 ----D---- C:\Windows\system32\SMI
2011-10-26 10:12:17 ----D---- C:\Windows\system32\setup
2011-10-26 10:12:17 ----D---- C:\Windows\system32\oobe
2011-10-26 10:12:16 ----D---- C:\Windows\system32\MUI
2011-10-26 10:12:03 ----D---- C:\Windows\system32\drivers\UMDF
2011-10-26 10:12:02 ----D---- C:\Windows\system32\config
2011-10-26 10:12:02 ----D---- C:\Windows\system32\com
2011-10-26 10:12:00 ----D---- C:\Windows\SoftwareDistribution
2011-10-26 10:11:54 ----D---- C:\Windows\security
2011-10-26 10:11:54 ----D---- C:\Windows\registration
2011-10-26 10:11:54 ----D---- C:\Windows\PLA
2011-10-26 10:11:53 ----D---- C:\Windows\Panther
2011-10-26 10:11:53 ----D---- C:\Windows\MSAgent
2011-10-26 10:11:52 ----D---- C:\Windows\Microsoft.NET
2011-10-26 10:11:50 ----D---- C:\Windows\IME
2011-10-26 10:11:50 ----D---- C:\Windows\Help
2011-10-26 10:11:49 ----RSD---- C:\Windows\assembly
2011-10-26 10:11:49 ----D---- C:\Windows\DigitalLocker
2011-10-26 10:11:45 ----D---- C:\Windows\AppPatch
2011-10-26 10:11:38 ----D---- C:\Users\Sobolovi\AppData\Roaming\Nokia
2011-10-26 10:11:38 ----D---- C:\Users\Sobolovi\AppData\Roaming\Logitech
2011-10-26 10:11:38 ----D---- C:\Users\Sobolovi\AppData\Roaming\Logishrd
2011-10-26 10:11:38 ----D---- C:\Users\Sobolovi\AppData\Roaming\Hamachi
2011-10-26 10:11:37 ----D---- C:\Users\Sobolovi\AppData\Roaming\dvdcss
2011-10-26 10:11:37 ----D---- C:\Users\Sobolovi\AppData\Roaming\avidemux
2011-10-26 10:11:37 ----D---- C:\Users\Sobolovi\AppData\Roaming\Audacity
2011-10-26 10:11:07 ----D---- C:\ProgramData\PC Suite
2011-10-26 10:11:06 ----D---- C:\ProgramData\Microsoft
2011-10-26 10:11:06 ----D---- C:\ProgramData\Logishrd
2011-10-26 10:11:04 ----D---- C:\ProgramData\FitLinie
2011-10-26 10:11:03 ----D---- C:\Program Files\Windows Media Player
2011-10-26 10:10:52 ----D---- C:\Program Files\Mozilla Firefox
2011-10-26 10:10:51 ----D---- C:\Program Files\Microsoft Visual Studio 8
2011-10-26 10:10:44 ----D---- C:\Program Files\eMule
2011-10-26 10:10:43 ----D---- C:\Program Files\Common Files\System
2011-10-26 10:10:42 ----D---- C:\Program Files\Common Files\microsoft shared
2011-10-26 10:01:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-10-21 18:14:35 ----D---- C:\ProgramData\CanonIJPLM
2011-10-14 21:57:17 ----D---- C:\ProgramData\Microsoft Help
2011-10-14 21:41:23 ----D---- C:\Hry
2011-10-14 17:46:21 ----RD---- C:\Program Files\Skype
2011-10-14 16:48:55 ----D---- C:\Windows\system32\catroot2
2011-10-13 17:50:26 ----D---- C:\Windows\rescache
2011-10-13 17:32:48 ----D---- C:\Program Files\Microsoft Silverlight
2011-10-13 17:31:33 ----D---- C:\Windows\system32\migration
2011-10-13 17:31:33 ----D---- C:\Windows\system32\cs-CZ
2011-10-13 17:31:33 ----D---- C:\Program Files\Windows Mail
2011-10-13 17:31:33 ----D---- C:\Program Files\Internet Explorer
2011-10-13 17:13:40 ----A---- C:\Windows\system32\mrt.exe
2011-10-10 22:51:33 ----D---- C:\Program Files\SUPER
2011-10-09 19:01:14 ----D---- C:\Program Files\Ashampoo Burning Studio 6 FREE
2011-10-05 14:34:20 ----D---- C:\Program Files\Winamp
2011-10-05 14:33:47 ----D---- C:\Program Files\Winamp Detect
2011-10-01 17:15:18 ----D---- C:\Program Files\Defraggler

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-03-19 45648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-03-23 691696]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-09-06 34392]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-09-06 442200]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-09-06 320856]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-09-06 52568]
R1 nltdi;nltdi; \??\C:\Windows\system32\drivers\nltdi.sys [2007-04-23 81688]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-09-06 20568]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-09-06 54616]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2011-10-26 16608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-09-09 2167128]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\System32\Drivers\LEqdUsb.Sys [2010-08-24 40912]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\System32\Drivers\LHidEqd.Sys [2010-08-24 10448]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2010-08-24 38864]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2010-08-24 37328]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-07-08 1050656]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-09-24 45600]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-07-10 11008040]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-08-25 15872]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]
S3 aj1m24l5;aj1m24l5; C:\Windows\system32\drivers\aj1m24l5.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9; C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-06 169408]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-09-06 44768]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 GEST Service;GEST Service for program management.; C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe [2008-08-08 80392]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 nlsvc;NetLimiter; C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe [2007-04-23 491520]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 129640]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-01-30 75136]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2011-01-31 214520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-17 135664]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-17 135664]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-10-28 293456]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

[Mc_Murphy]

Zdravím.

Dej mi minutku, hnedle se na to mrknu.

[Mc_Murphy]

Log vypadá na havěť čistý.

Fixni v HJT tyto položky:

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [Google Update] "C:\Users\Sobolovi\AppData\Local\Google\Update\GoogleUpdate.exe" /c

"Fixnout" znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek. Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
HJT najdeš zde: C:\Program Files\trend micro\Sobolovi.exe

Dále stáhni utilitu OTM z jednoho z těchto odkazů:

• http://oldtimer.geekstogo.com/OTM.exe
  http://oldtimer.geekstogo.com/OTM.com
  http://oldtimer.geekstogo.com/OTM.scr

Ulož ji na Plochu a dvojklikem spusť.

Do levého okna Paste Instructions for Items to be Moved zkopíruj tento script:

Kód: Vybrat vše

:Services
AdobeARMservice
gupdate
gupdatem
gusvc

:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]

:Files
%windir%\*.tmp /s
%windir%\system32\SET*.tmp /s
%windir%\system32\*.tmp.dll /s
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
C:\Windows\tasks\GlaryInitialize.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-832894828-2003885280-3080844110-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-832894828-2003885280-3080844110-1000UA.job
C:\Users\Sobolovi\AppData\Roaming\Mozilla\Firefox\Profiles\m80pbj08.default\searchplugins\daemon-search.xml

:Commands
[Purity]
[ResetHosts]
[EmptyTemp]
[EmptyFlash]
[ClearAllRestorePoints]

Nyní klikni na tlačítko [MoveIt!], čímž vše spustíš.
Po restartu mi sem hoď log, který najdeš v C:\_OTM\MovedFiles\

A pro jistotu proveď scan s MBAM:

Stáhni a nainstaluj Malwarebytes' Anti-Malware (zkráceně MBAM) podle návodu z tohoto topicu.

• Proveď aktualizaci virové databáze.
• V záložce Kontrolor zvol Úplná kontrola a zaškrtni všechny pevné disky, které máš na počítači.
• Předem nic nemaž!!
• MBAM mívá občas falešné detekce, proto vlož jeho log do příspěvku a počkej na posouzení!

[Ondra16]

V Hijack jsem vše fixnul podle doporučení a log z OTM mám zde. Ještě provádím test MBAMem, jakmile budou výsledky, tak je sem hned dám. Ještě jednou děkuji za pomoc.


All processes killed
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service gusvc stopped successfully!
Service gusvc deleted successfully!
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray\ deleted successfully.
========== FILES ==========
C:\Windows\Installer\MSI31EB.tmp moved successfully.
C:\Windows\Installer\MSICF3D.tmp moved successfully.
C:\Windows\Installer\MSIE33D.tmp moved successfully.
C:\Windows\Temp\sig1D02.tmp moved successfully.
C:\Windows\Temp\sig4605.tmp moved successfully.
C:\Windows\Temp\sigE58E.tmp moved successfully.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll moved successfully.
C:\Windows\tasks\GlaryInitialize.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-832894828-2003885280-3080844110-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-832894828-2003885280-3080844110-1000UA.job moved successfully.
C:\Users\Sobolovi\AppData\Roaming\Mozilla\Firefox\Profiles\m80pbj08.default\searchplugins\daemon-search.xml moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: Sobolovi
->Temp folder emptied: 969621 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 21245498 bytes
->Google Chrome cache emptied: 92812049 bytes
->Flash cache emptied: 2673 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 666 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 110,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: Sobolovi
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


Restore point Set: OTM Restore Point

OTM by OldTimer - Version 3.1.19.0 log created on 10272011_091739

Files moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[Mc_Murphy]

V Hijack jsem vše fixnul podle doporučení a log z OTM mám zde. Ještě provádím test MBAMem, jakmile budou výsledky, tak je sem hned dám. Ještě jednou děkuji za pomoc.

Super, počkám si.

[Ondra16]

MBAM log:


Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Verze databáze: 8028

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

27.10.2011 16:45:00
mbam-log-2011-10-27 (16-44-50).txt

Typ: Úplná kontrola (C:\|K:\|)
Kontrolované objekty: 365591
Uplynulý čas: 1 hodin, 9 minut, 6 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 3

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\Ondra\instalace\Winamp\winamp5582975.exe (Trojan.Backdoor) -> No action taken.
c:\program files\irfanview\languages\Czech1.dll (Trojan.ModifiedUPX) -> No action taken.
c:\Radana\Radana\doučování aj\Crack\Crack.exe (Trojan.Dropper) -> No action taken.

[Mc_Murphy]

Takže OTM provedlo co mělo.
U MBAMu smaž třetí položku c:\Radana\Radana\doučování aj\Crack\Crack.exe (Trojan.Dropper) a nezapomeň, že cracky jsou nejlepším způsobem, jak si zavirovat PC! O autorských právech ani nemluvě, že?!
První dva nálezy jsou planý poplach. Cítíš-li se nejistý, smaž je klidně také.

Jak je na tom počítač?

[Ondra16]

Je to o něco rychlejší, děkuji. Chtěl jsem se ujistit, že to není něco horšího. Oba disky už mám docela plné a taky už je to delší čas, co jsem naposledy přeinstalovával Windows, takže se asi nějakého výrazného zrychlení nedočkám. Každopádně moc děkuji za pomoc. Ještě nechám PC projet scandiskem.

[Mc_Murphy]

Jasný. Jestli jsou disky plnější, jistě budou pomalejší.

K rychlejšímu běhu bych ještě doporučoval pravidelnou defragmentaci (tu provádíš, jak píšeš), doporučoval bych program Defraggler (taky máš, jak tak koukám ).
Hlídej Plochu - velké soubory zbůsobují značné zpomalení chodu počítače. Celková velikost Plochy by neměla přesáhnout +/- 300 MB.
Systém by měl mít na systémovém disku (u Tebe C:\) alespoň 10 GB volného místa, jinak se "dusí".
Scandisk může také něco ukázat a opravit.


Tak ještě dočistíme...

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stáhni a spusť.
• Klikni na CleanUp a potvrď YES.
• Program uklidí a může (nemusí) restartovat PC.

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stáhni a spusť.
• Klikni na Start a potvrď OK.
• Program uklidí a může (nemusí) restartovat PC.
• Po použití utilitu smaž.

Pokud nemáš, stáhni CCleaner z tohoto odkazu.

• Panel čistič
• Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.

• Panel registry
• Klikni na Hledej problémy.
• Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
• Postup opakuj, dokud nebude bez problémů - většinou cca 3x.

• Panel nástroje
• Zde můžeš odinstalovat nepotřebné programy.

CCleaner doporučuji používat cca jednou za týden.

... a pokud nejsou žádné dotazy, bylo by to z mé strany vše.

[Ondra16]

Děkuji za pomoc. Ccleaner používám pravidelně.

[Mc_Murphy]

Ccleaner používám pravidelně.

To je jen dobře.

Není vůbec zač a rádo se stalo. Přeji pěkný den.