Prosím o kontrolu logu

[Paulie0001]

Dobrý den.... PC se mi po restartu pomalu načítá.... Také když někdy zapnu Google chrome, kde mám třeba 7 záložek, tak taky se pomalu načítají...... Přitom mám pocit, že hardware počítače je poměrně nadupaný a internetové připojení je rychle, tak tyhle problémy bych neměl mít....
tak prosím o malou kontrolu, kdyby náhodou....

Logfile of random's system information tool 1.09 (written by random/random)
Run by Paulie at 2013-03-03 09:42:58
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 231 GB (49%) free of 477 GB
Total RAM: 3325 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:45:37, on 3.3.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\CNAB4RPK.EXE
C:\Programy\PowerISO\PWRISOVM.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Programy\uTorrent\uTorrent.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\OSCAR Editor X7\OscarEditor.exe
C:\Program Files\Hamachi\hamachi.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Paulie\Plocha\RSIT.exe
C:\Program Files\trend micro\Paulie.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Programy\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Programy\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files\OSCAR Editor X7\OscarEditor.exe" Minimum
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\WINDOWS\system32\AppleChargerSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Programy\Tunngle\TnglCtrl.exe
O23 - Service: webcamXP Service (wxpSvc) - Moonware Studios - C:\Programy\webcamXP 5\wService.exe

--
End of file - 7046 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA}]
C:\Program Files\PicLensIE\cooliris.dll [2010-02-25 4655064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2011-10-14 20064872]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-05-15 15504192]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2012-05-15 108352]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2012-05-15 1634112]
"ROC_roc_ssl_v12"=C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe / /PROMPT /CMPID=roc_ssl_v12 []
"PWRISOVM.EXE"=C:\Programy\PowerISO\PWRISOVM.EXE [2012-08-24 336992]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe []
"uTorrent"=C:\Programy\uTorrent\uTorrent.exe [2012-12-25 969104]
"Steam"=C:\Program Files\Steam\steam.exe [2013-02-25 1602984]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-01-08 18705664]
"OscarEditor"=C:\Program Files\OSCAR Editor X7\OscarEditor.exe [2012-03-20 3340288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2013-01-08 18705664]

C:\Documents and Settings\Paulie\Nabídka Start\Programy\Po spuštění
hamachi.lnk - C:\Program Files\Hamachi\hamachi.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-04-19 52224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programy\Tunngle\TnglCtrl.exe"="C:\Programy\Tunngle\TnglCtrl.exe:*:Enabled:Tunngle Service"
"C:\Programy\Tunngle\Tunngle.exe"="C:\Programy\Tunngle\Tunngle.exe:*:Enabled:Tunngle Client"
"C:\Hry\Wolfenstein ET\ET.exe"="C:\Hry\Wolfenstein ET\ET.exe:*:Enabled:ET"
"C:\Hry\IPCurve\ipcurve.exe"="C:\Hry\IPCurve\ipcurve.exe:*:Enabled:ipcurve"
"C:\WINDOWS\system32\CNAB4RPK.EXE"="C:\WINDOWS\system32\CNAB4RPK.EXE:*:Enabled:Canon LBP2900 RPC Server Process"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Hry\Portal 2\portal2.exe"="C:\Hry\Portal 2\portal2.exe:*:Enabled:portal2"
"C:\Wotlk\World of Warcraft 3.3.5a (no install)\WoW-x.x.x.x-4.0.0.12911-Downloader.exe"="C:\Wotlk\World of Warcraft 3.3.5a (no install)\WoW-x.x.x.x-4.0.0.12911-Downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Wotlk\World of Warcraft 3.3.5a (no install)\Launcher.exe"="C:\Wotlk\World of Warcraft 3.3.5a (no install)\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Wotlk\World of Warcraft 3.3.5a (no install)\Launcher.patch.exe"="C:\Wotlk\World of Warcraft 3.3.5a (no install)\Launcher.patch.exe:*:Enabled:Blizzard Launcher"
"C:\WoW\World of Warcraft - 3.3.5a (12340) - enUS (No Install)\WoW-x.x.x.x-4.0.0.12911-Downloader.exe"="C:\WoW\World of Warcraft - 3.3.5a (12340) - enUS (No Install)\WoW-x.x.x.x-4.0.0.12911-Downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Programy\QIP\qip.exe"="C:\Programy\QIP\qip.exe:*:Enabled:QIP 2012"
"C:\Hry\Counter strike 1.6\hl.exe"="C:\Hry\Counter strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Hry\Counter-Strike 1.6 Standalone\launcher.exe"="C:\Hry\Counter-Strike 1.6 Standalone\launcher.exe:*:Enabled:Creted by Martin.cz"
"C:\Programy\webcamXP 5\wLite.exe"="C:\Programy\webcamXP 5\wLite.exe:*:Enabled:webcamXP"
"C:\Programy\webcamXP 5\wService.exe"="C:\Programy\webcamXP 5\wService.exe:*:Enabled:webcamXP Service"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Hry\DMC Devi May Cry\Binaries\Win32\DMC-DevilMayCry.exe"="C:\Hry\DMC Devi May Cry\Binaries\Win32\DMC-DevilMayCry.exe:*:Enabled:DMC-DevilMayCry"
"C:\FarCry 3\bin\farcry3.exe"="C:\FarCry 3\bin\farcry3.exe:*:Enabled:FarCry 3 D3D9"
"C:\FarCry 3\bin\farcry3_d3d11.exe"="C:\FarCry 3\bin\farcry3_d3d11.exe:*:Enabled:FarCry 3 D3D11"
"C:\FarCry 3\bin\FC3Updater.exe"="C:\FarCry 3\bin\FC3Updater.exe:*:Enabled:FarCry 3 Updater"
"C:\FarCry 3\bin\FC3Editor.exe"="C:\FarCry 3\bin\FC3Editor.exe:*:Enabled:FarCry 3 IGE"
"E:\Resident Evil\RE5DX9.EXE"="E:\Resident Evil\RE5DX9.EXE:*:Enabled:RESIDENT EVIL 5 (DX9)"
"E:\Resident Evil\RE5DX10.EXE"="E:\Resident Evil\RE5DX10.EXE:*:Enabled:RESIDENT EVIL 5 (DX10)"
"E:\Diablo\Diablo.exe"="E:\Diablo\Diablo.exe:*:Enabled:Diablo"
"E:\Diablo\hellfire\SIERRA\HELLFIRE\hellfire.exe"="E:\Diablo\hellfire\SIERRA\HELLFIRE\hellfire.exe:*:Enabled:Hellfire"
"C:\Program Files\Steam\steamapps\common\dota 2 beta\dota.exe"="C:\Program Files\Steam\steamapps\common\dota 2 beta\dota.exe:*:Enabled:Dota 2"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======List of files/folders created in the last 1 month======

2013-03-03 09:42:58 ----D---- C:\rsit
2013-03-03 09:42:58 ----D---- C:\Program Files\trend micro
2013-03-02 10:50:18 ----D---- C:\Documents and Settings\Paulie\Data aplikací\Doublefine
2013-03-01 18:18:49 ----D---- C:\Documents and Settings\Paulie\Data aplikací\Hamachi
2013-03-01 18:18:28 ----A---- C:\WINDOWS\system32\drivers\hamachi.sys
2013-03-01 18:18:27 ----D---- C:\Program Files\Hamachi
2013-02-28 17:21:52 ----A---- C:\diablo.txt
2013-02-28 16:37:36 ----D---- C:\Program Files\Sierra On-Line
2013-02-28 16:36:50 ----A---- C:\WINDOWS\SIERRA.INI
2013-02-28 16:36:21 ----A---- C:\WINDOWS\DiabUnin.pif
2013-02-28 16:36:20 ----A---- C:\WINDOWS\DiabUnin.exe
2013-02-28 16:36:18 ----A---- C:\WINDOWS\DiabUnin.dat
2013-02-26 19:43:33 ----A---- C:\Zástupce - Advanced Camera.lnk
2013-02-25 17:29:45 ----D---- C:\WINDOWS\system32\xlive
2013-02-25 17:29:44 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2013-02-23 18:12:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\boost_interprocess
2013-02-23 17:38:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Boss Media
2013-02-17 15:50:09 ----A---- C:\Nový objekt - Textový dokument.txt
2013-02-16 21:08:03 ----D---- C:\WINDOWS\Minidump
2013-02-15 02:14:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2778344$
2013-02-15 02:14:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2799494$
2013-02-15 02:14:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2802968$
2013-02-15 02:14:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2780091$
2013-02-13 21:07:57 ----A---- C:\WINDOWS\system32\drivers\PnkBstrK.sys
2013-02-13 21:07:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Orbit
2013-02-13 19:45:04 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2013-02-13 19:45:03 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2013-02-13 19:43:21 ----D---- C:\5191a2e1d40e4d83509e
2013-02-13 19:29:26 ----D---- C:\FarCry 3
2013-02-12 00:27:52 ----A---- C:\STF438.tmp
2013-02-12 00:17:57 ----A---- C:\STF42F.tmp
2013-02-12 00:08:56 ----A---- C:\STF426.tmp
2013-02-11 23:55:59 ----A---- C:\STF41C.tmp
2013-02-11 23:42:50 ----A---- C:\STF414.tmp
2013-02-11 23:40:23 ----A---- C:\STF40E.tmp
2013-02-11 18:56:15 ----A---- C:\STF318.tmp
2013-02-11 18:41:29 ----A---- C:\STF30E.tmp
2013-02-11 18:29:07 ----A---- C:\STF309.tmp
2013-02-11 18:20:28 ----A---- C:\STF300.tmp
2013-02-11 18:09:21 ----A---- C:\STF2F8.tmp
2013-02-11 17:58:23 ----A---- C:\STF2F0.tmp
2013-02-11 17:46:58 ----A---- C:\STF2E6.tmp
2013-02-11 17:31:56 ----A---- C:\STF2C1.tmp
2013-02-11 17:22:08 ----A---- C:\STF2BD.tmp
2013-02-11 17:21:43 ----A---- C:\STF2BC.tmp
2013-02-11 17:10:02 ----A---- C:\STF2A7.tmp
2013-02-11 16:56:47 ----A---- C:\STF293.tmp
2013-02-11 16:51:42 ----A---- C:\STF28D.tmp
2013-02-10 17:58:32 ----A---- C:\STF443.tmp
2013-02-07 17:34:40 ----D---- C:\Program Files\OSCAR Editor X7
2013-02-07 17:34:12 ----D---- C:\Program Files\OscarEditor

======List of files/folders modified in the last 1 month======

2013-03-03 09:44:10 ----D---- C:\Documents and Settings\Paulie\Data aplikací\uTorrent
2013-03-03 09:43:06 ----D---- C:\WINDOWS\Prefetch
2013-03-03 09:42:58 ----RD---- C:\Program Files
2013-03-03 09:35:37 ----D---- C:\WINDOWS\Temp
2013-03-03 09:34:23 ----D---- C:\Program Files\Steam
2013-03-03 09:29:55 ----D---- C:\WINDOWS\system32\CatRoot2
2013-03-03 09:29:10 ----D---- C:\Documents and Settings\Paulie\Data aplikací\Skype
2013-03-03 00:06:53 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-03-03 00:05:55 ----D---- C:\Documents and Settings\Paulie\Data aplikací\TS3Client
2013-03-02 09:03:27 ----D---- C:\WINDOWS
2013-03-01 18:20:12 ----D---- C:\Documents and Settings\Paulie\Data aplikací\Tunngle
2013-03-01 18:18:32 ----HD---- C:\WINDOWS\inf
2013-03-01 18:18:32 ----D---- C:\WINDOWS\system32\drivers
2013-03-01 11:54:44 ----D---- C:\WINDOWS\system
2013-02-27 23:50:39 ----D---- C:\Documents and Settings\Paulie\Data aplikací\vlc
2013-02-27 18:32:49 ----D---- C:\WINDOWS\system32
2013-02-27 18:32:47 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-02-25 17:35:31 ----SHD---- C:\WINDOWS\Installer
2013-02-25 17:35:29 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-02-25 17:31:23 ----D---- C:\WINDOWS\system32\DirectX
2013-02-25 17:30:53 ----RSD---- C:\WINDOWS\assembly
2013-02-15 02:15:07 ----A---- C:\WINDOWS\system32\MRT.exe
2013-02-15 02:14:58 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-02-15 02:14:55 ----D---- C:\WINDOWS\ie8updates
2013-02-15 02:14:53 ----HD---- C:\WINDOWS\$hf_mig$
2013-02-15 02:14:53 ----D---- C:\WINDOWS\Microsoft.NET
2013-02-15 02:14:52 ----A---- C:\WINDOWS\imsins.BAK
2013-02-15 02:14:19 ----D---- C:\Program Files\Internet Explorer
2013-02-15 02:12:14 ----D---- C:\WINDOWS\WinSxS
2013-02-15 02:12:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-02-13 19:45:24 ----D---- C:\WINDOWS\system32\CatRoot
2013-02-13 19:43:57 ----D---- C:\WINDOWS\system32\XPSViewer
2013-02-13 19:43:56 ----RSD---- C:\WINDOWS\Fonts
2013-02-13 19:29:25 ----HD---- C:\Program Files\InstallShield Installation Information
2013-02-07 01:25:06 ----D---- C:\WINDOWS\system32\en-US
2013-02-07 01:24:58 ----D---- C:\Program Files\Microsoft.NET

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-10-30 25256]
R1 AppleCharger;AppleCharger; C:\WINDOWS\system32\DRIVERS\AppleCharger.sys [2011-11-02 19056]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-10-30 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2012-08-24 113104]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-10-30 97608]
R2 RtNdPt5x;Realtek NDIS Protocol Driver; C:\WINDOWS\System32\DRIVERS\RtNdPt5x.sys [2011-06-15 27424]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\WINDOWS\System32\Drivers\EtronHub3.sys [2011-07-29 44928]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\WINDOWS\System32\Drivers\EtronXHCI.sys [2011-07-29 64256]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2013-03-01 25280]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2011-10-18 6439528]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-05-15 14014656]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2012-04-18 123840]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2011-12-08 327400]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 RTLTEAMING;Realtek Intermediate Driver for Ethernet Extended Features; C:\WINDOWS\System32\DRIVERS\RTLTEAMING.SYS [2011-06-15 34208]
S3 RTLVLAN;Realtek VLAN Intermediate Driver; C:\WINDOWS\System32\DRIVERS\RTLVLAN.SYS [2011-06-15 17664]
S3 RTLVLANMP;Realtek Virtual Adapter; C:\WINDOWS\System32\DRIVERS\RTLVLAN.SYS [2011-06-15 17664]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-04-11 82944]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-04-11 87808]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-05-15 164160]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2013-02-13 76888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-27 251248]
S3 AppleChargerSrv;AppleChargerSrv; C:\WINDOWS\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2013-02-25 543144]
S3 TunngleService;TunngleService; C:\Programy\Tunngle\TnglCtrl.exe [2012-11-26 745368]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-04-19 823808]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 wxpSvc;webcamXP Service; C:\Programy\webcamXP 5\wService.exe [2012-03-26 5404472]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Mc_Murphy]

Zdravím.

Vydrž minutku, na logu se intenzivně pracuje.

[Mc_Murphy]

Mno nediv se, že to jede pomalu, když máš po startu systému spouštěnou opravdu spoustu programů - většinu z nich naprosto zbytečně. S dovolením to promažu, tím by se měl náběh značně zrychlit. A taky µTorrent, koukám, jede na plné obrátky, takže je možné, že sis do poče natáhl nějaký "bonůsek".

Takhle na první pohled havěť nevidět, ale zkusíme preventivně kouknout hlouběji.


Stáhni a nainstaluj Malwarebytes' Anti-Malware (zkráceně MBAM) podle návodu z tohoto topicu.

• Proveď aktualizaci virové databáze.
• V záložce Kontrolor zvol Úplná kontrola a zaškrtni všechny pevné disky, které máš na počítači.
• Předem nic nemaž!!
• MBAM mívá občas falešné detekce, proto vlož jeho log do příspěvku a počkej na posouzení!

[Paulie0001]

Už jsem se začínal bát, že mi žádnej rádce nebyl přidělen:-) jsem tu včera celý den mačkal klávesu F5 a stále nic ....
Které programy byste vypl při náběhu do systému? A určitě moje povolení máte, budu jen rád:-)... Díky za pomoc.

Posílám log z MBAM:

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org

Verze: v2013.03.04.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Paulie :: MAFIABOS-XFR275 [administrátor]

Ochrana: Povolena

4.3.2013 14:34:09
MBAM-log-2013-03-04 (17-59-27).txt

Typ: Kompletní kontrola (C:\|E:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 561285
Uplynulý čas: 3 hodin, 8 minut, 53 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 6
C:\System Volume Information\_restore{8FA7BAD1-5B05-4BD7-AC47-E8B06253B1AC}\RP60\A0012369.exe (PUP.Offerware) -> Nebyla provedena žádná instrukce.
C:\RECYCLER\S-1-5-21-1275210071-1409082233-839522115-1003\Dc359\DLLLoad.exe (Backdoor.Agent.Gen) -> Nebyla provedena žádná instrukce.
E:\Qoobox\Quarantine\C\Program Files\Savings Sidekick\Savings Sidekick-bg.exe.vir (PUP.CrossRider.SSK) -> Nebyla provedena žádná instrukce.
E:\Qoobox\Quarantine\C\Program Files\Savings Sidekick\Savings Sidekick.dll.vir (PUP.CrossRider.SSK) -> Nebyla provedena žádná instrukce.
E:\Qoobox\Quarantine\C\Program Files\Savings Sidekick\Savings Sidekick.exe.vir (PUP.CrossRider.SSK) -> Nebyla provedena žádná instrukce.
E:\Qoobox\Quarantine\C\Program Files\Savings Sidekick\Uninstall.exe.vir (PUP.CrossRider.SSK) -> Nebyla provedena žádná instrukce.

(konec)

[Mc_Murphy]

Včera byla neděle a my jsme tu zdarma a ve svém volném čase. Máme své manželky, děti a rodiny a své zájmy, takže musíš být trpělivý a soudný, že v neděli chtějí být lidé taky jinde, než jen u PC a louskat logy.


Umažu toho více, nebudu tu vše vypisovat, smáznu jen to, co není důležité pro chod systému. Každopádně ručně Ty sám můžeš v jeho nastaveních vypnout z nabíhání po startu systému program Skype - hodně zdržuje. Program zapínej ručně jen v případě potřeby.

Všechny nálezy MBAMu dej v klidu smazat. Po smazání MBAM zase odinstaluj, už jej nebudeme potřebovat.

Potom podle tohoto návodu vypni body obnovy pro svůj počítač, dej restart (ony se smáznou) a pak si je zase stejným postupem zapni. V tom starém je totiž havěť.

Až budeš se vším hotov, napiš, jestli se vše povedlo a budeme pokračovat v čištění.

[Paulie0001]

vyskytl se problém...... Jak jsem zaškrtl všechny položky v MBAM, a dal jsem odstranit.....tak to chtělo restartovat PC.....ten jsem restartoval......a když se chci přihlásit na svůj účet pod uživatele Paulie, tak nenaběhne plocha..... Nejsou vidět ikony, nabídka start....nic... Zkoušel jsem zapnout "explorer.exe" přes procesy, ale nijak to nepomohlo. Nevíte čím by to mohlo být?
Zkusil jsem se za toho uživatele odhlásit, a napsalo mi to, že to ukončuje program MBAM, který neodpovídá....

Přihlásil jsem se na jiný účet pod uživatele Péťa.... A tady mi vše naběhne v pohodě.... Na svůj účet Paulie ale stále nemohu, nevíte co to mohlo způsobit?

PS: Jak jsem říkal, že jsem se začínal bát, že mi žádný rádce nebyl přidělen, tak jsem samozřejmě bral s nadsázkou trpělivý jsem, že byla neděle jsem si taky uvědomoval a víme že nám pomáháte zdarma a trávíte s námi svůj volný čas, za což jsme vám tady všichni vděční .

EDIT: tak jsem přepnul zpět na uživatele Paulie a už tam ikony naběhly....jenom jsou popřeházený a trvalo to podstatně déle.... Jdu udělat krok který jste mi poradil.
EDIT2: hotovo

[Mc_Murphy]

Takže problém s profilem vyřešen? MBAM odinstalován a Body obnovy smazány a znovu zapnuty?

[Paulie0001]

Takže problém s profilem vyřešen? MBAM odinstalován a Body obnovy smazány a znovu zapnuty?

Myslím že ano.... Byla to nejspíš nějaká dočasná chyba.... Uvidíme, případně později dám vědět.
Body obnovy byly smazány a znovu po restartu PC zapnuty, a odinstaloval jsem i pár her / programů a uvolnil místa na disku, takže posílám z tohoto důvodu nový log z RSIT, jestli se náhodou něco nezměnilo....

A mimochodem.... Na systému C:\ mám vždy několik složek s názvy "1edfffbe63738e82460140aebfc514" apod. Co to je za složky? Mohu je smazat? Nebo to jsou systémové soubory v nich uložené ?

[Mc_Murphy]

=> Nevkládej mi RSIT, když ho nechci.
=> Nedávej do příspěvků zbytečně mé citace, prosím.
=> Nedělej své aktivní kroky mezi tím, co Ti něco píšu, abys udělal, nebo se nikam nepohneme a akorát mě vytočíš.


Stáhni AdwCleaner - http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulož jej nejlépe na Plochu.
• Ukonči všechny programy!!
• Spusť AdwCleaner.
• Klikni na [Delete].
• Proběhne scan a pak se objeví log, který bude případně uložen na systémovém disku jako C:\AdwCleaner [S1].txt - jeho obsah mi sem vlož.

[Paulie0001]

# AdwCleaner v2.113 - Logfile created 03/04/2013 at 21:37:05
# Updated 23/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Paulie - MAFIABOS-XFR275
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Paulie\Plocha\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\DOCUME~1\Paulie\LOCALS~1\Temp\Uninstall.exe
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\boost_interprocess

***** [Registry] *****

Key Deleted : HKCU\Software\UpdateStar
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Google Chrome v25.0.1364.97

File : C:\Documents and Settings\Paulie\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1240 octets] - [04/03/2013 21:37:05]

########## EOF - C:\AdwCleaner[S1].txt - [1300 octets] ##########

[Mc_Murphy]

Stáhni RogueKiller - http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

• Ulož jej nejlépe na Plochu.
• Ukonči všechny programy!
• Spusť RogueKiller.
• Počkej, než program dokončí Prescan.
• Potom klikni na tlačítko [Prohledat] a počkej, až prohlídka proběhne.
• Klikni na tlačítko [Zpráva] - otevře se log, ten mi sem vlož.
• Detailní postup včetně obrázků najdeš zde: http://forum.viry.cz/viewtopic.php?f=24&t=120452

[Paulie0001]

RogueKiller V8.5.2 [Feb 23 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Paulie [Práva správce]
Mód : Kontrola -- Datum : 03/05/2013 00:35:10
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[RUN][BLACKLISTDLL] [ON_E:]HKLM\Software[...]\RunOnce : MSPCLOCK (rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}) -> NALEZENO
[RUN][BLACKLISTDLL] [ON_E:]HKLM\Software[...]\RunOnce : MSPQM (rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}) -> NALEZENO
[RUN][BLACKLISTDLL] [ON_E:]HKLM\Software[...]\RunOnce : MSKSSRV (rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}) -> NALEZENO
[RUN][BLACKLISTDLL] [ON_E:]HKLM\Software[...]\RunOnce : MSTEE.CxTransform (rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},E:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install) -> NALEZENO
[RUN][BLACKLISTDLL] [ON_E:]HKLM\Software[...]\RunOnce : MSTEE.Splitter (rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},E:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install) -> NALEZENO
[RUN][BLACKLISTDLL] [ON_E:]HKLM\Software[...]\RunOnce : WDM_DRMKAUD (rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},E:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤
-> E:\windows\system32\config\SOFTWARE
-> E:\windows\system32\config\SYSTEM
-> E:\Users\Default\NTUSER.DAT
-> E:\Users\Default User\NTUSER.DAT
-> E:\Users\Pavel\NTUSER.DAT
-> E:\Users\UpdatusUser\NTUSER.DAT
-> E:\Documents and Settings\Default\NTUSER.DAT
-> E:\Documents and Settings\Default User\NTUSER.DAT
-> E:\Documents and Settings\Pavel\NTUSER.DAT
-> E:\Documents and Settings\UpdatusUser\NTUSER.DAT

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST3500418AS +++++
--- User ---
[MBR] 4a688eea2c8470b07c4f6f50a0b43c09
[BSP] 83042c0670202aed58ca030c1c4f86e5 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: WDC WD1600AAJS-00B4A0 +++++
--- User ---
[MBR] d2d795933d154d4c0ba96d8114dc687e
[BSP] 48485d6677ec1fe18142d28f86430462 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 152625 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_03052013_02d0035.txt >>
RKreport[1]_S_03052013_02d0035.txt

[Mc_Murphy]

Takže provedeme další opravy.

• Ukonči všechny programy!
• Spusť RogueKiller.
• Počkej, než program dokončí Prescan.
• Zvol možnost [Prohledat] a počkej, až prohlídka proběhne.
• V záložce Registry nech všechny nálezy označeny.
• Klikni na tlačítko [Smazat] a následně na [Zpráva] - otevře se log, ten mi sem vlož.

A nyní mi sem vlož také nový aktuální log ze RSITu, ať se podívám, co se povedlo a co zatím ne.

[Paulie0001]

log z MBAM:

RogueKiller V8.5.2 [Feb 23 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Paulie [Práva správce]
Mód : Odebrat -- Datum : 03/05/2013 13:58:30
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[RUN][BLACKLISTDLL] [ON_E:]HKLM\Software[...]\RunOnce : MSPCLOCK (rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}) -> VYMAZÁNO
[RUN][BLACKLISTDLL] [ON_E:]HKLM\Software[...]\RunOnce : MSPQM (rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}) -> VYMAZÁNO
[RUN][BLACKLISTDLL] [ON_E:]HKLM\Software[...]\RunOnce : MSKSSRV (rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}) -> VYMAZÁNO
[RUN][BLACKLISTDLL] [ON_E:]HKLM\Software[...]\RunOnce : MSTEE.CxTransform (rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},E:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install) -> VYMAZÁNO
[RUN][BLACKLISTDLL] [ON_E:]HKLM\Software[...]\RunOnce : MSTEE.Splitter (rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},E:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install) -> VYMAZÁNO
[RUN][BLACKLISTDLL] [ON_E:]HKLM\Software[...]\RunOnce : WDM_DRMKAUD (rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},E:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install) -> VYMAZÁNO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤
-> E:\windows\system32\config\SOFTWARE
-> E:\windows\system32\config\SYSTEM
-> E:\Users\Default\NTUSER.DAT
-> E:\Users\Default User\NTUSER.DAT
-> E:\Users\Pavel\NTUSER.DAT
-> E:\Users\UpdatusUser\NTUSER.DAT
-> E:\Documents and Settings\Default\NTUSER.DAT
-> E:\Documents and Settings\Default User\NTUSER.DAT
-> E:\Documents and Settings\Pavel\NTUSER.DAT
-> E:\Documents and Settings\UpdatusUser\NTUSER.DAT

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST3500418AS +++++
--- User ---
[MBR] 4a688eea2c8470b07c4f6f50a0b43c09
[BSP] 83042c0670202aed58ca030c1c4f86e5 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: WDC WD1600AAJS-00B4A0 +++++
--- User ---
[MBR] d2d795933d154d4c0ba96d8114dc687e
[BSP] 48485d6677ec1fe18142d28f86430462 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 152625 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[2]_D_03052013_02d1358.txt >>
RKreport[1]_S_03052013_02d0035.txt ; RKreport[2]_D_03052013_02d1358.txt


Log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Paulie at 2013-03-05 14:00:24
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 322 GB (67%) free of 477 GB
Total RAM: 3325 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:00:28, on 5.3.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Programy\PowerISO\PWRISOVM.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Programy\uTorrent\uTorrent.exe
C:\Program Files\OSCAR Editor X7\OscarEditor.exe
C:\WINDOWS\system32\CNAB4RPK.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Paulie\Plocha\RSIT.exe
C:\Program Files\trend micro\Paulie.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Programy\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Programy\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files\OSCAR Editor X7\OscarEditor.exe" Minimum
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\WINDOWS\system32\AppleChargerSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Programy\Tunngle\TnglCtrl.exe
O23 - Service: webcamXP Service (wxpSvc) - Moonware Studios - C:\Programy\webcamXP 5\wService.exe

--
End of file - 6157 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA}]
C:\Program Files\PicLensIE\cooliris.dll [2010-02-25 4655064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2011-10-14 20064872]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-05-15 15504192]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2012-05-15 108352]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2012-05-15 1634112]
"PWRISOVM.EXE"=C:\Programy\PowerISO\PWRISOVM.EXE [2012-08-24 336992]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"uTorrent"=C:\Programy\uTorrent\uTorrent.exe [2012-12-25 969104]
"Steam"=C:\Program Files\Steam\steam.exe [2013-02-25 1602984]
"OscarEditor"=C:\Program Files\OSCAR Editor X7\OscarEditor.exe [2012-03-20 3340288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2013-01-08 18705664]

C:\Documents and Settings\Paulie\Nabídka Start\Programy\Po spuštění
hamachi.lnk - C:\Program Files\Hamachi\hamachi.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-04-19 52224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programy\uTorrent\uTorrent.exe"="C:\Programy\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Programy\Tunngle\TnglCtrl.exe"="C:\Programy\Tunngle\TnglCtrl.exe:*:Enabled:Tunngle Service"
"C:\Programy\Tunngle\Tunngle.exe"="C:\Programy\Tunngle\Tunngle.exe:*:Enabled:Tunngle Client"
"C:\Hry\Wolfenstein ET\ET.exe"="C:\Hry\Wolfenstein ET\ET.exe:*:Enabled:ET"
"C:\Hry\IPCurve\ipcurve.exe"="C:\Hry\IPCurve\ipcurve.exe:*:Enabled:ipcurve"
"C:\WINDOWS\system32\CNAB4RPK.EXE"="C:\WINDOWS\system32\CNAB4RPK.EXE:*:Enabled:Canon LBP2900 RPC Server Process"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Hry\Portal 2\portal2.exe"="C:\Hry\Portal 2\portal2.exe:*:Enabled:portal2"
"C:\Wotlk\World of Warcraft 3.3.5a (no install)\WoW-x.x.x.x-4.0.0.12911-Downloader.exe"="C:\Wotlk\World of Warcraft 3.3.5a (no install)\WoW-x.x.x.x-4.0.0.12911-Downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Wotlk\World of Warcraft 3.3.5a (no install)\Launcher.exe"="C:\Wotlk\World of Warcraft 3.3.5a (no install)\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Wotlk\World of Warcraft 3.3.5a (no install)\Launcher.patch.exe"="C:\Wotlk\World of Warcraft 3.3.5a (no install)\Launcher.patch.exe:*:Enabled:Blizzard Launcher"
"C:\WoW\World of Warcraft - 3.3.5a (12340) - enUS (No Install)\WoW-x.x.x.x-4.0.0.12911-Downloader.exe"="C:\WoW\World of Warcraft - 3.3.5a (12340) - enUS (No Install)\WoW-x.x.x.x-4.0.0.12911-Downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Programy\QIP\qip.exe"="C:\Programy\QIP\qip.exe:*:Enabled:QIP 2012"
"C:\Hry\Counter strike 1.6\hl.exe"="C:\Hry\Counter strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Hry\Counter-Strike 1.6 Standalone\launcher.exe"="C:\Hry\Counter-Strike 1.6 Standalone\launcher.exe:*:Enabled:Creted by Martin.cz"
"C:\Programy\webcamXP 5\wLite.exe"="C:\Programy\webcamXP 5\wLite.exe:*:Enabled:webcamXP"
"C:\Programy\webcamXP 5\wService.exe"="C:\Programy\webcamXP 5\wService.exe:*:Enabled:webcamXP Service"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Hry\DMC Devi May Cry\Binaries\Win32\DMC-DevilMayCry.exe"="C:\Hry\DMC Devi May Cry\Binaries\Win32\DMC-DevilMayCry.exe:*:Enabled:DMC-DevilMayCry"
"E:\Resident Evil\RE5DX9.EXE"="E:\Resident Evil\RE5DX9.EXE:*:Enabled:RESIDENT EVIL 5 (DX9)"
"E:\Resident Evil\RE5DX10.EXE"="E:\Resident Evil\RE5DX10.EXE:*:Enabled:RESIDENT EVIL 5 (DX10)"
"E:\Diablo\Diablo.exe"="E:\Diablo\Diablo.exe:*:Enabled:Diablo"
"E:\Diablo\hellfire\SIERRA\HELLFIRE\hellfire.exe"="E:\Diablo\hellfire\SIERRA\HELLFIRE\hellfire.exe:*:Enabled:Hellfire"
"C:\Program Files\Steam\steamapps\common\dota 2 beta\dota.exe"="C:\Program Files\Steam\steamapps\common\dota 2 beta\dota.exe:*:Enabled:Dota 2"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======List of files/folders created in the last 1 month======

2013-03-04 21:37:05 ----A---- C:\AdwCleaner[S1].txt
2013-03-04 21:02:18 ----D---- C:\rsit
2013-03-04 14:31:42 ----D---- C:\Documents and Settings\Paulie\Data aplikací\Malwarebytes
2013-03-04 14:31:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-03-03 09:42:58 ----D---- C:\Program Files\trend micro
2013-03-02 10:50:18 ----D---- C:\Documents and Settings\Paulie\Data aplikací\Doublefine
2013-03-01 18:18:49 ----D---- C:\Documents and Settings\Paulie\Data aplikací\Hamachi
2013-03-01 18:18:28 ----A---- C:\WINDOWS\system32\drivers\hamachi.sys
2013-03-01 18:18:27 ----D---- C:\Program Files\Hamachi
2013-02-28 17:21:52 ----A---- C:\diablo.txt
2013-02-28 16:37:36 ----D---- C:\Program Files\Sierra On-Line
2013-02-28 16:36:50 ----A---- C:\WINDOWS\SIERRA.INI
2013-02-28 16:36:21 ----A---- C:\WINDOWS\DiabUnin.pif
2013-02-28 16:36:20 ----A---- C:\WINDOWS\DiabUnin.exe
2013-02-28 16:36:18 ----A---- C:\WINDOWS\DiabUnin.dat
2013-02-26 19:43:33 ----A---- C:\Zástupce - Advanced Camera.lnk
2013-02-25 17:29:45 ----D---- C:\WINDOWS\system32\xlive
2013-02-25 17:29:44 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2013-02-23 17:38:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Boss Media
2013-02-16 21:08:03 ----D---- C:\WINDOWS\Minidump
2013-02-15 02:14:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2778344$
2013-02-15 02:14:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2799494$
2013-02-15 02:14:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2802968$
2013-02-15 02:14:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2780091$
2013-02-13 21:07:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Orbit
2013-02-13 19:43:21 ----D---- C:\5191a2e1d40e4d83509e
2013-02-12 00:27:52 ----A---- C:\STF438.tmp
2013-02-12 00:17:57 ----A---- C:\STF42F.tmp
2013-02-12 00:08:56 ----A---- C:\STF426.tmp
2013-02-11 23:55:59 ----A---- C:\STF41C.tmp
2013-02-11 23:42:50 ----A---- C:\STF414.tmp
2013-02-11 23:40:23 ----A---- C:\STF40E.tmp
2013-02-11 18:56:15 ----A---- C:\STF318.tmp
2013-02-11 18:41:29 ----A---- C:\STF30E.tmp
2013-02-11 18:29:07 ----A---- C:\STF309.tmp
2013-02-11 18:20:28 ----A---- C:\STF300.tmp
2013-02-11 18:09:21 ----A---- C:\STF2F8.tmp
2013-02-11 17:58:23 ----A---- C:\STF2F0.tmp
2013-02-11 17:46:58 ----A---- C:\STF2E6.tmp
2013-02-11 17:31:56 ----A---- C:\STF2C1.tmp
2013-02-11 17:22:08 ----A---- C:\STF2BD.tmp
2013-02-11 17:21:43 ----A---- C:\STF2BC.tmp
2013-02-11 17:10:02 ----A---- C:\STF2A7.tmp
2013-02-11 16:56:47 ----A---- C:\STF293.tmp
2013-02-11 16:51:42 ----A---- C:\STF28D.tmp
2013-02-10 17:58:32 ----A---- C:\STF443.tmp
2013-02-07 17:34:40 ----D---- C:\Program Files\OSCAR Editor X7
2013-02-07 17:34:12 ----D---- C:\Program Files\OscarEditor

======List of files/folders modified in the last 1 month======

2013-03-05 14:00:18 ----D---- C:\WINDOWS\system32\drivers
2013-03-05 14:00:00 ----D---- C:\Documents and Settings\Paulie\Data aplikací\uTorrent
2013-03-05 13:54:00 ----D---- C:\WINDOWS\Temp
2013-03-05 06:31:39 ----D---- C:\WINDOWS\Prefetch
2013-03-05 00:34:02 ----D---- C:\Program Files\Steam
2013-03-05 00:33:29 ----D---- C:\Documents and Settings\Paulie\Data aplikací\TS3Client
2013-03-04 21:41:24 ----D---- C:\WINDOWS\system32\CatRoot2
2013-03-04 21:40:11 ----D---- C:\WINDOWS
2013-03-04 21:38:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-03-04 20:57:43 ----D---- C:\Hry
2013-03-04 20:55:54 ----D---- C:\INSTALACE HER
2013-03-04 20:53:42 ----SHD---- C:\WINDOWS\Installer
2013-03-04 20:53:42 ----D---- C:\Documents and Settings
2013-03-04 20:51:41 ----RD---- C:\Program Files
2013-03-04 20:51:13 ----D---- C:\WINDOWS\system32
2013-03-04 20:51:12 ----HD---- C:\Program Files\InstallShield Installation Information
2013-03-04 20:50:19 ----D---- C:\WINDOWS\Logs
2013-03-04 20:50:19 ----D---- C:\WINDOWS\Debug
2013-03-04 20:38:47 ----D---- C:\Programy
2013-03-04 20:38:47 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2013-03-04 20:35:06 ----D---- C:\WINDOWS\system32\Restore
2013-03-04 20:33:44 ----D---- C:\Documents and Settings\Paulie\Data aplikací\Skype
2013-03-04 18:51:00 ----D---- C:\WINDOWS\Help
2013-03-01 18:20:12 ----D---- C:\Documents and Settings\Paulie\Data aplikací\Tunngle
2013-03-01 18:18:32 ----HD---- C:\WINDOWS\inf
2013-03-01 11:54:44 ----D---- C:\WINDOWS\system
2013-02-27 23:50:39 ----D---- C:\Documents and Settings\Paulie\Data aplikací\vlc
2013-02-27 18:32:47 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-02-25 17:35:29 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-02-25 17:31:23 ----D---- C:\WINDOWS\system32\DirectX
2013-02-25 17:30:53 ----RSD---- C:\WINDOWS\assembly
2013-02-15 02:15:07 ----A---- C:\WINDOWS\system32\MRT.exe
2013-02-15 02:14:58 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-02-15 02:14:55 ----D---- C:\WINDOWS\ie8updates
2013-02-15 02:14:53 ----HD---- C:\WINDOWS\$hf_mig$
2013-02-15 02:14:53 ----D---- C:\WINDOWS\Microsoft.NET
2013-02-15 02:14:19 ----D---- C:\Program Files\Internet Explorer
2013-02-15 02:12:14 ----D---- C:\WINDOWS\WinSxS
2013-02-15 02:12:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-02-13 19:45:24 ----D---- C:\WINDOWS\system32\CatRoot
2013-02-13 19:43:57 ----D---- C:\WINDOWS\system32\XPSViewer
2013-02-13 19:43:56 ----RSD---- C:\WINDOWS\Fonts
2013-02-07 01:25:06 ----D---- C:\WINDOWS\system32\en-US
2013-02-07 01:24:58 ----D---- C:\Program Files\Microsoft.NET

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-10-30 25256]
R1 AppleCharger;AppleCharger; C:\WINDOWS\system32\DRIVERS\AppleCharger.sys [2011-11-02 19056]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-10-30 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2012-08-24 113104]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-10-30 97608]
R2 RtNdPt5x;Realtek NDIS Protocol Driver; C:\WINDOWS\System32\DRIVERS\RtNdPt5x.sys [2011-06-15 27424]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\WINDOWS\System32\Drivers\EtronHub3.sys [2011-07-29 44928]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\WINDOWS\System32\Drivers\EtronXHCI.sys [2011-07-29 64256]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2013-03-01 25280]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2011-10-18 6439528]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-05-15 14014656]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2012-04-18 123840]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2011-12-08 327400]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 RTLTEAMING;Realtek Intermediate Driver for Ethernet Extended Features; C:\WINDOWS\System32\DRIVERS\RTLTEAMING.SYS [2011-06-15 34208]
S3 RTLVLAN;Realtek VLAN Intermediate Driver; C:\WINDOWS\System32\DRIVERS\RTLVLAN.SYS [2011-06-15 17664]
S3 RTLVLANMP;Realtek Virtual Adapter; C:\WINDOWS\System32\DRIVERS\RTLVLAN.SYS [2011-06-15 17664]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-04-11 82944]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-04-11 87808]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-05-15 164160]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-27 251248]
S3 AppleChargerSrv;AppleChargerSrv; C:\WINDOWS\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2013-02-25 543144]
S3 TunngleService;TunngleService; C:\Programy\Tunngle\TnglCtrl.exe [2012-11-26 745368]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-04-19 823808]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 wxpSvc;webcamXP Service; C:\Programy\webcamXP 5\wService.exe [2012-03-26 5404472]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Mc_Murphy]

Stáhni utilitu OTM z jednoho z těchto odkazů:

• http://oldtimer.geekstogo.com/OTM.exe
• http://oldtimer.geekstogo.com/OTM.com
• http://oldtimer.geekstogo.com/OTM.scr

Ulož ji na Plochu a dvojklikem spusť.

Bude-li Avast křičet, že to chce otevřít v Sandboxu, nedovol to! Vyber možnost Otevřít normálně!

Do levého okna Paste Instructions for Items to be Moved zkopíruj tento script (pouze zelená písmenka v bílém poli, včetně té dvojtečky před Commands!):

Kód: Vybrat vše

:Commands
[ClearAllRestorePoints]
[ResetHosts]
[Purity]
[EmptyTemp]
[EmptyFlash]

:Services
AdobeFlashPlayerUpdateSvc
gupdate
gupdatem
SkypeUpdate

:Files
C:\Documents and Settings\Paulie\Data aplikací\Malwarebytes
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\STF*.tmp
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\Documents and Settings\Paulie\Nabídka Start\Programy\Po spuštění\hamachi.lnk
C:\AdwCleaner[S1].txt

:Reg
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=-
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=-
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=-
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=-
"nwiz"=-
"Adobe ARM"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=-
"uTorrent"=-
"Steam"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

Nyní klikni na tlačítko [MoveIt!], čímž vše spustíš.
Po restartu mi sem hoď log, který najdeš v C:\_OTM\MovedFiles\