VIRY.CZ

Dobrý den,
dostal jsem do ruky domácí notebook s tím, že ta věc skoro nefunguje a dělá si co chce. To potvrzuji, nakonec jsem to spustil v nouzovém režimu a poté RSIT a dovoluji si poprosit o radu, jak s tím dál.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2013-05-28 15:34:52
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 13 GB (35%) free of 36 GB
Total RAM: 502 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:34:57, on 28.5.2013
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\prac\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://global.acer.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.exterminate-it.com/thank-you-u/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\tbu2\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: &Crawler Toolbar Helper - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\tbu2\toolbaru.dll
O3 - Toolbar: &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE PLEOMAX Web Camera
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [InboxToolbar] "C:\PROGRA~1\INBOXT~1\Inbox.exe" /STARTUP
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O16 - DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} (CryptSignX Control) - http://adisepo.mfcr.cz/adistc/adis/idpr ... tsignx.cab
O18 - Protocol: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Firebird Guardian Service (InterBaseGuardian) - FirebirdSQL Project - C:\Program Files\Borland\InterBase\bin\ibguard.exe
O23 - Service: Firebird Server (InterBaseServer) - FirebirdSQL Project - C:\Program Files\Borland\InterBase\bin\ibserver.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NEXZJAT - Sysinternals - www.sysinternals.com - C:\DOCUME~1\Acer\LOCALS~1\Temp\NEXZJAT.exe

--
End of file - 7392 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\Program Files\ICQToolbar\tbu2\toolbaru.dll [2006-12-17 701952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-05-15 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
&Crawler Toolbar Helper - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2012-07-03 1219864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2013-01-15 330160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05-16 1164680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Inbox Toolbar - C:\PROGRA~1\INBOXT~1\Inbox.dll [2013-04-12 1046152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-01-15 59824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2013-01-15 80304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQ Toolbar - C:\Program Files\ICQToolbar\tbu2\toolbaru.dll [2006-12-17 701952]
{D7E97865-918F-41E4-9CD0-25AB1C574CE8} - &Inbox Toolbar - C:\PROGRA~1\INBOXT~1\Inbox.dll [2013-04-12 1046152]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler Toolbar - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2012-07-03 1219864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"preload"=C:\Windows\RUNXMLPL.exe [2005-05-19 32768]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2005-01-23 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-01-23 126976]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-02-04 102490]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-02-04 708698]
"EPM-DM"=c:\acer\epm\epm-dm.exe [2005-06-01 192512]
"ePowerManagement"=C:\Acer\ePM\ePM.exe [2005-03-15 2893824]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PCMService"=C:\Program Files\Arcade\PCMService.exe [2005-03-09 49152]
"LaunchAp"=C:\Program Files\Launch Manager\LaunchAp.exe [2005-07-25 32768]
"PowerKey"=C:\Program Files\Launch Manager\PowerKey.exe [2002-08-30 94208]
"LManager"=C:\Program Files\Launch Manager\HotkeyApp.exe [2005-06-06 69632]
"CtrlVol"=C:\Program Files\Launch Manager\CtrlVol.exe [2003-09-16 20480]
"LMgrOSD"=C:\Program Files\Launch Manager\OSDCtrl.exe [2005-07-25 241664]
"Wbutton"=C:\Program Files\Launch Manager\Wbutton.exe [2005-07-25 81920]
"eRecoveryService"=C:\Program Files\Acer\eRecovery\Monitor.exe [2005-06-29 352256]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"BigDogPath"=C:\WINDOWS\VM_STI.EXE [2004-03-30 40960]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-09-07 2838912]
"Family Tree Builder Update"=C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2011-07-18 225280]
"InboxToolbar"=C:\PROGRA~1\INBOXT~1\Inbox.exe [2013-04-12 1713288]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2005-01-23 348160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQLite\ICQLite.exe"="C:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-05-28 15:34:52 ----D---- C:\rsit
2013-05-28 15:33:57 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
2013-05-28 15:33:38 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Adobe
2013-05-23 20:45:30 ----SHD---- C:\FOUND.057
2013-04-30 10:40:22 ----SHD---- C:\FOUND.056

======List of files/folders modified in the last 1 month======

2013-05-28 15:33:00 ----A---- C:\WINDOWS\ntbtlog.txt
2013-05-28 15:32:50 ----A---- C:\WINDOWS\system32\PARTIZAN.TXT
2013-05-28 15:25:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-05-28 15:25:36 ----A---- C:\WINDOWS\ModemLog_SoftV90 Data Fax Modem with SmartCP.txt
2013-05-28 15:11:08 ----N---- C:\WINDOWS\system32\eRLog.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2004-08-03 42368]
R0 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2004-08-03 44928]
R0 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2004-08-03 42752]
R0 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2004-08-03 43008]
R0 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2004-08-03 46464]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-18 61056]
R0 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2004-08-03 41088]
R0 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R0 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2004-08-03 42240]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-01-10 449888]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-05-10 6144]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-12-02 70912]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-02-04 193216]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S0 ogdsiwkv;ogdsiwkv; C:\WINDOWS\system32\drivers\ooasywux.sys []
S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-09-07 28880]
S1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584]
S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672]
S1 Hotkey;Hotkey; C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 9867]
S1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-18 39936]
S1 mailKmd;mailKmd; C:\WINDOWS\system32\drivers\mailKmd.sys []
S1 Wbutton;Wbutton; C:\WINDOWS\system32\drivers\Wbutton.sys []
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2003-07-17 46167]
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
S2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-09-07 100176]
S2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
S2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
S2 int15.sys;int15.sys; \??\C:\Program Files\Acer\eRecovery\int15.sys []
S2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
S2 osaio;osaio; \??\C:\WINDOWS\system32\drivers\osaio.sys []
S2 osanbm;osanbm; \??\C:\WINDOWS\system32\drivers\osanbm.sys []
S3 {DEF85C80-216A-43ab-AF70-1665EDBE2780};{DEF85C80-216A-43ab-AF70-1665EDBE2780}; \??\C:\WINDOWS\TEMP\21.tmp []
S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2003-03-27 127145]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-04-19 2317504]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-18 60800]
S3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-12-15 1038208]
S3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-12-15 207232]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2007-03-08 88960]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-01-23 804317]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-18 61824]
S3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2004-08-03 28672]
S3 Partizan;Partizan; C:\WINDOWS\system32\drivers\Partizan.sys [2008-06-05 30946]
S3 POWERKEY;POWERKEY; \??\C:\Program Files\Launch Manager\POWERKEY.sys []
S3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
S3 rkhdrv40;Rootkit Unhooker Driver; C:\WINDOWS\system32\drivers\rkhdrv40.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-18 26496]
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-12-15 703232]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 ZSMC302;PLEOMAX Web Camera; C:\WINDOWS\System32\Drivers\usbvm302.sys [2004-03-30 90214]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2005-06-06 1273344]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-18 268288]
S2 InterBaseGuardian;Firebird Guardian Service; C:\Program Files\Borland\InterBase\bin\ibguard.exe [2002-12-12 32768]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2013-01-15 154032]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 InterBaseServer;Firebird Server; C:\Program Files\Borland\InterBase\bin\ibserver.exe [2002-12-12 1748992]
S3 NEXZJAT;NEXZJAT; C:\DOCUME~1\Acer\LOCALS~1\Temp\NEXZJAT.exe [2008-04-30 461696]

-----------------EOF-----------------

Zdravím,

Stáhni AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Ulož nejlépe na plochu -> ukonči všechny programy -> spusť AdwCleaner -> klikni na Vymazat
bude provedena oprava, restartuje se a vypadne log (C:\AdwCleaner [S?].txt) , jeho obsah vložíš sem

Ještě se podíváme jak je na tom HDD
Sáhni http://www.studna.cz/crystaldiskinfo-p-11601.html
rozbal do nové složky a spusť DiskInfo.exe
pak Ctrl+C a do své odpovědi zde Ctrl+V

Log z Advcleaner:
# AdwCleaner v2.301 - Log vytvooen 28/05/2013 v 16:35:19
# Aktualizováno 16/05/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 2 (32 bits)
# Uživatel : Administrator - ACER-1F5ADAF30F
# Spuštin systém : Nouzový režim s prací v síti
# Spuštino z : C:\prac\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Vymazáno : C:\Documents and Settings\Acer\Data aplikací\Inbox Toolbar
Složka Vymazáno : C:\Documents and Settings\Acer\Data aplikací\ShoppingReport
Složka Vymazáno : C:\Documents and Settings\All Users\Nabídka Start\Programy\Inbox Toolbar
Složka Vymazáno : C:\Program Files\AskSearch
Složka Vymazáno : C:\Program Files\Crawler
Složka Vymazáno : C:\Program Files\Inbox Toolbar
Složka Vymazáno : C:\Program Files\ShoppingReport
Složka Vymazáno : C:\WINDOWS\Installer\{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}
Soubor Vymazáno : C:\Program Files\Mozilla FireFox\Components\AskSearch.js

***** [Registry] *****

Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [InboxToolbar]
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{0702A2B6-13AA-4090-9E01-BCDC85DD933F}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{1DDA201E-5B42-4352-933E-21A92B297E3B}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{20EA9658-6BC3-4599-A87D-6371FE9295FC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{4D25FB7A-8902-4291-960E-9ADA051CFBBF}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{622FD888-4E91-4D68-84D4-7262FD0811BF}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{A16AD1E9-F69A-45AF-9462-B1C286708842}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{C94E154B-1459-4A47-966B-4B843BEFC7DB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{C9CCBB35-D123-4A31-AFFC-9B2933132116}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ctbcommon.Buttons
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ctbr.R404Pro
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CToolbar.TB4Client
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CToolbar.TB4Script
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CToolbar.TB4Server
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\inbox
Klíe Vymazáno : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\tbr
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ShoppingReport.HbAx
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ShoppingReport.HbAx.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ShoppingReport.HbInfoBand
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ShoppingReport.HbInfoBand.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ShoppingReport.IEButton
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ShoppingReport.IEButton.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ShoppingReport.IEButtonA
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ShoppingReport.IEButtonA.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ShoppingReport.RprtCtrl
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ShoppingReport.RprtCtrl.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ToolBand.XTTBPos00
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ToolBand.XTTBPos00.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{E343EDFC-1E6C-4CB5-AA29-E9C922641C80}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{E79BB61D-7F1A-41DF-8AD0-402795E3B566}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\XTTB00001.IEToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\XTTB00001.IEToolbar.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\XTTB00001.XTTB00001
Klíe Vymazáno : HKLM\SOFTWARE\Classes\XTTB00001.XTTB00001.1
Klíe Vymazáno : HKLM\Software\CToolbar
Klíe Vymazáno : HKLM\Software\Inbox Toolbar
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\CToolbar_UNINSTALL
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ShoppingReport
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\Crawler
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CToolbar_UNINSTALL
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\XTTB00001.XTTB00001Toolbar
Klíe Vymazáno : HKLM\Software\ShoppingReport

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry jsou eisté.

*************************

AdwCleaner[R1].txt - [9156 octets] - [28/05/2013 16:33:53]
AdwCleaner[S1].txt - [9085 octets] - [28/05/2013 16:35:19]

########## EOF - C:\AdwCleaner[S1].txt - [9145 octets] ##########

Log z Crystaldisk
----------------------------------------------------------------------------
CrystalDiskInfo 5.6.2 (C) 2008-2013 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Home Edition SP2 [5.1 Build 2600] (x86)
Date : 2013/05/28 16:45:33

-- Controller Map ----------------------------------------------------------
+ Intel(R) 82801FB/FBM Ultra ATA Storage Controllers - 266F [ATA]
+ Primární kanál IDE (0)
- PHILIPS DVD+-RW SDVD8441
- ST980829A

-- Disk List ---------------------------------------------------------------
(1) ST980829A : 80,0 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST980829A
----------------------------------------------------------------------------
Model : ST980829A
Firmware : 3.04
Serial Number : 3PK02WA7
Disk Size : 80,0 GB (8,4/80,0/80,0/80,0)
Buffer Size : 8192 KB
Queue Depth : 1
# of Sectors : 156301488
Rotation Rate : Neznámy údaj
Interface : Parallel ATA
Major Version : ATA/ATAPI-6
Minor Version : ATA/ATAPI-6 T13 1410D version 2
Transfer Mode : Ultra DMA/100
Power On Hours : 7824 hod.
Power On Count : 6243 krát
Temparature : 40 C (104 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, 48bit LBA
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 253 __6 000000000000 Počet chyb čtení
03 _95 _94 __0 000000000000 Čas na roztočení ploten
04 _94 _94 _20 000000001854 Počet spuštění/zastavení
05 _98 _98 _36 000000000070 Počet přemapovaných sektorů
07 _81 _60 _30 0000092050C2 Počet chybných hledání
09 _92 _92 __0 000000001E90 Hodin v činnosti
0A 100 100 _34 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _94 _94 _20 000000001863 Počet cyklů zapnutí zařízení
BB __1 __1 __0 00000000BE38 Ohlášeno neopravitelných chyb
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _60 _49 _45 024228270028 Teplota toku vzduchu
C0 100 100 __0 0000000000F3 Počet vypnutí disku
C1 __1 __1 __0 000000090189 Počet cyklů načítání/vymazání
C2 _40 _51 __0 000200000028 Teplota
C3 _61 _51 __0 000000D94942 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
CA 100 253 __0 000000000000 Počet chyb při směrování údajů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 3350 4B30 3257 4137
020: 0000 4000 0004 332E 3034 2020 2020 5354 3938 3038
030: 3239 4120 2020 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: F8B0 0950 0000 0007 0003 0078 0078 00F0 0078 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 007E 001B 346B 7D09 6003 3469 3C09 6003 203F 0000
090: 0000 8080 FFFE 607D FE00 0000 0000 0000 0000 0000
100: F8B0 0950 0000 0000 0000 0000 4000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0100 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 F8B0
130: 0950 F8B0 0950 2020 0002 82B6 0000 008A 3C06 3C06
140: FFFF 07C6 0100 0800 0F0F 1800 0002 0080 4004 4000
150: 60A0 0000 0000 0000 0000 0000 0000 0000 0600 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0001 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 AFA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 64 FD 00 00 00 00 00 00 00 03 03
010: 00 5F 5E 00 00 00 00 00 00 00 04 32 00 5E 5E 54
020: 18 00 00 00 00 00 05 33 00 62 62 70 00 00 00 00
030: 00 00 07 0F 00 51 3C C2 50 20 09 00 00 00 09 32
040: 00 5C 5C 90 1E 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 5E 5E 63 18 00 00 00
060: 00 00 BB 32 00 01 01 38 BE 00 00 00 00 00 BD 3A
070: 00 64 64 00 00 00 00 00 00 00 BE 22 00 3C 31 28
080: 00 27 28 42 02 00 C0 32 00 64 64 F3 00 00 00 00
090: 00 00 C1 32 00 01 01 89 01 09 00 00 00 00 C2 22
0A0: 00 28 33 28 00 00 00 02 00 00 C3 1A 00 3D 33 42
0B0: 49 D9 00 00 00 00 C5 12 00 64 64 00 00 00 00 00
0C0: 00 00 C6 10 00 64 64 00 00 00 00 00 00 00 C7 3E
0D0: 00 C8 C8 00 00 00 00 00 00 00 C8 00 00 64 FD 00
0E0: 00 00 00 00 00 00 CA 32 00 64 FD 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 AA 01 00 5B
170: 03 00 01 00 01 54 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 04 04 06 05 06 06 05 06 06 00
190: 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00
1A0: 00 00 CC 0B B8 29 18 05 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 02 00 01 00 00 00 00 00 00 00 DD 51 4E 23 01 00
1D0: 00 00 16 48 05 00 00 00 00 00 00 00 00 00 00 00
1E0: 65 A6 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 D4

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 22 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 BB 00 00 00 00 00 00 00 00 00 00 00 BD 00
070: 00 00 00 00 00 00 00 00 00 00 BE 2D 00 00 00 00
080: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
090: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C3 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 C8 00 00 00 00 00
0E0: 00 00 00 00 00 00 CA 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 E4

Než budeme pokračovat tak se pokusíme něco udělat s těmi chybami disku

Start - Spustit - napiš cmd Ok
do černého okna napiš příkaz chkdsk /f/r -> "Enter"
souhlas - restart - proběhne kontrola a případná oprava chyb HDD.

Po restartu
Stáhni a nainstaluj MBAM zde http://www.malwarebytes.org/products/malwarebytes_free/
Spustit -> na 3.záložce "Aktualizace" -> Kontrola aktualizací
následně na 1.záložce "Kontrolor" -> Rychlá kontrola -> Prohledat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení

Byla to bitva, ta věc se každou chvíli náhle vypla, reálně lze něco spustit jen v nouzovém režimu.¨
Log z Mbam:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.05.28.06

Windows XP Service Pack 2 x86 FAT32 (Nouzový režim s podporou sítě)
Internet Explorer 8.0.6001.18702
Acer :: ACER-1F5ADAF30F [administrátor]

Ochrana: Zakázána

28.5.2013 21:22:27
MBAM-log-2013-05-28 (21-39-14).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 246303
Uplynulý čas: 6 minut, 41 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 6
HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} (Rogue.WinAntiVirus) -> Nebyla provedena žádná instrukce.
HKLM\System\CurrentControlSet\Services\{DEF85C80-216A-43ab-AF70-1665EDBE2780} (Backdoor.Sinowal) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

MBAM spustit znovu - Kontrolor -> dát Úplná kontrola
po ukončení -> Zobrazit výsledky -> zkontrolovat zda je vše označeno -> Odstranit označené
vyběhne log, ve kterém budou záznamy tohoto typu:
Nalezené soubory
C:\Program Files\xxxxxx -> Umístnění do karantény a smazání se zdařilo..(Quarantined and deleted successfully)
ten bych taky rád viděl

Ale obávám se, že se tam jedná i o HW problém - uvidíme

Log po kompletním testu:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.05.28.06

Windows XP Service Pack 2 x86 FAT32 (Nouzový režim s podporou sítě)
Internet Explorer 8.0.6001.18702
Acer :: ACER-1F5ADAF30F [administrátor]

Ochrana: Zakázána

28.5.2013 22:14:22
mbam-log-2013-05-28 (22-14-22).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 350933
Uplynulý čas: 33 minut, 37 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 6
HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} (Rogue.WinAntiVirus) -> Přesun do karantény a smazání se zdařilo.
HKLM\System\CurrentControlSet\Services\{DEF85C80-216A-43ab-AF70-1665EDBE2780} (Backdoor.Sinowal) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> Přesun do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 3
C:\Program Files\Trend Micro\HijackThis\backups\backup-20100708-173155-632.dll (Adware.Shopper) -> Přesun do karantény a smazání se zdařilo.
C:\System Volume Information\_restore{3DEE47E7-7957-4548-84D4-67319AC0FA06}\RP708\A0358899.exe (Adware.Shopper) -> Přesun do karantény a smazání se zdařilo.
C:\System Volume Information\_restore{3DEE47E7-7957-4548-84D4-67319AC0FA06}\RP708\A0358900.dll (Adware.Shopper) -> Přesun do karantény a smazání se zdařilo.

(konec)

Jak vypadá to vypínání v normálním režimu? restartuje nebo jenom vypne? žádná hláška?
V nouzovém to nedělá?

Doinstaluj SP3 - http://windows.microsoft.com/cs-CZ/wind ... pack-3-sp3

Vypadá hodně dobře, skoro jako normální notebook. Do normálního režimu startuje svižně a svižně se v něm pohybuje (na jeho věk), samovolné vypnutí ani jedno, restarty i vypnutí a zapnutí v pořádku. Neběžel Avast Free, jen se spustil a psal hlášku, že je zastavený, abych ho tlačítkem spustil. To nepomáhalo, tak odinstalace a čistá instalace, teď je v pořádku.
Ve věci SP3 jsem byl trochu iniciativní, z radosti, jak pěkně to běží jsem to ještě v noci stáhl a nainstaloval, vše OK.
Nedokážu ho ale zbavit hlášky "Systém Windows může být ohrožen, nejsou zapnuté automatické aktualizace". Ty ale zapnuté jsou. Odmítá se se mnou bavit i o aktualizacích z webu Windows update, ať zvolím expresní či vlastní, okamžitě skončí a nabídne jen hledání ve FAQ + pár dalších pomocných odkazů. A ještě jedna věc mě tam zaráží: při startu, mezi obrazovkou Windows XP a Vítejte problikne obrazovka s nápisem "RegRun Partizan - Bootwatch AntiRootkit. Greatis Software (c) 2007". Ta je hodně rychlám musel jsem na ní s foťákem.

Zkus mi dát RSIT v normálním režimu

Tady je:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Acer at 2013-05-29 07:44:00
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 12 GB (32%) free of 36 GB
Total RAM: 502 MB (19% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:44:20, on 29.5.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\Arcade\PCMService.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\PowerKey.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Borland\InterBase\bin\ibguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Borland\InterBase\bin\ibserver.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\prac\RSIT.exe
C:\Program Files\trend micro\Acer.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.quick.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE PLEOMAX Web Camera
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [HuaWeiEVDO.exe] "C:\Program Files\Huawei technologies\EC500 Mobile Connect\HuaWeiEVDO.exe"
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [GameXN GO] "C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe" /startup
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Registration Heroes of Might & Magic 5.LNK = C:\Program Files\Ubisoft\Heroes of Might and Magic V\registration\RegistrationReminder.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9779513703
O16 - DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} (CryptSignX Control) - http://adisepo.mfcr.cz/adistc/adis/idpr ... tsignx.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Firebird Guardian Service (InterBaseGuardian) - FirebirdSQL Project - C:\Program Files\Borland\InterBase\bin\ibguard.exe
O23 - Service: Firebird Server (InterBaseServer) - FirebirdSQL Project - C:\Program Files\Borland\InterBase\bin\ibserver.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NEXZJAT - Sysinternals - www.sysinternals.com - C:\DOCUME~1\Acer\LOCALS~1\Temp\NEXZJAT.exe

--
End of file - 8938 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-05-15 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2013-01-15 330160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05-16 1164680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-01-15 59824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2013-01-15 80304]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"preload"=C:\Windows\RUNXMLPL.exe [2005-05-19 32768]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2005-01-23 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-01-23 126976]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-02-04 102490]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-02-04 708698]
"EPM-DM"=c:\acer\epm\epm-dm.exe [2005-06-01 192512]
"ePowerManagement"=C:\Acer\ePM\ePM.exe [2005-03-15 2893824]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PCMService"=C:\Program Files\Arcade\PCMService.exe [2005-03-09 49152]
"LaunchAp"=C:\Program Files\Launch Manager\LaunchAp.exe [2005-07-25 32768]
"PowerKey"=C:\Program Files\Launch Manager\PowerKey.exe [2002-08-30 94208]
"LManager"=C:\Program Files\Launch Manager\HotkeyApp.exe [2005-06-06 69632]
"CtrlVol"=C:\Program Files\Launch Manager\CtrlVol.exe [2003-09-16 20480]
"LMgrOSD"=C:\Program Files\Launch Manager\OSDCtrl.exe [2005-07-25 241664]
"Wbutton"=C:\Program Files\Launch Manager\Wbutton.exe [2005-07-25 81920]
"eRecoveryService"=C:\Program Files\Acer\eRecovery\Monitor.exe [2005-06-29 352256]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"BigDogPath"=C:\WINDOWS\VM_STI.EXE [2004-03-30 40960]
"Family Tree Builder Update"=C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2011-07-18 225280]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"HuaWeiEVDO.exe"=C:\Program Files\Huawei technologies\EC500 Mobile Connect\HuaWeiEVDO.exe []
"Search Protection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe []
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-05-26 15147400]
"GameXN GO"=C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe /startup []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

C:\Documents and Settings\Acer\Nabídka Start\Programy\Po spuštění
Registration Heroes of Might & Magic 5.LNK - C:\Program Files\Ubisoft\Heroes of Might and Magic V\registration\RegistrationReminder.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2005-01-23 348160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQLite\ICQLite.exe"="C:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-05-29 01:49:35 ----D---- C:\WINDOWS\Prefetch
2013-05-29 00:59:54 ----N---- C:\WINDOWS\system32\msxml6r.dll
2013-05-29 00:59:27 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2013-05-29 00:59:27 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2013-05-29 00:59:27 ----N---- C:\WINDOWS\system32\aaclient.dll
2013-05-29 00:59:26 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2013-05-29 00:59:26 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2013-05-29 00:59:26 ----N---- C:\WINDOWS\system32\ati3duag.dll
2013-05-29 00:59:26 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2013-05-29 00:59:26 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2013-05-29 00:59:25 ----N---- C:\WINDOWS\system32\credssp.dll
2013-05-29 00:59:25 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2013-05-29 00:59:25 ----N---- C:\WINDOWS\system32\azroles.dll
2013-05-29 00:59:24 ----N---- C:\WINDOWS\system32\dot3msm.dll
2013-05-29 00:59:24 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2013-05-29 00:59:24 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2013-05-29 00:59:24 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2013-05-29 00:59:24 ----N---- C:\WINDOWS\system32\dot3api.dll
2013-05-29 00:59:24 ----N---- C:\WINDOWS\system32\dimsroam.dll
2013-05-29 00:59:24 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2013-05-29 00:59:24 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2013-05-29 00:59:23 ----N---- C:\WINDOWS\system32\dot3ui.dll
2013-05-29 00:59:23 ----N---- C:\WINDOWS\system32\dot3svc.dll
2013-05-29 00:59:22 ----N---- C:\WINDOWS\system32\eapsvc.dll
2013-05-29 00:59:22 ----N---- C:\WINDOWS\system32\eapqec.dll
2013-05-29 00:59:22 ----N---- C:\WINDOWS\system32\eappprxy.dll
2013-05-29 00:59:22 ----N---- C:\WINDOWS\system32\eapphost.dll
2013-05-29 00:59:22 ----N---- C:\WINDOWS\system32\eappgnui.dll
2013-05-29 00:59:22 ----N---- C:\WINDOWS\system32\eappcfg.dll
2013-05-29 00:59:22 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2013-05-29 00:59:22 ----N---- C:\WINDOWS\system32\eapolqec.dll
2013-05-29 00:59:21 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2013-05-29 00:59:20 ----N---- C:\WINDOWS\system32\ieencode.dll
2013-05-29 00:59:19 ----N---- C:\WINDOWS\system32\kbdpash.dll
2013-05-29 00:59:19 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2013-05-29 00:59:19 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2013-05-29 00:59:19 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2013-05-29 00:59:18 ----N---- C:\WINDOWS\system32\mmcex.dll
2013-05-29 00:59:18 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2013-05-29 00:59:18 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2013-05-29 00:59:18 ----N---- C:\WINDOWS\system32\kmsvc.dll
2013-05-29 00:59:17 ----N---- C:\WINDOWS\system32\mmcperf.exe
2013-05-29 00:59:17 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2013-05-29 00:59:16 ----N---- C:\WINDOWS\system32\napstat.exe
2013-05-29 00:59:16 ----N---- C:\WINDOWS\system32\napmontr.dll
2013-05-29 00:59:16 ----N---- C:\WINDOWS\system32\napipsec.dll
2013-05-29 00:59:16 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2013-05-29 00:59:16 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2013-05-29 00:59:16 ----N---- C:\WINDOWS\system32\mssha.dll
2013-05-29 00:59:15 ----N---- C:\WINDOWS\system32\onex.dll
2013-05-29 00:59:15 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2013-05-29 00:59:14 ----N---- C:\WINDOWS\system32\qcliprov.dll
2013-05-29 00:59:14 ----N---- C:\WINDOWS\system32\qagentrt.dll
2013-05-29 00:59:14 ----N---- C:\WINDOWS\system32\qagent.dll
2013-05-29 00:59:14 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2013-05-29 00:59:13 ----N---- C:\WINDOWS\system32\slextspk.dll
2013-05-29 00:59:13 ----N---- C:\WINDOWS\system32\slcoinst.dll
2013-05-29 00:59:13 ----N---- C:\WINDOWS\system32\setupn.exe
2013-05-29 00:59:13 ----N---- C:\WINDOWS\system32\s3gnb.dll
2013-05-29 00:59:13 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2013-05-29 00:59:13 ----N---- C:\WINDOWS\system32\rasqec.dll
2013-05-29 00:59:13 ----N---- C:\WINDOWS\system32\qutil.dll
2013-05-29 00:59:12 ----N---- C:\WINDOWS\system32\slserv.exe
2013-05-29 00:59:12 ----N---- C:\WINDOWS\system32\slrundll.exe
2013-05-29 00:59:12 ----N---- C:\WINDOWS\system32\slgen.dll
2013-05-29 00:59:11 ----N---- C:\WINDOWS\system32\tzchange.exe
2013-05-29 00:59:11 ----N---- C:\WINDOWS\system32\tspkg.dll
2013-05-29 00:59:11 ----N---- C:\WINDOWS\system32\tsgqec.dll
2013-05-29 00:59:10 ----N---- C:\WINDOWS\system32\wlanapi.dll
2013-05-29 00:59:10 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2013-05-29 00:59:10 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2013-05-29 00:59:09 ----N---- C:\WINDOWS\system32\wmphoto.dll
2013-05-29 00:59:08 ----N---- C:\WINDOWS\slrundll.exe
2013-05-29 00:59:06 ----D---- C:\WINDOWS\l2schemas
2013-05-29 00:59:05 ----D---- C:\WINDOWS\system32\cs
2013-05-29 00:59:04 ----D---- C:\WINDOWS\system32\bits
2013-05-29 00:54:50 ----D---- C:\WINDOWS\ServicePackFiles
2013-05-29 00:50:47 ----D---- C:\WINDOWS\network diagnostic
2013-05-29 00:50:46 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2013-05-29 00:50:46 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2013-05-29 00:50:46 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2013-05-29 00:50:46 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2013-05-29 00:50:46 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2013-05-29 00:50:46 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2013-05-29 00:50:46 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2013-05-29 00:50:45 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2013-05-29 00:50:45 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2013-05-29 00:50:45 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2013-05-29 00:50:45 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2013-05-29 00:50:45 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2013-05-29 00:50:45 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2013-05-29 00:50:45 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2013-05-29 00:50:45 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2013-05-29 00:50:45 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2013-05-29 00:50:44 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2013-05-29 00:50:44 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2013-05-29 00:50:43 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2013-05-29 00:50:43 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2013-05-29 00:50:43 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2013-05-29 00:50:43 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2013-05-29 00:50:43 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2013-05-29 00:50:42 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2013-05-29 00:50:42 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2013-05-29 00:50:42 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2013-05-29 00:50:42 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2013-05-29 00:50:42 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2013-05-29 00:50:42 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2013-05-29 00:50:42 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2013-05-29 00:50:42 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2013-05-29 00:50:41 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2013-05-29 00:50:41 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2013-05-29 00:50:41 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2013-05-29 00:50:41 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2013-05-29 00:50:41 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2013-05-29 00:50:41 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2013-05-29 00:50:41 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2013-05-29 00:50:41 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2013-05-29 00:50:41 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2013-05-29 00:50:41 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2013-05-29 00:50:40 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2013-05-29 00:50:40 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2013-05-29 00:50:40 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2013-05-29 00:50:40 ----N---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2013-05-29 00:50:39 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2013-05-29 00:50:39 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2013-05-29 00:50:38 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2013-05-29 00:50:38 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2013-05-29 00:50:38 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2013-05-29 00:50:38 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2013-05-29 00:50:38 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2013-05-29 00:50:37 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2013-05-29 00:50:37 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2013-05-29 00:50:37 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2013-05-29 00:50:37 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2013-05-29 00:50:37 ----N---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2013-05-29 00:50:36 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2013-05-29 00:50:36 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2013-05-29 00:50:36 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2013-05-29 00:50:36 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2013-05-29 00:50:36 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2013-05-29 00:50:36 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2013-05-29 00:50:36 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2013-05-29 00:50:35 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2013-05-29 00:50:35 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2013-05-29 00:50:35 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2013-05-29 00:50:35 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2013-05-29 00:50:35 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2013-05-29 00:50:35 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2013-05-29 00:50:34 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2013-05-29 00:50:34 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2013-05-29 00:50:34 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2013-05-29 00:50:34 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2013-05-29 00:50:34 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2013-05-29 00:48:27 ----A---- C:\WINDOWS\002713_.tmp
2013-05-29 00:43:01 ----HD---- C:\WINDOWS\$NtServicePackUninstall$
2013-05-29 00:42:47 ----D---- C:\WINDOWS\EHome
2013-05-28 23:31:32 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2013-05-28 23:31:32 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2013-05-28 23:31:30 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2013-05-28 23:31:28 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2013-05-28 23:31:27 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2013-05-28 23:31:27 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2013-05-28 23:31:26 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2013-05-28 23:31:25 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2013-05-28 23:31:24 ----A---- C:\WINDOWS\system32\aswBoot.exe
2013-05-28 23:29:50 ----A---- C:\WINDOWS\avastSS.scr
2013-05-28 23:28:27 ----D---- C:\Program Files\AVAST Software
2013-05-28 23:22:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-05-28 22:59:59 ----ASH---- C:\hiberfil.sys
2013-05-28 20:44:24 ----SHD---- C:\FOUND.060
2013-05-28 20:34:00 ----SHD---- C:\FOUND.059
2013-05-28 19:01:21 ----D---- C:\Documents and Settings\Acer\Data aplikací\Malwarebytes
2013-05-28 19:01:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-05-28 16:35:19 ----A---- C:\AdwCleaner[S1].txt
2013-05-28 16:33:53 ----A---- C:\AdwCleaner[R1].txt
2013-05-28 16:28:36 ----SHD---- C:\FOUND.058
2013-05-28 15:34:52 ----D---- C:\rsit
2013-05-23 20:45:30 ----SHD---- C:\FOUND.057
2013-04-30 10:40:22 ----SHD---- C:\FOUND.056

======List of files/folders modified in the last 1 month======

2013-05-29 06:59:00 ----N---- C:\WINDOWS\system32\eRLog.ini
2013-05-29 06:58:54 ----A---- C:\WINDOWS\ModemLog_SoftV90 Data Fax Modem with SmartCP.txt
2013-05-29 06:58:28 ----A---- C:\WINDOWS\system32\PARTIZAN.TXT
2013-05-29 06:57:50 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-05-29 01:51:06 ----A---- C:\WINDOWS\OEWABLog.txt
2013-05-29 01:49:42 ----A---- C:\WINDOWS\setuplog.txt
2013-05-28 22:59:14 ----A---- C:\WINDOWS\ntbtlog.txt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368]
R0 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-14 44928]
R0 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-14 42752]
R0 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-14 43008]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-05-09 49376]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-05-09 174664]
R0 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-14 46464]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-14 40960]
R0 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R0 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-14 42240]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2013-05-09 49760]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-05-09 765736]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-05-09 368944]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 Hotkey;Hotkey; C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 9867]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
R2 int15.sys;int15.sys; \??\C:\Program Files\Acer\eRecovery\int15.sys []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 osaio;osaio; \??\C:\WINDOWS\system32\drivers\osaio.sys []
R2 osanbm;osanbm; \??\C:\WINDOWS\system32\drivers\osanbm.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-04-19 2317504]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-01-10 449888]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-12-15 1038208]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-12-15 207232]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-01-23 804317]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-05-10 6144]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 POWERKEY;POWERKEY; \??\C:\Program Files\Launch Manager\POWERKEY.sys []
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-12-02 70912]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-02-04 193216]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-12-15 703232]
S0 ogdsiwkv;ogdsiwkv; C:\WINDOWS\system32\drivers\ooasywux.sys []
S1 mailKmd;mailKmd; C:\WINDOWS\system32\drivers\mailKmd.sys []
S1 Wbutton;Wbutton; C:\WINDOWS\system32\drivers\Wbutton.sys []
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2003-07-17 46167]
S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2003-03-27 127145]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2007-03-08 88960]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-14 28672]
S3 Partizan;Partizan; C:\WINDOWS\system32\drivers\Partizan.sys [2008-06-05 30946]
S3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
S3 rkhdrv40;Rootkit Unhooker Driver; C:\WINDOWS\system32\drivers\rkhdrv40.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 ZSMC302;PLEOMAX Web Camera; C:\WINDOWS\System32\Drivers\usbvm302.sys [2004-03-30 90214]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2005-06-06 1273344]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 InterBaseGuardian;Firebird Guardian Service; C:\Program Files\Borland\InterBase\bin\ibguard.exe [2002-12-12 32768]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2013-01-15 154032]
R3 InterBaseServer;Firebird Server; C:\Program Files\Borland\InterBase\bin\ibserver.exe [2002-12-12 1748992]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 NEXZJAT;NEXZJAT; C:\DOCUME~1\Acer\LOCALS~1\Temp\NEXZJAT.exe [2008-04-30 461696]

-----------------EOF-----------------

Potom
Stáhni "System Look" - http://jpshortstuff.247fixes.com/SystemLook.exe
Spusť jej a do okna zkopíruj Klik na "Look" a po scanu sem zkopíruj výsledek hledání

Hotovo:

SystemLook 30.07.11 by jpshortstuff
Log created at 07:57 on 29/05/2013 by Acer
Administrator - Elevation successful

========== filefind ==========

Searching for "*Partizan*"
C:\WINDOWS\Partizan.log --a---- 12931 bytes [14:48 05/06/2008] [15:05 05/06/2008] 5C7F6BE9105C2B0D7B8BBD3FF9D11F04
C:\WINDOWS\system32\PARTIZAN.TXT --a---- 370 bytes [14:47 05/06/2008] [04:58 29/05/2013] 4A6EC03F10D4B98ADAFCB293AE480E39
C:\WINDOWS\system32\Partizan.exe --a---- 25088 bytes [14:46 05/06/2008] [14:46 05/06/2008] 11DC6C421C2B97A059B3B1BB0CA12A32
C:\WINDOWS\system32\drivers\Partizan.sys --a---- 30946 bytes [14:47 05/06/2008] [14:47 05/06/2008] 2A3A0696A4D9011165FBD7B9DE0112A7

========== regfind ==========

Searching for "Partizan"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager]
"BootExecute"="autocheck autochk * Partizan"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_PARTIZAN]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_PARTIZAN\0000]
"Service"="Partizan"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_PARTIZAN\0000]
"DeviceDesc"="Partizan"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Partizan]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Partizan]
"ImagePath"="system32\drivers\Partizan.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Partizan]
"DisplayName"="Partizan"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Partizan\Enum]
"0"="Root\LEGACY_PARTIZAN\0000"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Session Manager]
"BootExecute"="autocheck autochk * Partizan"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_PARTIZAN]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_PARTIZAN\0000]
"Service"="Partizan"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_PARTIZAN\0000]
"DeviceDesc"="Partizan"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Partizan]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Partizan]
"ImagePath"="system32\drivers\Partizan.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Partizan]
"DisplayName"="Partizan"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Partizan]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Partizan]
"ImagePath"="system32\drivers\Partizan.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Partizan]
"DisplayName"="Partizan"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager]
"BootExecute"="autocheck autochk * Partizan"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PARTIZAN]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PARTIZAN\0000]
"Service"="Partizan"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PARTIZAN\0000]
"DeviceDesc"="Partizan"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Partizan]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Partizan]
"ImagePath"="system32\drivers\Partizan.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Partizan]
"DisplayName"="Partizan"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Partizan\Enum]
"0"="Root\LEGACY_PARTIZAN\0000"

========== folderfind ==========

Searching for "*Partizan*"
No folders found.

-= EOF =-

Tak zase kousek vyčistíme

Stáhni OTM z jednoho odkazu a rozbal nejlépe na plochu.
http://oldtimer.geekstogo.com/OTM.exe
http://www.itxassociates.com/OT-Tools/OTM.exe

Spusť program „OTM.exe“ (pro Vistu a Win7 – pravým a „Run As Administrator“).
Do okna pod žlutou čáru vlož celý text zeleným písmem ze „Scriptu“

Klikni na červené „Moveit!“

Při nabídce restartu „YES“
a log potom najdeš v C:\_OTM\MovedFiles\ - dej mi ho sem na kontrolu

Script OTM