VIRY.CZ

Logfile of random's system information tool 1.09 (written by random/random)
Run by Martin at 2013-06-15 10:29:36
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 30 GB (65%) free of 46 GB
Total RAM: 3519 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:29:46, on 15.6.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Documents and Settings\All Users\Data aplikací\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\PDF Architect\HelperService.exe
C:\Program Files\PDF Architect\ConversionService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE
C:\Program Files\REALTEK\USB Wireless LAN Utility\RtWLan.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Documents and Settings\Martin\Plocha\RSIT.exe
C:\Program Files\trend micro\Martin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-507921405-117609710-839522115-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: REALTEK USB Wireless LAN Utility.lnk = C:\Program Files\REALTEK\USB Wireless LAN Utility\RtWLan.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7765927656
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Freemake Improver - Freemake - C:\Documents and Settings\All Users\Data aplikací\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files\PDF Architect\ConversionService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 7658 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AutoKMS.job
C:\WINDOWS\tasks\avast! Emergency Update.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\2ryyvvu5.default-1368371723227

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"FFPDFArchitectConverter@pdfarchitect.com"=C:\Program Files\PDF Architect\FFPDFArchitectExt


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.21.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\plugins\
npwachk.dll

C:\Program Files\Mozilla Firefox\searchplugins\
yahoo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-05-12 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-05-12 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
{25A3A431-30BB-47C8-AD6A-E1063801134F} - PDF Architect Toolbar - C:\Program Files\PDF Architect\PDFIEPlugin.dll [2013-04-08 654384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2013-03-22 15517984]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-03-23 1982312]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-11-10 15473664]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [2013-02-18 774168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ose"=2

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
REALTEK USB Wireless LAN Utility.lnk - C:\Program Files\REALTEK\USB Wireless LAN Utility\RtWLan.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe"="C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe:*:Enabled:RtWlan"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Java\jre7\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre7\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe"="C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe:*:Enabled:Visual Basic Command Line Compiler"
"C:\Program Files\REALTEK\USB Wireless LAN Utility\RtWLan.exe"="C:\Program Files\REALTEK\USB Wireless LAN Utility\RtWLan.exe:*:Enabled:RtWlan"
"C:\Program Files\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe"="C:\Program Files\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe:*:Enabled:RTLDHCP"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\QIP 2012\qip.exe"="C:\Program Files\QIP 2012\qip.exe:*:Enabled:QIP 2012"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=AC3ACM.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.xvid"=xvidvfw.dll
"vidc.DIVX"=DivX.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll

======List of files/folders created in the last 1 month======

2013-06-15 10:29:36 ----D---- C:\rsit
2013-06-10 11:19:14 ----D---- C:\Documents and Settings\Martin\Data aplikací\Mp3tag
2013-06-10 11:19:02 ----D---- C:\Program Files\Mp3tag
2013-06-10 11:18:40 ----D---- C:\Documents and Settings\Martin\Data aplikací\ID3 renamer
2013-06-09 12:08:56 ----D---- C:\ICQ
2013-06-09 12:08:40 ----D---- C:\Documents and Settings\Martin\Data aplikací\QIP
2013-06-09 12:08:22 ----D---- C:\Program Files\QIP 2012
2013-06-07 03:24:03 ----A---- C:\WINDOWS\system32\wmpns.dll
2013-06-07 01:57:54 ----D---- C:\Documents and Settings\Martin\Data aplikací\PDF Architect
2013-06-07 01:57:05 ----D---- C:\Program Files\PDF Architect
2013-06-07 01:56:42 ----D---- C:\Documents and Settings\Martin\Data aplikací\pdfforge
2013-06-07 01:56:38 ----A---- C:\WINDOWS\system32\pdfcmon.dll
2013-06-07 01:56:35 ----A---- C:\WINDOWS\system32\MSMPIDE.DLL
2013-06-07 01:56:34 ----D---- C:\Program Files\PDFCreator
2013-06-07 01:43:19 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2013-06-07 01:43:19 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2013-06-07 01:43:12 ----D---- C:\WINDOWS\Logs
2013-06-07 01:43:08 ----D---- C:\Program Files\Winamp Detect
2013-06-07 01:42:30 ----D---- C:\WINDOWS\RegisteredPackages
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\vxblock.dll
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\pxwma.dll
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\pxwave.dll
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\pxsfs.dll
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\pxmas.dll
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\pxdrv.dll
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\pxafs.dll
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\drivers\PxHelp20.sys
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\drivers\cdralw2k.sys
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2013-06-07 01:42:03 ----N---- C:\WINDOWS\system32\px.dll
2013-06-07 01:41:58 ----D---- C:\Program Files\Winamp
2013-06-07 01:41:58 ----D---- C:\Documents and Settings\Martin\Data aplikací\Winamp
2013-05-18 11:07:13 ----D---- C:\Program Files\Mozilla Firefox
2013-05-17 20:47:43 ----D---- C:\Documents and Settings\Martin\Data aplikací\OpenCandy
2013-05-17 16:07:24 ----D---- C:\Documents and Settings\Martin\Data aplikací\BSplayer Pro
2013-05-17 16:07:24 ----D---- C:\Documents and Settings\Martin\Data aplikací\BSplayer
2013-05-17 16:07:23 ----D---- C:\Program Files\Webteh
2013-05-17 16:00:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVS4YOU
2013-05-17 15:58:53 ----D---- C:\Program Files\Common Files\AVSMedia
2013-05-17 15:58:43 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2013-05-17 15:58:43 ----A---- C:\WINDOWS\system32\xvidcore.dll
2013-05-17 15:58:43 ----A---- C:\WINDOWS\system32\mpg4c32.dll
2013-05-17 15:58:43 ----A---- C:\WINDOWS\system32\mcdvd_32.dll
2013-05-17 15:58:43 ----A---- C:\WINDOWS\system32\divx.dll
2013-05-17 15:58:42 ----A---- C:\WINDOWS\system32\msxml3a.dll
2013-05-17 15:58:42 ----A---- C:\WINDOWS\system32\msvcr70.dll
2013-05-17 15:58:42 ----A---- C:\WINDOWS\system32\msvcp70.dll
2013-05-17 15:58:42 ----A---- C:\WINDOWS\system32\mfc70.dll
2013-05-17 15:58:42 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2013-05-17 15:58:41 ----D---- C:\Program Files\AVS4YOU
2013-05-17 00:18:37 ----D---- C:\Temp
2013-05-17 00:15:30 ----D---- C:\Program Files\coolpro2

======List of files/folders modified in the last 1 month======

2013-06-15 10:29:46 ----D---- C:\Program Files\trend micro
2013-06-15 10:29:45 ----D---- C:\WINDOWS\Prefetch
2013-06-15 10:14:02 ----D---- C:\WINDOWS\Temp
2013-06-15 10:13:52 ----SD---- C:\WINDOWS\Tasks
2013-06-15 10:12:38 ----D---- C:\WINDOWS\system32\CatRoot2
2013-06-15 10:11:54 ----D---- C:\WINDOWS
2013-06-15 10:11:54 ----A---- C:\WINDOWS\RTacDbg.txt
2013-06-15 10:11:50 ----D---- C:\WINDOWS\system32\Lang
2013-06-15 00:08:22 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-06-12 16:25:27 ----D---- C:\WINDOWS\system32
2013-06-12 16:25:26 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-06-10 23:40:28 ----D---- C:\Documents and Settings\Martin\Data aplikací\vlc
2013-06-10 11:19:02 ----RD---- C:\Program Files
2013-06-09 21:00:28 ----HD---- C:\WINDOWS\inf
2013-06-09 12:15:23 ----D---- C:\Documents and Settings\Martin\Data aplikací\Skype
2013-06-08 14:21:01 ----A---- C:\WINDOWS\win.ini
2013-06-08 14:21:01 ----A---- C:\WINDOWS\system.ini
2013-06-07 02:27:21 ----D---- C:\WINDOWS\security
2013-06-07 02:07:52 ----SD---- C:\Documents and Settings\Martin\Data aplikací\Microsoft
2013-06-07 01:57:57 ----SHD---- C:\WINDOWS\Installer
2013-06-07 01:43:22 ----D---- C:\WINDOWS\system32\DirectX
2013-06-07 01:43:07 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-06-07 01:43:06 ----D---- C:\Program Files\Windows Media Player
2013-06-07 01:43:05 ----D---- C:\WINDOWS\Debug
2013-06-07 01:43:04 ----D---- C:\WINDOWS\system32\drivers
2013-06-06 12:12:12 ----D---- C:\Documents and Settings\Martin\Data aplikací\Canon
2013-05-28 08:58:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-05-20 21:59:41 ----D---- C:\Documents and Settings\Martin\Data aplikací\Audacity
2013-05-18 17:53:19 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-05-17 20:48:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Freemake
2013-05-17 20:48:17 ----D---- C:\Program Files\Freemake
2013-05-17 15:58:59 ----RSD---- C:\WINDOWS\Fonts
2013-05-17 15:58:53 ----D---- C:\Program Files\Common Files
2013-05-17 15:58:52 ----D---- C:\WINDOWS\WinSxS

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-05-09 49376]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-05-09 174664]
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2010-04-09 168040]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2013-05-09 49760]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-05-09 765736]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-05-09 368944]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2013-05-05 21361]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-11-10 4064256]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-03-23 12653120]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2010-03-04 13824]
R3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter; C:\WINDOWS\system32\DRIVERS\rtwlanu.sys [2012-11-07 1343760]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NPF;WinPcap Packet Driver (NPF); C:\WINDOWS\system32\drivers\NPF.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2010-03-04 70912]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\WINDOWS\system32\DRIVERS\rtwlanu.sys [2012-11-07 1343760]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 Freemake Improver;Freemake Improver; C:\Documents and Settings\All Users\Data aplikací\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2013-05-14 101888]
R2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [2013-04-01 9216]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-05-12 181664]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2013-03-22 156448]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-23 1259296]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12 256904]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-05-18 117144]
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

-----------------EOF-----------------

Zdravím, copak uděláme s tím nelegálním produktem od Microsoftu ?

odinstaluji.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Martin at 2013-06-16 14:08:25
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 32 GB (69%) free of 46 GB
Total RAM: 3519 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:08:29, on 16.6.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Documents and Settings\All Users\Data aplikací\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\PDF Architect\HelperService.exe
C:\Program Files\PDF Architect\ConversionService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\REALTEK\USB Wireless LAN Utility\RtWLan.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Martin\Plocha\RSIT.exe
C:\Program Files\trend micro\Martin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-507921405-117609710-839522115-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: REALTEK USB Wireless LAN Utility.lnk = C:\Program Files\REALTEK\USB Wireless LAN Utility\RtWLan.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7765927656
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Freemake Improver - Freemake - C:\Documents and Settings\All Users\Data aplikací\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files\PDF Architect\ConversionService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 6628 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AutoKMS.job
C:\WINDOWS\tasks\avast! Emergency Update.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\2ryyvvu5.default-1368371723227

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"FFPDFArchitectConverter@pdfarchitect.com"=C:\Program Files\PDF Architect\FFPDFArchitectExt


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.21.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\plugins\
npwachk.dll

C:\Program Files\Mozilla Firefox\searchplugins\
yahoo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-05-12 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-05-12 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
{25A3A431-30BB-47C8-AD6A-E1063801134F} - PDF Architect Toolbar - C:\Program Files\PDF Architect\PDFIEPlugin.dll [2013-04-08 654384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2013-03-22 15517984]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-03-23 1982312]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-11-10 15473664]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ose"=2

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
REALTEK USB Wireless LAN Utility.lnk - C:\Program Files\REALTEK\USB Wireless LAN Utility\RtWLan.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe"="C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe:*:Enabled:RtWlan"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Java\jre7\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre7\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe"="C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe:*:Enabled:Visual Basic Command Line Compiler"
"C:\Program Files\REALTEK\USB Wireless LAN Utility\RtWLan.exe"="C:\Program Files\REALTEK\USB Wireless LAN Utility\RtWLan.exe:*:Enabled:RtWlan"
"C:\Program Files\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe"="C:\Program Files\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe:*:Enabled:RTLDHCP"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\QIP 2012\qip.exe"="C:\Program Files\QIP 2012\qip.exe:*:Enabled:QIP 2012"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=AC3ACM.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.xvid"=xvidvfw.dll
"vidc.DIVX"=DivX.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll

======List of files/folders created in the last 1 month======

2013-06-16 13:50:36 ----SHD---- C:\Config.Msi
2013-06-15 10:29:36 ----D---- C:\rsit
2013-06-10 11:19:14 ----D---- C:\Documents and Settings\Martin\Data aplikací\Mp3tag
2013-06-10 11:19:02 ----D---- C:\Program Files\Mp3tag
2013-06-10 11:18:40 ----D---- C:\Documents and Settings\Martin\Data aplikací\ID3 renamer
2013-06-09 12:08:56 ----D---- C:\ICQ
2013-06-09 12:08:40 ----D---- C:\Documents and Settings\Martin\Data aplikací\QIP
2013-06-09 12:08:22 ----D---- C:\Program Files\QIP 2012
2013-06-07 03:24:03 ----A---- C:\WINDOWS\system32\wmpns.dll
2013-06-07 01:57:54 ----D---- C:\Documents and Settings\Martin\Data aplikací\PDF Architect
2013-06-07 01:57:05 ----D---- C:\Program Files\PDF Architect
2013-06-07 01:56:42 ----D---- C:\Documents and Settings\Martin\Data aplikací\pdfforge
2013-06-07 01:56:38 ----A---- C:\WINDOWS\system32\pdfcmon.dll
2013-06-07 01:56:35 ----A---- C:\WINDOWS\system32\MSMPIDE.DLL
2013-06-07 01:56:34 ----D---- C:\Program Files\PDFCreator
2013-06-07 01:43:19 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2013-06-07 01:43:19 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2013-06-07 01:43:12 ----D---- C:\WINDOWS\Logs
2013-06-07 01:43:08 ----D---- C:\Program Files\Winamp Detect
2013-06-07 01:42:30 ----D---- C:\WINDOWS\RegisteredPackages
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\vxblock.dll
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\pxwma.dll
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\pxwave.dll
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\pxsfs.dll
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\pxmas.dll
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\pxdrv.dll
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\pxafs.dll
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\drivers\PxHelp20.sys
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\drivers\cdralw2k.sys
2013-06-07 01:42:04 ----N---- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2013-06-07 01:42:03 ----N---- C:\WINDOWS\system32\px.dll
2013-06-07 01:41:58 ----D---- C:\Program Files\Winamp
2013-06-07 01:41:58 ----D---- C:\Documents and Settings\Martin\Data aplikací\Winamp
2013-05-18 11:07:13 ----D---- C:\Program Files\Mozilla Firefox
2013-05-17 20:47:43 ----D---- C:\Documents and Settings\Martin\Data aplikací\OpenCandy
2013-05-17 16:07:24 ----D---- C:\Documents and Settings\Martin\Data aplikací\BSplayer Pro
2013-05-17 16:07:24 ----D---- C:\Documents and Settings\Martin\Data aplikací\BSplayer
2013-05-17 16:07:23 ----D---- C:\Program Files\Webteh
2013-05-17 16:00:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVS4YOU
2013-05-17 15:58:53 ----D---- C:\Program Files\Common Files\AVSMedia
2013-05-17 15:58:43 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2013-05-17 15:58:43 ----A---- C:\WINDOWS\system32\xvidcore.dll
2013-05-17 15:58:43 ----A---- C:\WINDOWS\system32\mpg4c32.dll
2013-05-17 15:58:43 ----A---- C:\WINDOWS\system32\mcdvd_32.dll
2013-05-17 15:58:43 ----A---- C:\WINDOWS\system32\divx.dll
2013-05-17 15:58:42 ----A---- C:\WINDOWS\system32\msxml3a.dll
2013-05-17 15:58:42 ----A---- C:\WINDOWS\system32\msvcr70.dll
2013-05-17 15:58:42 ----A---- C:\WINDOWS\system32\msvcp70.dll
2013-05-17 15:58:42 ----A---- C:\WINDOWS\system32\mfc70.dll
2013-05-17 15:58:42 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2013-05-17 15:58:41 ----D---- C:\Program Files\AVS4YOU
2013-05-17 00:18:37 ----D---- C:\Temp
2013-05-17 00:15:30 ----D---- C:\Program Files\coolpro2

======List of files/folders modified in the last 1 month======

2013-06-16 14:08:27 ----D---- C:\Program Files\trend micro
2013-06-16 14:07:30 ----D---- C:\WINDOWS\Temp
2013-06-16 14:05:45 ----D---- C:\WINDOWS\system32\Lang
2013-06-16 14:05:45 ----D---- C:\WINDOWS
2013-06-16 14:05:45 ----A---- C:\WINDOWS\RTacDbg.txt
2013-06-16 14:05:38 ----SD---- C:\WINDOWS\Tasks
2013-06-16 14:02:35 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-06-16 14:02:34 ----D---- C:\WINDOWS\system32\CatRoot2
2013-06-16 14:01:30 ----D---- C:\WINDOWS\Prefetch
2013-06-16 13:58:39 ----D---- C:\WINDOWS\Microsoft.NET
2013-06-16 13:58:26 ----SHD---- C:\WINDOWS\Installer
2013-06-16 13:57:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-06-16 13:57:07 ----D---- C:\WINDOWS\assembly
2013-06-16 13:56:55 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-06-16 13:56:54 ----RD---- C:\Program Files
2013-06-16 13:56:54 ----D---- C:\WINDOWS\pchealth
2013-06-16 13:56:54 ----D---- C:\Program Files\Microsoft.NET
2013-06-16 13:56:54 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-06-16 13:55:50 ----RSD---- C:\WINDOWS\Fonts
2013-06-16 13:54:46 ----D---- C:\WINDOWS\system32
2013-06-16 13:54:45 ----D---- C:\Program Files\Common Files
2013-06-16 13:50:17 ----D---- C:\Program Files\Common Files\System
2013-06-16 13:50:16 ----A---- C:\WINDOWS\win.ini
2013-06-16 13:48:32 ----HD---- C:\WINDOWS\inf
2013-06-15 11:34:46 ----D---- C:\Documents and Settings\Martin\Data aplikací\vlc
2013-06-12 16:25:26 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-06-09 12:15:23 ----D---- C:\Documents and Settings\Martin\Data aplikací\Skype
2013-06-08 14:21:01 ----A---- C:\WINDOWS\system.ini
2013-06-07 02:27:21 ----D---- C:\WINDOWS\security
2013-06-07 02:07:52 ----SD---- C:\Documents and Settings\Martin\Data aplikací\Microsoft
2013-06-07 01:43:22 ----D---- C:\WINDOWS\system32\DirectX
2013-06-07 01:43:07 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-06-07 01:43:06 ----D---- C:\Program Files\Windows Media Player
2013-06-07 01:43:05 ----D---- C:\WINDOWS\Debug
2013-06-07 01:43:04 ----D---- C:\WINDOWS\system32\drivers
2013-06-06 12:12:12 ----D---- C:\Documents and Settings\Martin\Data aplikací\Canon
2013-05-28 08:58:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-05-20 21:59:41 ----D---- C:\Documents and Settings\Martin\Data aplikací\Audacity
2013-05-18 17:53:19 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-05-17 20:48:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Freemake
2013-05-17 20:48:17 ----D---- C:\Program Files\Freemake
2013-05-17 15:58:52 ----D---- C:\WINDOWS\WinSxS

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-05-09 49376]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-05-09 174664]
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2010-04-09 168040]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2013-05-09 49760]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-05-09 765736]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-05-09 368944]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2013-05-05 21361]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-11-10 4064256]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-03-23 12653120]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2010-03-04 13824]
R3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter; C:\WINDOWS\system32\DRIVERS\rtwlanu.sys [2012-11-07 1343760]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NPF;WinPcap Packet Driver (NPF); C:\WINDOWS\system32\drivers\NPF.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2010-03-04 70912]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\WINDOWS\system32\DRIVERS\rtwlanu.sys [2012-11-07 1343760]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 Freemake Improver;Freemake Improver; C:\Documents and Settings\All Users\Data aplikací\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2013-05-14 101888]
R2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [2013-04-01 9216]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-05-12 181664]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2013-03-22 156448]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-23 1259296]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12 256904]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-05-18 117144]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

ras099 píše:odinstaluji.

Tohle fixni v HJT :

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-507921405-117609710-839522115-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

HJT najdeš zde :

C:\Program Files\trend micro\Martin.exe

Fix znamená že spustíš HJT jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem spusť,

objeví se okno kde vlevo dole klikni na Search.

Po té proběhne sken a po jeho skončení na Tebe vypadne log, který mi sem zkopíruj.


Stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:
klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem chci zkopírovat obsah logu uloženého na C:\_OTMoveIt\MovedFiles\

# AdwCleaner v2.303 - Log vytvooen 16/06/2013 v 23:37:13
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : Martin - MARTINRASZKA-PC
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\Martin\Plocha\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Documents and Settings\Martin\Data aplikací\OpenCandy
Složka Nalezeno : C:\Documents and Settings\Martin\Data aplikací\pdfforge

***** [Registry] *****

Klíe Nalezeno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Klíe Nalezeno : HKLM\Software\Conduit

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v21.0 (cs)

Soubor : C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\2ryyvvu5.default-1368371723227\prefs.js

[OK] Soubor je eistý.

*************************

AdwCleaner[R2].txt - [1338 octets] - [16/06/2013 23:37:13]

########## EOF - C:\AdwCleaner[R2].txt - [1398 octets] ##########

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\*.tmp not found.
File/Folder C:\WINDOWS\System32\*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\AutoKMS.job moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 643877 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 82014829 bytes
->Flash cache emptied: 1989 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Martin
->Temp folder emptied: 124512616 bytes
->Temporary Internet Files folder emptied: 5932784 bytes
->FireFox cache emptied: 373468427 bytes
->Flash cache emptied: 3615 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 409600 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 560,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 06162013_233940

Files moved on Reboot...
File C:\Documents and Settings\Martin\Local Settings\Temp\Dočasný adresář 2 pro Red-Hot-Chilli-Peppers-10-Albums-(1984-2011)(Rock-Funk-Pop)[JoyTearz].zip\Red Hot Chilli Peppers\1987 - The Uplift Mofo Party Plan\13. Behind The Sun (Instrumental Demo) [24-Bit Digitally Remastered 02].m not found!
File C:\WINDOWS\temp\_avast_\Webshlock.txt not found!

Registry entries deleted on Reboot...

Znovu spusť AdwCleaner ale tentokrát klikni na Delete,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té na Tebe opět vypadne log který mi sem zkopíruj.


Znovu spusť OTMoveIt a nahoře v aplikaci klini na CleanUP!

tímto po sobě uklidí.

# AdwCleaner v2.303 - Log vytvooen 18/06/2013 v 00:25:39
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : Martin - MARTINRASZKA-PC
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\Martin\Plocha\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Vymazáno : C:\Documents and Settings\Martin\Data aplikací\OpenCandy
Složka Vymazáno : C:\Documents and Settings\Martin\Data aplikací\pdfforge

***** [Registry] *****

Klíe Vymazáno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Klíe Vymazáno : HKLM\Software\Conduit

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v21.0 (cs)

Soubor : C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\2ryyvvu5.default-1368371723227\prefs.js

[OK] Soubor je eistý.

*************************

AdwCleaner[R2].txt - [1467 octets] - [16/06/2013 23:37:13]
AdwCleaner[S2].txt - [1396 octets] - [18/06/2013 00:25:40]

########## EOF - C:\AdwCleaner[S2].txt - [1456 octets] ##########

Bezva uklizeno, jaký je stav PC ?