pomalý pc xp

Zpráva

airplane · #1 Příspěvek od **airplane** » 19 črc 2013 19:29

mam pomaly pc, skoro zabrzdeny, internet aj bezne programy. antivirus hlasi opakovane negativne.
mozete sa na to pozriet? dakujem

Logfile of random's system information tool 1.09 (written by random/random)
Run by Dusan at 2013-07-19 20:20:16
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (11%) free of 16 GB
Total RAM: 767 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:20:57, on 19.7.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17128)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\System32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\windows\System32\svchost.exe
C:\windows\system32\nvsvc32.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\windows\System32\svchost.exe
c:\fotowin\RTETPISv.exe
C:\windows\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\windows\Explorer.EXE
C:\windows\system32\wuauclt.exe
C:\windows\system32\RUNDLL32.EXE
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Dusan\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Dusan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.glarysoft.com/?src=iehome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.glarysoft.com/?src=iehome
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Anvshell] anvshell.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0759834062
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: RTE : TAPI (RTETAPIService) - Unknown owner - c:\fotowin\RTETPISv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 7834 bytes

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore1ce81a8ad8dc9c4.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-606747145-842925246-725345543-1003Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-606747145-842925246-725345543-1003UA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-606747145-842925246-725345543-1005Core1cd9b565fb43230.job
C:\windows\tasks\Microsoft Antimalware Scheduled Scan.job
C:\windows\tasks\RealUpgradeLogonTaskS-1-5-18.job
C:\windows\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-842925246-725345543-1003.job
C:\windows\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-842925246-725345543-1004.job
C:\windows\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-842925246-725345543-1005.job
C:\windows\tasks\RealUpgradeScheduledTaskS-1-5-18.job
C:\windows\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-842925246-725345543-1003.job
C:\windows\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-842925246-725345543-1004.job
C:\windows\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-842925246-725345543-1005.job
C:\windows\tasks\ReclaimerResumeInstall_Dusan.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Dusan\Application Data\Mozilla\Firefox\Profiles\c844nadz.default

prefs.js - "browser.startup.homepage" - "http://isearch.glarysoft.com/?src=ffhome"
prefs.js - "extensions.enabledItems" - "{ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.1, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, jqs@sun.com:1.0, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.sweetim.com/search.asp?src=2&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"{0153E448-190B-4987-BDE1-F256CADA672F}"=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npDivxPlayerPlugin.dll
nppdf32.dll
nppl3260.dll
nppl3260.xpt
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpplugin.dll
nsIDivxPlayerPlugin.xpt
QuickTimePlugin.class

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-09-13 426736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~2\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-12-16 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-06-26 192592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-04-15 4529272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll [2012-12-16 1000984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-12-16 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-06-26 192592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Anvshell"=C:\windows\anvshell.exe [2003-05-29 348160]
"NvCplDaemon"=C:\windows\system32\NvCpl.dll [2008-05-16 13529088]
"nwiz"=nwiz.exe /install []
"AsioReg"=REGSVR32.EXE /S CTASIO.DLL []
"SBDrvDet"=C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe [2002-12-03 45056]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2005-04-05 94208]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-04-05 77824]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2005-04-05 114688]
"DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2002-01-20 35252]
"NvMediaCenter"=C:\windows\system32\NvMcTray.dll [2008-05-16 86016]
"CTSysVol"=C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe [2002-10-29 49152]
"CTDVDDet"=C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE [2002-09-30 45056]
"TkBellExe"=C:\program files\real\realplayer\update\realsched.exe [2012-09-13 296096]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Creative Detector"=C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe [2003-02-26 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
C:\windows\system32\cthelper.exe [2003-04-10 28672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteCenter]
C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe [2002-11-21 135168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTEGPRS]
C:\Program Files\Common Files\RTE\RTEGPRS.exe [2004-09-28 2228224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Skype C2C Service"=2
"AdvancedSystemCareService6"=2
"!SASCORE"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2005-04-05 131072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\windows\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoInstrumentation"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ.exe"
"C:\Program Files\Google\Google Talk\googletalk.exe"="C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk"
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Documents and Settings\new family\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\new family\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Documents and Settings\Dusan\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\Dusan\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.MP42"=mpg4c32.dll
"VIDC.MPG4"=mpg4c32.dll
"MSVideo8"=VfWWDM32.dll
"msacm.ac3filter"=ac3filter.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.VP80"=vp8vfw.dll

======List of files/folders created in the last 1 month======

2013-07-19 20:20:17 ----D---- C:\Program Files\trend micro
2013-07-19 20:20:16 ----D---- C:\rsit
2013-07-19 01:02:50 ----SHD---- C:\RECYCLER
2013-07-19 00:56:28 ----D---- C:\windows\temp
2013-07-19 00:56:25 ----A---- C:\ComboFix.txt

======List of files/folders modified in the last 1 month======

2013-07-19 20:20:17 ----RD---- C:\Program Files
2013-07-19 19:46:26 ----SD---- C:\windows\Tasks
2013-07-19 19:19:39 ----D---- C:\windows\system32\CatRoot2
2013-07-19 19:02:26 ----D---- C:\WINDOWS
2013-07-19 00:56:27 ----D---- C:\Qoobox
2013-07-19 00:52:09 ----A---- C:\windows\system.ini
2013-07-19 00:48:37 ----D---- C:\windows\system32\drivers
2013-07-19 00:48:37 ----D---- C:\windows\system32
2013-07-19 00:48:37 ----D---- C:\windows\AppPatch
2013-07-19 00:48:35 ----D---- C:\Program Files\Common Files
2013-07-19 00:01:12 ----D---- C:\windows\Prefetch
2013-07-18 23:19:20 ----D---- C:\Program Files\Mozilla Firefox
2013-07-18 22:03:09 ----SHD---- C:\windows\Installer
2013-07-15 20:32:56 ----D---- C:\windows\system32\config
2013-07-13 23:16:55 ----A---- C:\windows\system32\FlashPlayerApp.exe
2013-06-27 22:25:46 ----D---- C:\windows\inf
2013-06-27 19:33:48 ----D---- C:\WinFast WorkArea
2013-06-27 18:59:05 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Daemon;Daemon; C:\windows\system32\DRIVERS\daemon.sys [2002-01-19 71968]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2013-01-20 195296]
R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\windows\System32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\windows\system32\DRIVERS\PxHelp20.sys [2010-03-31 44944]
R1 ANVIOCTL;ANVIOCTL; C:\windows\system32\DRIVERS\anvioctl.sys [2003-05-19 233280]
R1 asuskbnt;asuskbnt; C:\windows\system32\DRIVERS\asuskbnt.sys [2003-04-24 17150]
R1 intelppm;Intel Processor Driver; C:\windows\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\windows\System32\drivers\ws2ifsl.sys [2001-08-23 12032]
R2 irda;IrDA Protocol; C:\windows\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 PfModNT;PfModNT; \??\C:\windows\system32\drivers\PfModNT.sys []
R2 WF23880;WinFast TV2000/DV2000 WDM Video Capture.; C:\windows\system32\drivers\wf88vcap.sys [2004-10-18 208851]
R2 WF88XBAR;WinFast TV2000/DV2000 WDM Crossbar.; C:\windows\system32\drivers\WF88XBAR.sys [2005-03-03 10324]
R2 WFTUNE;WinFast TV2000/DV2000 WDM Tuner.; C:\windows\system32\drivers\WF88TUNE.sys [2004-10-18 34789]
R3 Arp1394;1394 ARP Client Protocol; C:\windows\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 cmuda;C-Media WDM Audio Interface; C:\windows\system32\drivers\cmuda.sys [2006-06-09 1373120]
R3 ctac32k;Creative AC3 Software Decoder; C:\windows\System32\drivers\ctac32k.sys [2003-03-25 134656]
R3 ctaud2k;Creative Audio Driver (WDM); C:\windows\system32\drivers\ctaud2k.sys [2003-04-11 502160]
R3 ctgame;Game Port; C:\windows\system32\DRIVERS\ctgame.sys [2002-12-30 12160]
R3 ctprxy2k;Creative Proxy Driver; C:\windows\System32\drivers\ctprxy2k.sys [2003-03-25 6144]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\windows\System32\drivers\ctsfm2k.sys [2003-03-25 135696]
R3 emupia;E-mu Plug-in Architecture Driver; C:\windows\System32\drivers\emupia2k.sys [2003-03-25 144736]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\windows\System32\drivers\ha10kx2k.sys [2003-04-03 850880]
R3 hap16v2k;Creative P16V HAL Driver; C:\windows\System32\drivers\hap16v2k.sys [2003-04-01 142752]
R3 ialm;ialm; C:\windows\system32\DRIVERS\ialmnt5.sys [2005-04-05 830684]
R3 NIC1394;1394 Net Driver; C:\windows\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\windows\System32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
R3 ossrv;Creative OS Services Driver; C:\windows\system32\drivers\ctoss2k.sys [2003-03-25 190176]
R3 Rasirda;WAN Miniport (IrDA); C:\windows\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\windows\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\windows\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S0 hhxyfpnb;hhxyfpnb; C:\windows\System32\drivers\gagcu.sys []
S1 MpKsle2170561;MpKsle2170561; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4C1F67CC-71C3-4577-9DFB-D2E14694752A}\MpKsle2170561.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Dusan\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
S3 hidusb;Microsoft HID Class Driver; C:\windows\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\windows\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\windows\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\windows\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 mouhid;Mouse HID Driver; C:\windows\System32\DRIVERS\mouhid.sys [2001-08-23 12160]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\windows\system32\DRIVERS\MSIRCOMM.sys [2008-04-13 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pcouffin;VSO Software pcouffin; C:\windows\System32\Drivers\pcouffin.sys [2009-09-13 47360]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\windows\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SLIP;BDA Slip De-Framer; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 STIrUsb;SigmaTel USB-IrDA Dongle; C:\windows\system32\DRIVERS\irstusb.sys [2001-08-17 26624]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;USB Audio Driver (WDM); C:\windows\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbbus;LGE Mobile Composite USB Device; C:\windows\system32\DRIVERS\lgusbbus.sys []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\windows\system32\DRIVERS\lgusbdiag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\windows\system32\DRIVERS\lgusbmodem.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 VMUVC;Vimicro Camera Service VMUVC; C:\windows\System32\Drivers\VMUVC.sys []
S3 vvftUVC;Vimicro Camera Filter Service VMUVC; C:\windows\system32\drivers\vvftUVC.sys []
S3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS []
S3 WSTCODEC;World Standard Teletext Codec; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
R2 Irmon;Infrared Monitor; C:\windows\system32\svchost.exe [2008-04-14 14336]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\windows\system32\nvsvc32.exe [2008-05-16 159812]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-04-14 14336]
R2 RTETAPIService;RTE : TAPI; c:\fotowin\RTETPISv.exe [2000-11-07 49152]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2000-06-26 53520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-01 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-12-22 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-13 257416]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-01 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-20 194032]
S3 hpqcxs08;hpqcxs08; C:\windows\system32\svchost.exe [2008-04-14 14336]
S3 idsvc;Windows CardSpace; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WinRM;Windows Remote Management (WS-Management); C:\windows\system32\svchost.exe [2008-04-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608]
S4 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [2013-01-15 465216]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-04-15 3289208]

-----------------EOF-----------------

-------------------------------------

-------------------------------------

#2 Příspěvek od **Rudy** » 19 črc 2013 19:53

Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte na Search (hledat)
Proběhne skenováni a pak se objeví log, který sem vložte.

airplane · #3 Příspěvek od **airplane** » 19 črc 2013 20:57

# AdwCleaner v2.306 - Logfile created 07/19/2013 at 21:52:39
# Updated 19/07/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Dusan - PEACE
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Dusan\desktop\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

File Found : C:\Documents and Settings\All Users\Application Data\Mozilla FireFox\searchplugins\fast.xml
File Found : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\searchplugins\fast-browser-search.xml
File Found : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\searchplugins\icqplugin.xml
File Found : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\searchplugins\icqplugin-1.xml
File Found : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\searchplugins\icqplugin-10.xml
File Found : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\searchplugins\icqplugin-2.xml
File Found : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\searchplugins\icqplugin-3.xml
File Found : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\searchplugins\icqplugin-4.xml
File Found : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\searchplugins\icqplugin-5.xml
File Found : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\searchplugins\icqplugin-6.xml
File Found : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\searchplugins\icqplugin-7.xml
File Found : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\searchplugins\icqplugin-8.xml
File Found : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\searchplugins\icqplugin-9.xml
Folder Found : C:\Documents and Settings\Dusan\Application Data\Mozilla\Firefox\Profiles\c844nadz.default\SweetIMToolbarData
Folder Found : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Folder Found : C:\Program Files\file scout

***** [Registry] *****

Key Found : HKCU\Software\filescout
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Updater Service
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6000.17128

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://isearch.glarysoft.com/?src=iehome
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://isearch.glarysoft.com/?src=iehome

-\\ Mozilla Firefox v21.0 (sk)

File : C:\Documents and Settings\Dusan\Application Data\Mozilla\Firefox\Profiles\c844nadz.default\prefs.js

Found : user_pref("browser.startup.homepage", "hxxp://isearch.glarysoft.com/?src=ffhome");
Found : user_pref("extensions.BabylonToolbar.admin", false);
Found : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar.babExt", "");
Found : user_pref("extensions.BabylonToolbar.babTrack", "affID=100489");
Found : user_pref("extensions.BabylonToolbar.bbDpng", 15);
Found : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Found : user_pref("extensions.BabylonToolbar.dfltSrch", false);
Found : user_pref("extensions.BabylonToolbar.hmpg", false);
Found : user_pref("extensions.BabylonToolbar.id", "6866740300000000000000196697470e");
Found : user_pref("extensions.BabylonToolbar.instlDay", "15343");
Found : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar.lastDP", 15);
Found : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1723:58:42");
Found : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "6.0");
Found : user_pref("extensions.BabylonToolbar.newTab", true);
Found : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
Found : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Found : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar.propectorlck", 67879242);
Found : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Found : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
Found : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
Found : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1723:58:42");
Found : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar_i.babExt", "");
Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=100489");
Found : user_pref("extensions.BabylonToolbar_i.hardId", "6866740300000000000000196697470e");
Found : user_pref("extensions.BabylonToolbar_i.id", "6866740300000000000000196697470e");
Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15343");
Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar_i.newTab", false);
Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1723:58:42");
Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Found : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?src=2&q=");
Found : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Found : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Found : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Found : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Found : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Found : user_pref("sweetim.toolbar.mode.debug", "false");
Found : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Found : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Found : user_pref("sweetim.toolbar.search.history.capacity", "10");
Found : user_pref("sweetim.toolbar.searchguard.enable", "true");
Found : user_pref("sweetim.toolbar.simapp_id", "{DC97C52D-F690-489D-8716-2F83FEA0504D}");

File : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\prefs.js

Found : user_pref("browser.search.defaulturl", "hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&[...]
Found : user_pref("browser.search.order.1", "Fast Browser Search");
Found : user_pref("browser.startup.homepage", "hxxp://start.icq.com/");
Found : user_pref("icqtoolbar.allowSendURL", false);
Found : user_pref("icqtoolbar.engineVerified", false);
Found : user_pref("icqtoolbar.geolastmodified", 1367618989);
Found : user_pref("icqtoolbar.hiddenElements", "itb_options");
Found : user_pref("icqtoolbar.history", "according%20greta||simpsonovi%20ke%20shlednuti%20zdarma||simpsonovc[...]
Found : user_pref("icqtoolbar.icqgeo", 4201);
Found : user_pref("icqtoolbar.installTime", "1333999751");
Found : user_pref("icqtoolbar.installsource", "1");
Found : user_pref("icqtoolbar.newtab_state", "1");
Found : user_pref("icqtoolbar.numberOfSearches", 0);
Found : user_pref("icqtoolbar.previousFFVersion", "20.0.1");
Found : user_pref("icqtoolbar.removedsitescount", 24);
Found : user_pref("icqtoolbar.skip_default_search", "no");
Found : user_pref("icqtoolbar.uniqueID", "127991676912799170161280330445371");
Found : user_pref("icqtoolbar.usageStatstTimestamp", 1367618995);
Found : user_pref("icqtoolbar.version", "2.0.1.6");
Found : user_pref("icqtoolbar.voucherHideClicks", 0);
Found : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Found : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Found : user_pref("icqtoolbar.voucherWasShown", 0);
Found : user_pref("icqtoolbar.xmlLanguage", "sk");
Found : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.1.6&q="[...]

File : C:\Documents and Settings\new family\Application Data\Mozilla\Firefox\Profiles\siqbch5f.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v28.0.1500.72

File : C:\Documents and Settings\Dusan\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Found [l.2239] : homepage = "hxxp://isearch.glarysoft.com/?src=gchome",

File : C:\Documents and Settings\Family\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\new family\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [10982 octets] - [19/07/2013 21:52:39]

########## EOF - C:\AdwCleaner[R1].txt - [11043 octets] ##########

#4 Příspěvek od **Rudy** » 19 črc 2013 20:59

Spusťte znovu ADWCleaner a klikněte na >Delete< (smazat). Vložte nový log.

airplane · #5 Příspěvek od **airplane** » 19 črc 2013 21:35

# AdwCleaner v2.306 - Logfile created 07/19/2013 at 22:15:56
# Updated 19/07/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Dusan - PEACE
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Dusan\desktop\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

File Deleted : C:\Documents and Settings\All Users\Application Data\Mozilla FireFox\searchplugins\fast.xml
File Deleted : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\searchplugins\fast-browser-search.xml
File Deleted : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\searchplugins\icqplugin.xml
File Deleted : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\searchplugins\icqplugin-10.xml
File Deleted : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\searchplugins\icqplugin-6.xml
File Deleted : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\searchplugins\icqplugin-7.xml
File Deleted : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\searchplugins\icqplugin-8.xml
File Deleted : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\searchplugins\icqplugin-9.xml
Folder Deleted : C:\Documents and Settings\Dusan\Application Data\Mozilla\Firefox\Profiles\c844nadz.default\SweetIMToolbarData
Folder Deleted : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Folder Deleted : C:\Program Files\file scout

***** [Registry] *****

Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Updater Service
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6000.17128

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://isearch.glarysoft.com/?src=iehome --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://isearch.glarysoft.com/?src=iehome --> hxxp://www.google.com

-\\ Mozilla Firefox v21.0 (sk)

File : C:\Documents and Settings\Dusan\Application Data\Mozilla\Firefox\Profiles\c844nadz.default\prefs.js

C:\Documents and Settings\Dusan\Application Data\Mozilla\Firefox\Profiles\c844nadz.default\user.js ... Deleted !

Deleted : user_pref("browser.startup.homepage", "hxxp://isearch.glarysoft.com/?src=ffhome");
Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar.babTrack", "affID=100489");
Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 15);
Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Deleted : user_pref("extensions.BabylonToolbar.dfltSrch", false);
Deleted : user_pref("extensions.BabylonToolbar.hmpg", false);
Deleted : user_pref("extensions.BabylonToolbar.id", "6866740300000000000000196697470e");
Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15343");
Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar.lastDP", 15);
Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1723:58:42");
Deleted : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "6.0");
Deleted : user_pref("extensions.BabylonToolbar.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
Deleted : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar.propectorlck", 67879242);
Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1723:58:42");
Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=100489");
Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "6866740300000000000000196697470e");
Deleted : user_pref("extensions.BabylonToolbar_i.id", "6866740300000000000000196697470e");
Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15343");
Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);
Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1723:58:42");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Deleted : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?src=2&q=");
Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Deleted : user_pref("sweetim.toolbar.mode.debug", "false");
Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10");
Deleted : user_pref("sweetim.toolbar.searchguard.enable", "true");
Deleted : user_pref("sweetim.toolbar.simapp_id", "{DC97C52D-F690-489D-8716-2F83FEA0504D}");

File : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\prefs.js

C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\user.js ... Deleted !

Deleted : user_pref("browser.search.defaulturl", "hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&[...]
Deleted : user_pref("browser.search.order.1", "Fast Browser Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://start.icq.com/");
Deleted : user_pref("icqtoolbar.allowSendURL", false);
Deleted : user_pref("icqtoolbar.engineVerified", false);
Deleted : user_pref("icqtoolbar.geolastmodified", 1367618989);
Deleted : user_pref("icqtoolbar.hiddenElements", "itb_options");
Deleted : user_pref("icqtoolbar.history", "according%20greta||simpsonovi%20ke%20shlednuti%20zdarma||simpsonovc[...]
Deleted : user_pref("icqtoolbar.icqgeo", 4201);
Deleted : user_pref("icqtoolbar.installTime", "1333999751");
Deleted : user_pref("icqtoolbar.installsource", "1");
Deleted : user_pref("icqtoolbar.newtab_state", "1");
Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Deleted : user_pref("icqtoolbar.previousFFVersion", "20.0.1");
Deleted : user_pref("icqtoolbar.removedsitescount", 24);
Deleted : user_pref("icqtoolbar.skip_default_search", "no");
Deleted : user_pref("icqtoolbar.uniqueID", "127991676912799170161280330445371");
Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1367618995);
Deleted : user_pref("icqtoolbar.version", "2.0.1.6");
Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
Deleted : user_pref("icqtoolbar.xmlLanguage", "sk");
Deleted : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.1.6&q="[...]

File : C:\Documents and Settings\new family\Application Data\Mozilla\Firefox\Profiles\siqbch5f.default\prefs.js

C:\Documents and Settings\new family\Application Data\Mozilla\Firefox\Profiles\siqbch5f.default\user.js ... Deleted !

[OK] File is clean.

-\\ Google Chrome v28.0.1500.72

File : C:\Documents and Settings\Dusan\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Deleted [l.2239] : homepage = "hxxp://isearch.glarysoft.com/?src=gchome",

File : C:\Documents and Settings\Family\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\new family\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [11113 octets] - [19/07/2013 21:52:39]
AdwCleaner[R2].txt - [11174 octets] - [19/07/2013 22:15:18]
AdwCleaner[S1].txt - [11764 octets] - [19/07/2013 22:15:56]

########## EOF - C:\AdwCleaner[S1].txt - [11825 octets] ##########

#6 Příspěvek od **Rudy** » 19 črc 2013 21:38

Dejte nový log RSIT.

airplane · #7 Příspěvek od **airplane** » 19 črc 2013 21:40

# AdwCleaner v2.306 - Logfile created 07/19/2013 at 22:37:04
# Updated 19/07/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Dusan - PEACE
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Dusan\desktop\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

***** [Registry] *****

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6000.17128

[OK] Registry is clean.

-\\ Mozilla Firefox v22.0 (sk)

File : C:\Documents and Settings\Dusan\Application Data\Mozilla\Firefox\Profiles\c844nadz.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\h9n1laz9.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\new family\Application Data\Mozilla\Firefox\Profiles\siqbch5f.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v28.0.1500.72

File : C:\Documents and Settings\Dusan\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\Family\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\new family\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [11113 octets] - [19/07/2013 21:52:39]
AdwCleaner[R2].txt - [11174 octets] - [19/07/2013 22:15:18]
AdwCleaner[R3].txt - [1552 octets] - [19/07/2013 22:37:04]
AdwCleaner[S1].txt - [11895 octets] - [19/07/2013 22:15:56]

########## EOF - C:\AdwCleaner[R3].txt - [1673 octets] ##########

......rsit pridam...

#8 Příspěvek od **Rudy** » 19 črc 2013 21:41

Já potřebuji RSIT: http://forum.viry.cz/viewtopic.php?f=24&t=130784 . Tohle je sken ADW.

airplane · #9 Příspěvek od **airplane** » 19 črc 2013 21:44

Logfile of random's system information tool 1.09 (written by random/random)
Run by Dusan at 2013-07-19 22:41:44
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (11%) free of 16 GB
Total RAM: 767 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:42:20, on 19.7.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17128)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\System32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\windows\System32\svchost.exe
C:\windows\system32\nvsvc32.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\windows\System32\svchost.exe
c:\fotowin\RTETPISv.exe
C:\windows\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\windows\system32\wuauclt.exe
C:\windows\Explorer.EXE
C:\windows\system32\RUNDLL32.EXE
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\windows\system32\wuauclt.exe
C:\Documents and Settings\Dusan\Desktop\adwcleaner.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Documents and Settings\Dusan\Desktop\RSIT.exe
C:\Program Files\trend micro\Dusan.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Anvshell] anvshell.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0759834062
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: RTE : TAPI (RTETAPIService) - Unknown owner - c:\fotowin\RTETPISv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 7540 bytes

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore1ce81a8ad8dc9c4.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-606747145-842925246-725345543-1003Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-606747145-842925246-725345543-1003UA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-606747145-842925246-725345543-1005Core1cd9b565fb43230.job
C:\windows\tasks\Microsoft Antimalware Scheduled Scan.job
C:\windows\tasks\RealUpgradeLogonTaskS-1-5-18.job
C:\windows\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-842925246-725345543-1003.job
C:\windows\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-842925246-725345543-1004.job
C:\windows\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-842925246-725345543-1005.job
C:\windows\tasks\RealUpgradeScheduledTaskS-1-5-18.job
C:\windows\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-842925246-725345543-1003.job
C:\windows\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-842925246-725345543-1004.job
C:\windows\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-842925246-725345543-1005.job
C:\windows\tasks\ReclaimerResumeInstall_Dusan.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Dusan\Application Data\Mozilla\Firefox\Profiles\c844nadz.default

prefs.js - "extensions.enabledItems" - "{ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.1, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, jqs@sun.com:1.0, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"{0153E448-190B-4987-BDE1-F256CADA672F}"=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npDivxPlayerPlugin.dll
nppdf32.dll
nppl3260.dll
nppl3260.xpt
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpplugin.dll
nsIDivxPlayerPlugin.xpt
QuickTimePlugin.class

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-09-13 426736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~2\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-12-16 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-06-26 192592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll [2012-12-16 1000984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-12-16 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-06-26 192592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Anvshell"=C:\windows\anvshell.exe [2003-05-29 348160]
"NvCplDaemon"=C:\windows\system32\NvCpl.dll [2008-05-16 13529088]
"nwiz"=nwiz.exe /install []
"AsioReg"=REGSVR32.EXE /S CTASIO.DLL []
"SBDrvDet"=C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe [2002-12-03 45056]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2005-04-05 94208]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-04-05 77824]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2005-04-05 114688]
"DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2002-01-20 35252]
"NvMediaCenter"=C:\windows\system32\NvMcTray.dll [2008-05-16 86016]
"CTSysVol"=C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe [2002-10-29 49152]
"CTDVDDet"=C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE [2002-09-30 45056]
"TkBellExe"=C:\program files\real\realplayer\update\realsched.exe [2012-09-13 296096]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Creative Detector"=C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe [2003-02-26 90112]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-08-02 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
C:\windows\system32\cthelper.exe [2003-04-10 28672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteCenter]
C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe [2002-11-21 135168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTEGPRS]
C:\Program Files\Common Files\RTE\RTEGPRS.exe [2004-09-28 2228224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Skype C2C Service"=2
"AdvancedSystemCareService6"=2
"!SASCORE"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2005-04-05 131072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\windows\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoInstrumentation"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ.exe"
"C:\Program Files\Google\Google Talk\googletalk.exe"="C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk"
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Documents and Settings\new family\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\new family\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Documents and Settings\Dusan\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\Dusan\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.MP42"=mpg4c32.dll
"VIDC.MPG4"=mpg4c32.dll
"MSVideo8"=VfWWDM32.dll
"msacm.ac3filter"=ac3filter.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.VP80"=vp8vfw.dll

======List of files/folders created in the last 1 month======

2013-07-19 22:37:04 ----A---- C:\AdwCleaner[R3].txt
2013-07-19 22:15:56 ----A---- C:\AdwCleaner[S1].txt
2013-07-19 22:15:18 ----A---- C:\AdwCleaner[R2].txt
2013-07-19 21:52:39 ----A---- C:\AdwCleaner[R1].txt
2013-07-19 20:20:17 ----D---- C:\Program Files\trend micro
2013-07-19 20:20:16 ----D---- C:\rsit
2013-07-19 01:02:50 ----SHD---- C:\RECYCLER
2013-07-19 00:56:28 ----D---- C:\windows\temp
2013-07-19 00:56:25 ----A---- C:\ComboFix.txt
2013-07-18 23:16:39 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2013-07-19 22:36:24 ----SD---- C:\windows\Tasks
2013-07-19 22:31:40 ----RD---- C:\Program Files
2013-07-19 22:23:15 ----D---- C:\windows\system32\CatRoot2
2013-07-19 19:02:26 ----D---- C:\WINDOWS
2013-07-19 00:56:27 ----D---- C:\Qoobox
2013-07-19 00:52:09 ----A---- C:\windows\system.ini
2013-07-19 00:48:37 ----D---- C:\windows\system32\drivers
2013-07-19 00:48:37 ----D---- C:\windows\system32
2013-07-19 00:48:37 ----D---- C:\windows\AppPatch
2013-07-19 00:48:35 ----D---- C:\Program Files\Common Files
2013-07-19 00:01:12 ----D---- C:\windows\Prefetch
2013-07-18 22:03:09 ----SHD---- C:\windows\Installer
2013-07-15 20:32:56 ----D---- C:\windows\system32\config
2013-07-13 23:16:55 ----A---- C:\windows\system32\FlashPlayerApp.exe
2013-06-27 22:25:46 ----D---- C:\windows\inf
2013-06-27 19:33:48 ----D---- C:\WinFast WorkArea
2013-06-27 18:59:05 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Daemon;Daemon; C:\windows\system32\DRIVERS\daemon.sys [2002-01-19 71968]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2013-01-20 195296]
R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\windows\System32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\windows\system32\DRIVERS\PxHelp20.sys [2010-03-31 44944]
R1 ANVIOCTL;ANVIOCTL; C:\windows\system32\DRIVERS\anvioctl.sys [2003-05-19 233280]
R1 asuskbnt;asuskbnt; C:\windows\system32\DRIVERS\asuskbnt.sys [2003-04-24 17150]
R1 intelppm;Intel Processor Driver; C:\windows\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\windows\System32\drivers\ws2ifsl.sys [2001-08-23 12032]
R2 irda;IrDA Protocol; C:\windows\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 PfModNT;PfModNT; \??\C:\windows\system32\drivers\PfModNT.sys []
R2 WF23880;WinFast TV2000/DV2000 WDM Video Capture.; C:\windows\system32\drivers\wf88vcap.sys [2004-10-18 208851]
R2 WF88XBAR;WinFast TV2000/DV2000 WDM Crossbar.; C:\windows\system32\drivers\WF88XBAR.sys [2005-03-03 10324]
R2 WFTUNE;WinFast TV2000/DV2000 WDM Tuner.; C:\windows\system32\drivers\WF88TUNE.sys [2004-10-18 34789]
R3 Arp1394;1394 ARP Client Protocol; C:\windows\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 cmuda;C-Media WDM Audio Interface; C:\windows\system32\drivers\cmuda.sys [2006-06-09 1373120]
R3 ctac32k;Creative AC3 Software Decoder; C:\windows\System32\drivers\ctac32k.sys [2003-03-25 134656]
R3 ctaud2k;Creative Audio Driver (WDM); C:\windows\system32\drivers\ctaud2k.sys [2003-04-11 502160]
R3 ctgame;Game Port; C:\windows\system32\DRIVERS\ctgame.sys [2002-12-30 12160]
R3 ctprxy2k;Creative Proxy Driver; C:\windows\System32\drivers\ctprxy2k.sys [2003-03-25 6144]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\windows\System32\drivers\ctsfm2k.sys [2003-03-25 135696]
R3 emupia;E-mu Plug-in Architecture Driver; C:\windows\System32\drivers\emupia2k.sys [2003-03-25 144736]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\windows\System32\drivers\ha10kx2k.sys [2003-04-03 850880]
R3 hap16v2k;Creative P16V HAL Driver; C:\windows\System32\drivers\hap16v2k.sys [2003-04-01 142752]
R3 ialm;ialm; C:\windows\system32\DRIVERS\ialmnt5.sys [2005-04-05 830684]
R3 NIC1394;1394 Net Driver; C:\windows\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\windows\System32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
R3 ossrv;Creative OS Services Driver; C:\windows\system32\drivers\ctoss2k.sys [2003-03-25 190176]
R3 Rasirda;WAN Miniport (IrDA); C:\windows\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\windows\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\windows\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S0 hhxyfpnb;hhxyfpnb; C:\windows\System32\drivers\gagcu.sys []
S1 MpKsle2170561;MpKsle2170561; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4C1F67CC-71C3-4577-9DFB-D2E14694752A}\MpKsle2170561.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Dusan\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
S3 hidusb;Microsoft HID Class Driver; C:\windows\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\windows\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\windows\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\windows\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 mouhid;Mouse HID Driver; C:\windows\System32\DRIVERS\mouhid.sys [2001-08-23 12160]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\windows\system32\DRIVERS\MSIRCOMM.sys [2008-04-13 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pcouffin;VSO Software pcouffin; C:\windows\System32\Drivers\pcouffin.sys [2009-09-13 47360]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\windows\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SLIP;BDA Slip De-Framer; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 STIrUsb;SigmaTel USB-IrDA Dongle; C:\windows\system32\DRIVERS\irstusb.sys [2001-08-17 26624]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;USB Audio Driver (WDM); C:\windows\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbbus;LGE Mobile Composite USB Device; C:\windows\system32\DRIVERS\lgusbbus.sys []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\windows\system32\DRIVERS\lgusbdiag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\windows\system32\DRIVERS\lgusbmodem.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 VMUVC;Vimicro Camera Service VMUVC; C:\windows\System32\Drivers\VMUVC.sys []
S3 vvftUVC;Vimicro Camera Filter Service VMUVC; C:\windows\system32\drivers\vvftUVC.sys []
S3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS []
S3 WSTCODEC;World Standard Teletext Codec; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
R2 Irmon;Infrared Monitor; C:\windows\system32\svchost.exe [2008-04-14 14336]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\windows\system32\nvsvc32.exe [2008-05-16 159812]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-04-14 14336]
R2 RTETAPIService;RTE : TAPI; c:\fotowin\RTETPISv.exe [2000-11-07 49152]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2000-06-26 53520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-01 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-12-22 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-13 257416]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-01 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-20 194032]
S3 hpqcxs08;hpqcxs08; C:\windows\system32\svchost.exe [2008-04-14 14336]
S3 idsvc;Windows CardSpace; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WinRM;Windows Remote Management (WS-Management); C:\windows\system32\svchost.exe [2008-04-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608]
S4 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [2013-01-15 465216]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-04-15 3289208]

-----------------EOF-----------------

#10 Příspěvek od **Rudy** » 19 črc 2013 22:07

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files\Google\GoogleToolbarNotifier
C:\Program Files\Google\Google Toolbar
C:\windows\tasks\GoogleUpdateTaskMachineCore1ce81a8ad8dc9c4.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-606747145-842925246-725345543-1003Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-606747145-842925246-725345543-1003UA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-606747145-842925246-725345543-1005Core1cd9b565fb43230.job
C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
C:\windows\System32\drivers\gagcu.sys

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"swg"=-

:services
hhxyfpnb
Skype C2C Service

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

airplane · #11 Příspěvek od **airplane** » 19 črc 2013 22:56

Logfile of random's system information tool 1.09 (written by random/random)
Run by Dusan at 2013-07-19 23:51:55
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (15%) free of 16 GB
Total RAM: 767 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:52:40, on 19.7.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17128)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\System32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\windows\System32\svchost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\windows\system32\nvsvc32.exe
C:\windows\System32\svchost.exe
c:\fotowin\RTETPISv.exe
C:\windows\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\windows\system32\wuauclt.exe
C:\windows\Explorer.EXE
C:\windows\system32\RUNDLL32.EXE
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\windows\system32\ctfmon.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Dusan\Desktop\RSIT.exe
C:\Program Files\trend micro\Dusan.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (file missing)
O4 - HKLM\..\Run: [Anvshell] anvshell.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0759834062
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: RTE : TAPI (RTETAPIService) - Unknown owner - c:\fotowin\RTETPISv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 7039 bytes

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\Microsoft Antimalware Scheduled Scan.job
C:\windows\tasks\RealUpgradeLogonTaskS-1-5-18.job
C:\windows\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-842925246-725345543-1003.job
C:\windows\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-842925246-725345543-1004.job
C:\windows\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-842925246-725345543-1005.job
C:\windows\tasks\RealUpgradeScheduledTaskS-1-5-18.job
C:\windows\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-842925246-725345543-1003.job
C:\windows\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-842925246-725345543-1004.job
C:\windows\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-842925246-725345543-1005.job
C:\windows\tasks\ReclaimerResumeInstall_Dusan.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Dusan\Application Data\Mozilla\Firefox\Profiles\c844nadz.default

prefs.js - "extensions.enabledItems" - "{ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.1, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, jqs@sun.com:1.0, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npDivxPlayerPlugin.dll
nppdf32.dll
nppl3260.dll
nppl3260.xpt
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpplugin.dll
nsIDivxPlayerPlugin.xpt
QuickTimePlugin.class

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~2\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-12-16 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-12-16 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Anvshell"=C:\windows\anvshell.exe [2003-05-29 348160]
"NvCplDaemon"=C:\windows\system32\NvCpl.dll [2008-05-16 13529088]
"nwiz"=nwiz.exe /install []
"AsioReg"=REGSVR32.EXE /S CTASIO.DLL []
"SBDrvDet"=C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe [2002-12-03 45056]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2005-04-05 94208]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-04-05 77824]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2005-04-05 114688]
"DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2002-01-20 35252]
"NvMediaCenter"=C:\windows\system32\NvMcTray.dll [2008-05-16 86016]
"CTSysVol"=C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe [2002-10-29 49152]
"CTDVDDet"=C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE [2002-09-30 45056]
"TkBellExe"=C:\program files\real\realplayer\update\realsched.exe [2012-09-13 296096]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Creative Detector"=C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe [2003-02-26 90112]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
C:\windows\system32\cthelper.exe [2003-04-10 28672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteCenter]
C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe [2002-11-21 135168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTEGPRS]
C:\Program Files\Common Files\RTE\RTEGPRS.exe [2004-09-28 2228224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Skype C2C Service"=2
"AdvancedSystemCareService6"=2
"!SASCORE"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2005-04-05 131072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\windows\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoInstrumentation"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ.exe"
"C:\Program Files\Google\Google Talk\googletalk.exe"="C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk"
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Documents and Settings\new family\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\new family\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Documents and Settings\Dusan\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\Dusan\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.MP42"=mpg4c32.dll
"VIDC.MPG4"=mpg4c32.dll
"MSVideo8"=VfWWDM32.dll
"msacm.ac3filter"=ac3filter.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.VP80"=vp8vfw.dll

======List of files/folders created in the last 1 month======

2013-07-19 23:43:51 ----D---- C:\_OTM
2013-07-19 22:37:04 ----A---- C:\AdwCleaner[R3].txt
2013-07-19 22:15:56 ----A---- C:\AdwCleaner[S1].txt
2013-07-19 22:15:18 ----A---- C:\AdwCleaner[R2].txt
2013-07-19 21:52:39 ----A---- C:\AdwCleaner[R1].txt
2013-07-19 20:20:17 ----D---- C:\Program Files\trend micro
2013-07-19 20:20:16 ----D---- C:\rsit
2013-07-19 01:02:50 ----SHD---- C:\RECYCLER
2013-07-19 00:56:28 ----D---- C:\windows\temp
2013-07-19 00:56:25 ----A---- C:\ComboFix.txt
2013-07-18 23:16:39 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2013-07-19 23:52:05 ----D---- C:\windows\Prefetch
2013-07-19 23:45:02 ----D---- C:\windows\system32\CatRoot2
2013-07-19 23:44:45 ----D---- C:\windows\system32
2013-07-19 23:43:53 ----SD---- C:\windows\Tasks
2013-07-19 23:43:53 ----D---- C:\Program Files\Google
2013-07-19 22:31:40 ----RD---- C:\Program Files
2013-07-19 19:02:26 ----D---- C:\WINDOWS
2013-07-19 00:56:27 ----D---- C:\Qoobox
2013-07-19 00:52:09 ----A---- C:\windows\system.ini
2013-07-19 00:48:37 ----D---- C:\windows\system32\drivers
2013-07-19 00:48:37 ----D---- C:\windows\AppPatch
2013-07-19 00:48:35 ----D---- C:\Program Files\Common Files
2013-07-18 22:03:09 ----SHD---- C:\windows\Installer
2013-07-15 20:32:56 ----D---- C:\windows\system32\config
2013-07-13 23:16:55 ----A---- C:\windows\system32\FlashPlayerApp.exe
2013-06-27 22:25:46 ----D---- C:\windows\inf
2013-06-27 19:33:48 ----D---- C:\WinFast WorkArea
2013-06-27 18:59:05 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Daemon;Daemon; C:\windows\system32\DRIVERS\daemon.sys [2002-01-19 71968]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2013-01-20 195296]
R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\windows\System32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\windows\system32\DRIVERS\PxHelp20.sys [2010-03-31 44944]
R1 ANVIOCTL;ANVIOCTL; C:\windows\system32\DRIVERS\anvioctl.sys [2003-05-19 233280]
R1 asuskbnt;asuskbnt; C:\windows\system32\DRIVERS\asuskbnt.sys [2003-04-24 17150]
R1 intelppm;Intel Processor Driver; C:\windows\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\windows\System32\drivers\ws2ifsl.sys [2001-08-23 12032]
R2 irda;IrDA Protocol; C:\windows\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 PfModNT;PfModNT; \??\C:\windows\system32\drivers\PfModNT.sys []
R2 WF23880;WinFast TV2000/DV2000 WDM Video Capture.; C:\windows\system32\drivers\wf88vcap.sys [2004-10-18 208851]
R2 WF88XBAR;WinFast TV2000/DV2000 WDM Crossbar.; C:\windows\system32\drivers\WF88XBAR.sys [2005-03-03 10324]
R2 WFTUNE;WinFast TV2000/DV2000 WDM Tuner.; C:\windows\system32\drivers\WF88TUNE.sys [2004-10-18 34789]
R3 Arp1394;1394 ARP Client Protocol; C:\windows\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 cmuda;C-Media WDM Audio Interface; C:\windows\system32\drivers\cmuda.sys [2006-06-09 1373120]
R3 ctac32k;Creative AC3 Software Decoder; C:\windows\System32\drivers\ctac32k.sys [2003-03-25 134656]
R3 ctaud2k;Creative Audio Driver (WDM); C:\windows\system32\drivers\ctaud2k.sys [2003-04-11 502160]
R3 ctgame;Game Port; C:\windows\system32\DRIVERS\ctgame.sys [2002-12-30 12160]
R3 ctprxy2k;Creative Proxy Driver; C:\windows\System32\drivers\ctprxy2k.sys [2003-03-25 6144]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\windows\System32\drivers\ctsfm2k.sys [2003-03-25 135696]
R3 emupia;E-mu Plug-in Architecture Driver; C:\windows\System32\drivers\emupia2k.sys [2003-03-25 144736]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\windows\System32\drivers\ha10kx2k.sys [2003-04-03 850880]
R3 hap16v2k;Creative P16V HAL Driver; C:\windows\System32\drivers\hap16v2k.sys [2003-04-01 142752]
R3 ialm;ialm; C:\windows\system32\DRIVERS\ialmnt5.sys [2005-04-05 830684]
R3 NIC1394;1394 Net Driver; C:\windows\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\windows\System32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
R3 ossrv;Creative OS Services Driver; C:\windows\system32\drivers\ctoss2k.sys [2003-03-25 190176]
R3 Rasirda;WAN Miniport (IrDA); C:\windows\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\windows\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\windows\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 MpKsle2170561;MpKsle2170561; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4C1F67CC-71C3-4577-9DFB-D2E14694752A}\MpKsle2170561.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Dusan\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
S3 hidusb;Microsoft HID Class Driver; C:\windows\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\windows\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\windows\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\windows\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 mouhid;Mouse HID Driver; C:\windows\System32\DRIVERS\mouhid.sys [2001-08-23 12160]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\windows\system32\DRIVERS\MSIRCOMM.sys [2008-04-13 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pcouffin;VSO Software pcouffin; C:\windows\System32\Drivers\pcouffin.sys [2009-09-13 47360]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\windows\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SLIP;BDA Slip De-Framer; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 STIrUsb;SigmaTel USB-IrDA Dongle; C:\windows\system32\DRIVERS\irstusb.sys [2001-08-17 26624]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;USB Audio Driver (WDM); C:\windows\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbbus;LGE Mobile Composite USB Device; C:\windows\system32\DRIVERS\lgusbbus.sys []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\windows\system32\DRIVERS\lgusbdiag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\windows\system32\DRIVERS\lgusbmodem.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 VMUVC;Vimicro Camera Service VMUVC; C:\windows\System32\Drivers\VMUVC.sys []
S3 vvftUVC;Vimicro Camera Filter Service VMUVC; C:\windows\system32\drivers\vvftUVC.sys []
S3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS []
S3 WSTCODEC;World Standard Teletext Codec; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
R2 Irmon;Infrared Monitor; C:\windows\system32\svchost.exe [2008-04-14 14336]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\windows\system32\nvsvc32.exe [2008-05-16 159812]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-04-14 14336]
R2 RTETAPIService;RTE : TAPI; c:\fotowin\RTETPISv.exe [2000-11-07 49152]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2000-06-26 53520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-01 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-12-22 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-13 257416]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-01 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-20 194032]
S3 hpqcxs08;hpqcxs08; C:\windows\system32\svchost.exe [2008-04-14 14336]
S3 idsvc;Windows CardSpace; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WinRM;Windows Remote Management (WS-Management); C:\windows\system32\svchost.exe [2008-04-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608]
S4 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [2013-01-15 465216]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#12 Příspěvek od **Rudy** » 20 črc 2013 10:08

Dvouklikem na soubor C:\Program Files\trend micro\Dusan.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (file missing)
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Doporučuji přesunout některá data na jiné úložiště, příp. odinstalovat nepoužívané programy. 2GB volného místa ny systémovém disku je opravdu málo.

airplane · #13 Příspěvek od **airplane** » 22 črc 2013 22:23

dakujem za spolupracu, je to lepsie...
aj ked by som uvital este vyssiu rychlost. skusim odinstalovat max co sa da...

airplane

#14 Příspěvek od **Rudy** » 23 črc 2013 17:14

OK. Dejte vědět. Po odinstalaci by bylo vhodné provést defragmentaci disku.

VIRY.CZ

pomalý pc xp

pomalý pc xp

Re: pomalý pc xp

Re: pomalý pc xp

Re: pomalý pc xp

Re: pomalý pc xp

Re: pomalý pc xp

Re: pomalý pc xp

Re: pomalý pc xp

Re: pomalý pc xp

Re: pomalý pc xp

Re: pomalý pc xp

Re: pomalý pc xp

Re: pomalý pc xp

Re: pomalý pc xp