Spomalený Notebook

Zpráva

Dedik · #1 Příspěvek od **Dedik** » 08 srp 2013 11:06

Zdravím,

pár dní dozadu, sa mi rapídne spomalil notebook. Spúšta sa asi 3x tak dlho, všetko mu nesmietrne trvá. Testoval som RAM aj HDD všetko prebehlo ok takže predpokladám, že hardware-om ti nie je. Taktiež som pred pár dňami nainštaloval (a po pár mnútach aj odinštaloval iLivid). Našiel som tu pár postov kde ste riešili problém s týmto softom ale užívateľ používal Win 7 (ja mám XP). Skúšal som Spybot, kontrolu pred štartom od Avastu a NOD ale všetko bez nejakého rozumného výsledku.

Prikladám log s RSIT a prosím o kontrolu:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Xerno at 2013-08-08 11:47:01
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 25 GB (32%) free of 76 GB
Total RAM: 1022 MB (24% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-10 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Xerno\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2010-03-16 149968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}]
FlashGetBHO - C:\Documents and Settings\Xerno\Data aplikací\FlashGetBHO\FlashGetBHO.dll [2012-01-06 149128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-10 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-12-15 761945]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2007-06-07 850704]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-06-11 53248]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-10-07 1461080]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-05-28 16132608]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
""= []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
""= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2013-05-08 642664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2013-05-08 44128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet 3]
C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe [2012-03-15 3090056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2011-04-14 421160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe [2013-04-19 1631144]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Post-it® Software Notes Lite.lnk - C:\Program Files\3M\PSNLite\PsnLite.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-03-09 126976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\KN_StrongDC\StrongDC.exe"="C:\Program Files\KN_StrongDC\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe:*:Enabled:AnsysWBU.exe"
"C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe"="C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe:*:Enabled:ActivePIMgrU.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe:*:Enabled:ReaderHostU.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe:*:Enabled:AWP tclsh.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe:*:Enabled:AWP wish.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe:*:Enabled:ReaderHostCAT5U.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe:*:Enabled:JobManagerService.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe:*:Enabled:JMAdmin.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe:*:Enabled:JMPassword.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe:*:Enabled:ScriptHostService.exe"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Disabled:Quiet Internet Pager"
"C:\Program Files\Maple 11\jre\bin\maple.exe"="C:\Program Files\Maple 11\jre\bin\maple.exe:*:Enabled:Maple 11"
"C:\Program Files\Maple 11\jre\bin\java.exe"="C:\Program Files\Maple 11\jre\bin\java.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\Program Files\MATLAB\R2007a\bin\win32\MATLAB.exe"="C:\Program Files\MATLAB\R2007a\bin\win32\MATLAB.exe:*:Enabled:MATLAB"
"C:\Program Files\Maple 12\jre\bin\maple.exe"="C:\Program Files\Maple 12\jre\bin\maple.exe:*:Enabled:Maple 12"
"C:\Program Files\Maple 12\jre\bin\java.exe"="C:\Program Files\Maple 12\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Huawei technologies\Mobile Connect\Mobile Connect.exe"="C:\Program Files\Huawei technologies\Mobile Connect\Mobile Connect.exe:*:Enabled:Mobile Connect"
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"
"C:\Program Files\FlashGet\FlashGet.exe"="C:\Program Files\FlashGet\FlashGet.exe:*:Enabled:Flashget"
"D:\Games\Warcraft III\War3.exe"="D:\Games\Warcraft III\War3.exe:*:Enabled:Warcraft III"
"C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi Client"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Dassault Systemes\B19\intel_a\code\bin\orbixd.exe"="C:\Program Files\Dassault Systemes\B19\intel_a\code\bin\orbixd.exe:*:Enabled:orbixd"
"C:\Program Files\Dassault Systemes\B19\intel_a\code\bin\CNEXT.exe"="C:\Program Files\Dassault Systemes\B19\intel_a\code\bin\CNEXT.exe:*:Enabled:CATIA"
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\UGS\NX 4.0\UGII\ugraf.exe"="C:\Program Files\UGS\NX 4.0\UGII\ugraf.exe:*:Enabled:NX Component"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\steamapps\common\terraria\TerrariaServer.exe"="C:\Program Files\Steam\steamapps\common\terraria\TerrariaServer.exe:*:Enabled:Terraria"
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
"C:\Program Files\VideoLAN\VLC3\vlc.exe"="C:\Program Files\VideoLAN\VLC3\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe:*:Enabled:AnsysWBU.exe"
"C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe"="C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe:*:Enabled:ActivePIMgrU.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe:*:Enabled:ReaderHostU.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe:*:Enabled:AWP tclsh.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe:*:Enabled:AWP wish.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe:*:Enabled:ReaderHostCAT5U.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe:*:Enabled:JobManagerService.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe:*:Enabled:JMAdmin.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe:*:Enabled:JMPassword.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe:*:Enabled:ScriptHostService.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{00d73ffc-d3e4-11dd-ad1b-001c26b55d49}]
shell\AutoRun\command - H:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{35ec175a-708a-11de-ae7e-001c26b55d49}]
shell\AutoRun\command - H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8caea1fa-b29a-11de-aefd-001c26b55d49}]
shell\AutoRun\command - H:\LaunchU3.exe -a

======File associations======

.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2013-08-08 11:47:04 ----D---- C:\Program Files\trend micro
2013-08-08 11:47:01 ----D---- C:\rsit
2013-08-07 13:15:01 ----D---- C:\Program Files\Google
2013-08-07 13:14:30 ----A---- C:\WINDOWS\system32\aswBoot.exe
2013-08-07 13:11:09 ----SHD---- C:\Config.Msi
2013-08-07 13:05:55 ----D---- C:\Program Files\AVAST Software
2013-08-07 13:05:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-08-07 10:03:01 ----D---- C:\Program Files\Western Digital Corporation
2013-08-04 14:46:13 ----D---- C:\Oblivion (2013) [1080p]
2013-07-13 12:58:22 ----D---- C:\Program Files\Common Files\Skype
2013-07-13 08:38:48 ----D---- C:\WINDOWS\system32\MRT

======List of files/folders modified in the last 1 months======

2013-08-08 11:47:05 ----D---- C:\WINDOWS\Temp
2013-08-08 11:47:04 ----RD---- C:\Program Files
2013-08-07 21:46:41 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-08-07 13:20:29 ----SHD---- C:\WINDOWS\Installer
2013-08-07 13:15:15 ----SD---- C:\WINDOWS\Tasks
2013-08-07 13:14:42 ----D---- C:\WINDOWS\system32\drivers
2013-08-07 13:14:30 ----D---- C:\WINDOWS\system32
2013-08-07 13:11:12 ----D---- C:\WINDOWS\WinSxS
2013-08-07 13:10:10 ----D---- C:\WINDOWS
2013-08-07 09:01:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2013-08-07 09:00:58 ----D---- C:\WINDOWS\Prefetch
2013-08-07 04:52:19 ----D---- C:\WINDOWS\system32\oodag
2013-08-07 04:40:00 ----D---- C:\WINDOWS\system32\config
2013-08-06 23:51:22 ----D---- C:\WINDOWS\system32\LogFiles
2013-08-06 23:45:41 ----D---- C:\Documents and Settings\Xerno\Data aplikací\BITS
2013-08-06 22:35:39 ----D---- C:\Program Files\Mozilla Firefox
2013-08-06 19:54:37 ----D---- C:\Documents and Settings\Xerno\Data aplikací\Winamp
2013-08-06 19:54:35 ----D---- C:\WINDOWS\Debug
2013-08-06 19:53:04 ----D---- C:\Program Files\CCleaner
2013-07-25 05:00:20 ----HD---- C:\P
2013-07-13 15:51:44 ----D---- C:\Documents and Settings\Xerno\Data aplikací\Skype
2013-07-13 12:58:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-07-13 12:58:23 ----RD---- C:\Program Files\Skype
2013-07-13 12:58:22 ----D---- C:\Program Files\Common Files
2013-07-11 20:08:07 ----RSD---- C:\WINDOWS\assembly
2013-07-11 20:08:07 ----D---- C:\WINDOWS\Microsoft.NET
2013-07-11 19:36:17 ----D---- C:\Program Files\Microsoft Silverlight
2013-07-10 22:57:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-07-10 22:55:33 ----HD---- C:\WINDOWS\inf
2013-07-10 22:52:44 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-07-10 22:19:34 ----D---- C:\WINDOWS\system32\XPSViewer
2013-07-10 18:34:08 ----D---- C:\WINDOWS\system32\CatRoot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2013-05-09 49760]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-05-09 765736]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-05-09 368944]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2009-10-07 54184]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-10-07 35168]
R1 LUMDriver;LUMDriver; \??\C:\WINDOWS\system32\drivers\LUMDriver.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-10-07 40824]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2001-06-22 73728]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-05-02 546976]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-03-09 2868736]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2007-03-23 539072]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2007-03-23 37424]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-03-31 876384]
R3 Cam5607;Acer Crystal Eye webcam; C:\WINDOWS\System32\Drivers\BisonC07.sys [2007-05-03 767664]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2007-06-07 17408]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-30 4424192]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-13 28672]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-02 5888]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-12-15 191936]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2007-04-17 255232]
S2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys []
S3 agtnrcxr;agtnrcxr; C:\WINDOWS\system32\drivers\agtnrcxr.sys []
S3 aqobku0r;aqobku0r; C:\WINDOWS\system32\drivers\aqobku0r.sys []
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2007-03-23 149123]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2007-03-31 55352]
S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2007-03-23 37280]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-03-23 67960]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2011-03-18 61704]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2011-03-18 73096]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-10-25 25280]
S3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys []
S3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2008-04-13 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS [2006-06-09 6909]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbser;USB RS-232 Emulation Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2009-10-07 94992]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys []
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys []
S3 WinDriver6;WinDriver6; C:\WINDOWS\system32\drivers\windrvr6.sys [2010-01-17 196064]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ANSYS FLEXlm license manager;ANSYS FLEXlm license manager; C:\PROGRA~1\ANSYSI~1\SHARED~1\LICENS~1\Intel\lmgrd.exe [2006-03-24 1294336]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-03-09 520192]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-04-01 273256]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-10-07 472280]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-03-10 170912]
R2 JobManagerService110;Ansys JobManager Service V11; C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe [2007-01-16 20480]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT; C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe [2002-12-17 7520337]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2008-11-03 1332480]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Oz128 Driver\o2flash.exe [2007-02-12 65536]
R2 ScriptHostService110;Ansys ScriptHost Service V11; C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe [2007-01-16 20480]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 Unigraphics License Server (uglmd);Unigraphics License Server (uglmd); C:\Program Files\UGS\License Servers\UGNXFLEXlm\lmgrd.exe [2005-10-27 962560]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-07 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12 256904]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-11-26 79360]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-10-07 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-06-28 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-07 116648]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-04-14 820520]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-06-25 117144]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT; C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE [2002-12-17 311872]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-18 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 08 srp 2013 16:58

Zdravím!
V PC vidím Avast a zároveň Spybot. Doporučil bych Spybot odinstalovat, může být v konflikte s antispywrem Avastu Jinak spusťte tuto utilitu:

Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte na Search (hledat)
Proběhne skenováni a pak se objeví log, který sem vložte.

Dedik · #3 Příspěvek od **Dedik** » 08 srp 2013 23:49

Tu je log z adwcleaner-u. Btw. Avast som stiahol len kvôli kontrole pred štartom, inak používam NOD a Spybot (alebo by ste mi odporučil inú kombináciu?)

# AdwCleaner v2.305 - Log vytvooen 09/08/2013 v 00:41:10
# Aktualizováno 11/07/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : Xerno - A02-0334A
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\Xerno\Plocha\adwcleaner.exe
# Volba [Prohledat]

***** [Služby] *****

***** [Soubory / Složky] *****

Složka Nalezeno : C:\Documents and Settings\Xerno\Data aplikací\Mozilla\Firefox\Profiles\b5jjvlja.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
Soubor Nalezeno : C:\Documents and Settings\Xerno\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll

***** [Registry] *****

Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
Klíe Nalezeno : HKCU\Software\ilivid
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{116BA71C-8187-4F15-9A1F-C9D6289155D1}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Klíe Nalezeno : HKCU\Software\Softonic
Klíe Nalezeno : HKCU\Software\YahooPartnerToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{116BA71C-8187-4F15-9A1F-C9D6289155D1}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Klíe Nalezeno : HKLM\SOFTWARE\Software
Klíe Nalezeno : HKU\S-1-5-21-436374069-1637723038-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v6.0.2900.5512

[HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.qip.ru/ie
[HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.qip.ru/ie

-\\ Mozilla Firefox v22.0 (cs)

Soubor : C:\Documents and Settings\Xerno\Data aplikací\Mozilla\Firefox\Profiles\b5jjvlja.default\prefs.js

Nalezeno : user_pref("browser.search.defaultenginename", "QIP Search");
Nalezeno : user_pref("keyword.URL", "hxxp://search.qip.ru/search?from=FF&query=");

*************************

AdwCleaner[R1].txt - [3812 octets] - [09/08/2013 00:39:54]
AdwCleaner[R2].txt - [3743 octets] - [09/08/2013 00:41:10]

########## EOF - C:\AdwCleaner[R2].txt - [3803 octets] ##########

#4 Příspěvek od **Rudy** » 09 srp 2013 17:21

Spusťte znovu ADWCleaner a klikněte na >Delete< (smazat). Vložte nový log.

Dedik · #5 Příspěvek od **Dedik** » 09 srp 2013 17:46

# AdwCleaner v2.305 - Log vytvooen 09/08/2013 v 18:24:09
# Aktualizováno 11/07/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : Xerno - A02-0334A
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\Xerno\Plocha\adwcleaner.exe
# Volba [Vymazat]

***** [Služby] *****

***** [Soubory / Složky] *****

Složka Vymazáno : C:\Documents and Settings\Xerno\Data aplikací\Mozilla\Firefox\Profiles\b5jjvlja.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
Soubor Vymazáno : C:\Documents and Settings\Xerno\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll

***** [Registry] *****

Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
Klíe Vymazáno : HKCU\Software\ilivid
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{116BA71C-8187-4F15-9A1F-C9D6289155D1}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Klíe Vymazáno : HKCU\Software\Softonic
Klíe Vymazáno : HKCU\Software\YahooPartnerToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{116BA71C-8187-4F15-9A1F-C9D6289155D1}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Klíe Vymazáno : HKLM\SOFTWARE\Software

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v6.0.2900.5512

Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.qip.ru --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://qip.ru --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.qip.ru --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.qip.ru/ie --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.qip.ru/ie --> hxxp://www.google.com

-\\ Mozilla Firefox v22.0 (cs)

Soubor : C:\Documents and Settings\Xerno\Data aplikací\Mozilla\Firefox\Profiles\b5jjvlja.default\prefs.js

Vymazáno : user_pref("browser.search.defaultenginename", "QIP Search");
Vymazáno : user_pref("keyword.URL", "hxxp://search.qip.ru/search?from=FF&query=");

*************************

AdwCleaner[R1].txt - [3812 octets] - [09/08/2013 00:39:54]
AdwCleaner[R2].txt - [3872 octets] - [09/08/2013 00:41:10]
AdwCleaner[S1].txt - [338 octets] - [09/08/2013 18:23:50]
AdwCleaner[S2].txt - [3890 octets] - [09/08/2013 18:24:09]

########## EOF - C:\AdwCleaner[S2].txt - [3950 octets] ##########

#6 Příspěvek od **Rudy** » 09 srp 2013 17:53

Dejte nový log RSIT.

Dedik · #7 Příspěvek od **Dedik** » 09 srp 2013 18:03

Logfile of random's system information tool 1.06 (written by random/random)
Run by Xerno at 2013-08-09 19:02:27
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 25 GB (32%) free of 76 GB
Total RAM: 1022 MB (59% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-10 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}]
FlashGetBHO - C:\Documents and Settings\Xerno\Data aplikací\FlashGetBHO\FlashGetBHO.dll [2012-01-06 149128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-10 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-12-15 761945]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2007-06-07 850704]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-06-11 53248]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-10-07 1461080]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-05-28 16132608]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
""= []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
""= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2013-05-08 642664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2013-05-08 44128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet 3]
C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe [2012-03-15 3090056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2011-04-14 421160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe [2013-04-19 1631144]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Post-it® Software Notes Lite.lnk - C:\Program Files\3M\PSNLite\PsnLite.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-03-09 126976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\KN_StrongDC\StrongDC.exe"="C:\Program Files\KN_StrongDC\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe:*:Enabled:AnsysWBU.exe"
"C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe"="C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe:*:Enabled:ActivePIMgrU.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe:*:Enabled:ReaderHostU.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe:*:Enabled:AWP tclsh.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe:*:Enabled:AWP wish.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe:*:Enabled:ReaderHostCAT5U.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe:*:Enabled:JobManagerService.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe:*:Enabled:JMAdmin.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe:*:Enabled:JMPassword.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe:*:Enabled:ScriptHostService.exe"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Disabled:Quiet Internet Pager"
"C:\Program Files\Maple 11\jre\bin\maple.exe"="C:\Program Files\Maple 11\jre\bin\maple.exe:*:Enabled:Maple 11"
"C:\Program Files\Maple 11\jre\bin\java.exe"="C:\Program Files\Maple 11\jre\bin\java.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\Program Files\MATLAB\R2007a\bin\win32\MATLAB.exe"="C:\Program Files\MATLAB\R2007a\bin\win32\MATLAB.exe:*:Enabled:MATLAB"
"C:\Program Files\Maple 12\jre\bin\maple.exe"="C:\Program Files\Maple 12\jre\bin\maple.exe:*:Enabled:Maple 12"
"C:\Program Files\Maple 12\jre\bin\java.exe"="C:\Program Files\Maple 12\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Huawei technologies\Mobile Connect\Mobile Connect.exe"="C:\Program Files\Huawei technologies\Mobile Connect\Mobile Connect.exe:*:Enabled:Mobile Connect"
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"
"C:\Program Files\FlashGet\FlashGet.exe"="C:\Program Files\FlashGet\FlashGet.exe:*:Enabled:Flashget"
"D:\Games\Warcraft III\War3.exe"="D:\Games\Warcraft III\War3.exe:*:Enabled:Warcraft III"
"C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi Client"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Dassault Systemes\B19\intel_a\code\bin\orbixd.exe"="C:\Program Files\Dassault Systemes\B19\intel_a\code\bin\orbixd.exe:*:Enabled:orbixd"
"C:\Program Files\Dassault Systemes\B19\intel_a\code\bin\CNEXT.exe"="C:\Program Files\Dassault Systemes\B19\intel_a\code\bin\CNEXT.exe:*:Enabled:CATIA"
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\UGS\NX 4.0\UGII\ugraf.exe"="C:\Program Files\UGS\NX 4.0\UGII\ugraf.exe:*:Enabled:NX Component"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\steamapps\common\terraria\TerrariaServer.exe"="C:\Program Files\Steam\steamapps\common\terraria\TerrariaServer.exe:*:Enabled:Terraria"
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
"C:\Program Files\VideoLAN\VLC3\vlc.exe"="C:\Program Files\VideoLAN\VLC3\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe:*:Enabled:AnsysWBU.exe"
"C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe"="C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe:*:Enabled:ActivePIMgrU.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe:*:Enabled:ReaderHostU.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe:*:Enabled:AWP tclsh.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe:*:Enabled:AWP wish.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe:*:Enabled:ReaderHostCAT5U.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe:*:Enabled:JobManagerService.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe:*:Enabled:JMAdmin.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe:*:Enabled:JMPassword.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe:*:Enabled:ScriptHostService.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{00d73ffc-d3e4-11dd-ad1b-001c26b55d49}]
shell\AutoRun\command - H:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{35ec175a-708a-11de-ae7e-001c26b55d49}]
shell\AutoRun\command - H:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8caea1fa-b29a-11de-aefd-001c26b55d49}]
shell\AutoRun\command - H:\LaunchU3.exe -a

======File associations======

.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2013-08-09 18:24:09 ----A---- C:\AdwCleaner[S2].txt
2013-08-09 18:23:50 ----A---- C:\AdwCleaner[S1].txt
2013-08-09 00:41:10 ----A---- C:\AdwCleaner[R2].txt
2013-08-09 00:39:54 ----A---- C:\AdwCleaner[R1].txt
2013-08-08 11:47:04 ----D---- C:\Program Files\trend micro
2013-08-08 11:47:01 ----D---- C:\rsit
2013-08-07 13:15:01 ----D---- C:\Program Files\Google
2013-08-07 13:14:30 ----A---- C:\WINDOWS\system32\aswBoot.exe
2013-08-07 13:05:55 ----D---- C:\Program Files\AVAST Software
2013-08-07 13:05:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-08-07 10:03:01 ----D---- C:\Program Files\Western Digital Corporation
2013-08-04 14:46:13 ----D---- C:\Oblivion (2013) [1080p]
2013-07-13 12:58:22 ----D---- C:\Program Files\Common Files\Skype
2013-07-13 08:38:48 ----D---- C:\WINDOWS\system32\MRT

======List of files/folders modified in the last 1 months======

2013-08-09 19:02:41 ----D---- C:\WINDOWS\Temp
2013-08-09 18:33:01 ----D---- C:\WINDOWS\Prefetch
2013-08-09 18:26:05 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-08-08 12:25:33 ----SHD---- C:\WINDOWS\Installer
2013-08-08 12:20:42 ----RD---- C:\Program Files
2013-08-08 11:59:41 ----D---- C:\WINDOWS\system32\drivers
2013-08-07 13:15:15 ----SD---- C:\WINDOWS\Tasks
2013-08-07 13:14:30 ----D---- C:\WINDOWS\system32
2013-08-07 13:11:12 ----D---- C:\WINDOWS\WinSxS
2013-08-07 13:10:10 ----D---- C:\WINDOWS
2013-08-07 09:01:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2013-08-07 04:52:19 ----D---- C:\WINDOWS\system32\oodag
2013-08-07 04:40:00 ----D---- C:\WINDOWS\system32\config
2013-08-06 23:51:22 ----D---- C:\WINDOWS\system32\LogFiles
2013-08-06 23:45:41 ----D---- C:\Documents and Settings\Xerno\Data aplikací\BITS
2013-08-06 22:35:39 ----D---- C:\Program Files\Mozilla Firefox
2013-08-06 19:54:37 ----D---- C:\Documents and Settings\Xerno\Data aplikací\Winamp
2013-08-06 19:54:35 ----D---- C:\WINDOWS\Debug
2013-08-06 19:53:04 ----D---- C:\Program Files\CCleaner
2013-07-25 05:00:20 ----HD---- C:\P
2013-07-13 15:51:44 ----D---- C:\Documents and Settings\Xerno\Data aplikací\Skype
2013-07-13 12:58:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-07-13 12:58:23 ----RD---- C:\Program Files\Skype
2013-07-13 12:58:22 ----D---- C:\Program Files\Common Files
2013-07-11 20:08:07 ----RSD---- C:\WINDOWS\assembly
2013-07-11 20:08:07 ----D---- C:\WINDOWS\Microsoft.NET
2013-07-11 19:36:17 ----D---- C:\Program Files\Microsoft Silverlight
2013-07-10 22:57:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-07-10 22:55:33 ----HD---- C:\WINDOWS\inf
2013-07-10 22:52:44 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-07-10 22:19:34 ----D---- C:\WINDOWS\system32\XPSViewer
2013-07-10 18:34:08 ----D---- C:\WINDOWS\system32\CatRoot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2013-05-09 49760]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-08-08 770344]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-08-08 369584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2009-10-07 54184]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-10-07 35168]
R1 LUMDriver;LUMDriver; \??\C:\WINDOWS\system32\drivers\LUMDriver.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-10-07 40824]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2001-06-22 73728]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-05-02 546976]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-03-09 2868736]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2007-03-23 539072]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2007-03-23 37424]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-03-31 876384]
R3 Cam5607;Acer Crystal Eye webcam; C:\WINDOWS\System32\Drivers\BisonC07.sys [2007-05-03 767664]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2007-06-07 17408]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-30 4424192]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-13 28672]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-02 5888]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-12-15 191936]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2007-04-17 255232]
S2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys []
S3 a455klmx;a455klmx; C:\WINDOWS\system32\drivers\a455klmx.sys []
S3 aeycxt15;aeycxt15; C:\WINDOWS\system32\drivers\aeycxt15.sys []
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2007-03-23 149123]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2007-03-31 55352]
S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2007-03-23 37280]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-03-23 67960]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2011-03-18 61704]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2011-03-18 73096]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-10-25 25280]
S3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys []
S3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2008-04-13 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS [2006-06-09 6909]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbser;USB RS-232 Emulation Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2009-10-07 94992]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys []
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys []
S3 WinDriver6;WinDriver6; C:\WINDOWS\system32\drivers\windrvr6.sys [2010-01-17 196064]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ANSYS FLEXlm license manager;ANSYS FLEXlm license manager; C:\PROGRA~1\ANSYSI~1\SHARED~1\LICENS~1\Intel\lmgrd.exe [2006-03-24 1294336]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-03-09 520192]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-04-01 273256]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-10-07 472280]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-03-10 170912]
R2 JobManagerService110;Ansys JobManager Service V11; C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe [2007-01-16 20480]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT; C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe [2002-12-17 7520337]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2008-11-03 1332480]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Oz128 Driver\o2flash.exe [2007-02-12 65536]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 Unigraphics License Server (uglmd);Unigraphics License Server (uglmd); C:\Program Files\UGS\License Servers\UGNXFLEXlm\lmgrd.exe [2005-10-27 962560]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-07 116648]
S2 ScriptHostService110;Ansys ScriptHost Service V11; C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe [2007-01-16 20480]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12 256904]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-11-26 79360]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-10-07 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-06-28 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-07 116648]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-04-14 820520]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-06-25 117144]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT; C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE [2002-12-17 311872]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-18 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#8 Příspěvek od **Rudy** » 09 srp 2013 18:43

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
H:\LaunchU3.exe
H:\AutoRun.exe

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{00d73ffc-d3e4-11dd-ad1b-001c26b55d49}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{35ec175a-708a-11de-ae7e-001c26b55d49}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8caea1fa-b29a-11de-aefd-001c26b55d49}]

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

Dedik · #9 Příspěvek od **Dedik** » 10 srp 2013 00:05

Logfile of random's system information tool 1.06 (written by random/random)
Run by Xerno at 2013-08-10 01:02:28
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 25 GB (33%) free of 76 GB
Total RAM: 1022 MB (19% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-10 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}]
FlashGetBHO - C:\Documents and Settings\Xerno\Data aplikací\FlashGetBHO\FlashGetBHO.dll [2012-01-06 149128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-10 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-12-15 761945]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2007-06-07 850704]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-06-11 53248]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-10-07 1461080]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-05-28 16132608]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
""= []
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
""= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2013-05-08 642664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2013-05-08 44128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet 3]
C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe [2012-03-15 3090056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2011-04-14 421160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe [2013-04-19 1631144]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Post-it® Software Notes Lite.lnk - C:\Program Files\3M\PSNLite\PsnLite.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-03-09 126976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\KN_StrongDC\StrongDC.exe"="C:\Program Files\KN_StrongDC\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe:*:Enabled:AnsysWBU.exe"
"C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe"="C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe:*:Enabled:ActivePIMgrU.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe:*:Enabled:ReaderHostU.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe:*:Enabled:AWP tclsh.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe:*:Enabled:AWP wish.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe:*:Enabled:ReaderHostCAT5U.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe:*:Enabled:JobManagerService.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe:*:Enabled:JMAdmin.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe:*:Enabled:JMPassword.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe:*:Enabled:ScriptHostService.exe"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Disabled:Quiet Internet Pager"
"C:\Program Files\Maple 11\jre\bin\maple.exe"="C:\Program Files\Maple 11\jre\bin\maple.exe:*:Enabled:Maple 11"
"C:\Program Files\Maple 11\jre\bin\java.exe"="C:\Program Files\Maple 11\jre\bin\java.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\Program Files\MATLAB\R2007a\bin\win32\MATLAB.exe"="C:\Program Files\MATLAB\R2007a\bin\win32\MATLAB.exe:*:Enabled:MATLAB"
"C:\Program Files\Maple 12\jre\bin\maple.exe"="C:\Program Files\Maple 12\jre\bin\maple.exe:*:Enabled:Maple 12"
"C:\Program Files\Maple 12\jre\bin\java.exe"="C:\Program Files\Maple 12\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Huawei technologies\Mobile Connect\Mobile Connect.exe"="C:\Program Files\Huawei technologies\Mobile Connect\Mobile Connect.exe:*:Enabled:Mobile Connect"
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"
"C:\Program Files\FlashGet\FlashGet.exe"="C:\Program Files\FlashGet\FlashGet.exe:*:Enabled:Flashget"
"D:\Games\Warcraft III\War3.exe"="D:\Games\Warcraft III\War3.exe:*:Enabled:Warcraft III"
"C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi Client"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Dassault Systemes\B19\intel_a\code\bin\orbixd.exe"="C:\Program Files\Dassault Systemes\B19\intel_a\code\bin\orbixd.exe:*:Enabled:orbixd"
"C:\Program Files\Dassault Systemes\B19\intel_a\code\bin\CNEXT.exe"="C:\Program Files\Dassault Systemes\B19\intel_a\code\bin\CNEXT.exe:*:Enabled:CATIA"
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\UGS\NX 4.0\UGII\ugraf.exe"="C:\Program Files\UGS\NX 4.0\UGII\ugraf.exe:*:Enabled:NX Component"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\steamapps\common\terraria\TerrariaServer.exe"="C:\Program Files\Steam\steamapps\common\terraria\TerrariaServer.exe:*:Enabled:Terraria"
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
"C:\Program Files\VideoLAN\VLC3\vlc.exe"="C:\Program Files\VideoLAN\VLC3\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CommonFiles\intel\AnsysWBU.exe:*:Enabled:AnsysWBU.exe"
"C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe"="C:\Program Files\ANSYS Inc\v110\ANSYS\bin\intel\ANSYS.exe:*:Enabled:ANSYS.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ActivePIMgrU.exe:*:Enabled:ActivePIMgrU.exe"
"C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe"="C:\Program Files\ANSYS Inc\v110\AISOL\CAD Integration\intel\ReaderHostU.exe:*:Enabled:ReaderHostU.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\tclsh.exe:*:Enabled:AWP tclsh.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\TCL\bin\intel\wish.exe:*:Enabled:AWP wish.exe"
"C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe"="C:\Program Files\ANSYS Inc\v110\CommonFiles\CATIAV5\intel\code\bin\ReaderHostCAT5U.exe:*:Enabled:ReaderHostCAT5U.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe:*:Enabled:JobManagerService.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMAdmin.exe:*:Enabled:JMAdmin.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\JMPassword.exe:*:Enabled:JMPassword.exe"
"C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe"="C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe:*:Enabled:ScriptHostService.exe"

======File associations======

.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2013-08-10 00:35:05 ----D---- C:\_OTM
2013-08-09 18:24:09 ----A---- C:\AdwCleaner[S2].txt
2013-08-09 18:23:50 ----A---- C:\AdwCleaner[S1].txt
2013-08-09 00:41:10 ----A---- C:\AdwCleaner[R2].txt
2013-08-09 00:39:54 ----A---- C:\AdwCleaner[R1].txt
2013-08-08 11:47:04 ----D---- C:\Program Files\trend micro
2013-08-08 11:47:01 ----D---- C:\rsit
2013-08-07 13:15:01 ----D---- C:\Program Files\Google
2013-08-07 13:14:30 ----A---- C:\WINDOWS\system32\aswBoot.exe
2013-08-07 13:05:55 ----D---- C:\Program Files\AVAST Software
2013-08-07 13:05:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-08-07 10:03:01 ----D---- C:\Program Files\Western Digital Corporation
2013-08-04 14:46:13 ----D---- C:\Oblivion (2013) [1080p]
2013-07-13 12:58:22 ----D---- C:\Program Files\Common Files\Skype
2013-07-13 08:38:48 ----D---- C:\WINDOWS\system32\MRT

======List of files/folders modified in the last 1 months======

2013-08-10 01:03:11 ----D---- C:\WINDOWS\Temp
2013-08-10 00:45:37 ----D---- C:\WINDOWS\Prefetch
2013-08-10 00:37:41 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-08-10 00:36:32 ----D---- C:\WINDOWS\system32
2013-08-10 00:35:22 ----SD---- C:\WINDOWS\Tasks
2013-08-08 12:25:33 ----SHD---- C:\WINDOWS\Installer
2013-08-08 12:20:42 ----RD---- C:\Program Files
2013-08-08 11:59:41 ----D---- C:\WINDOWS\system32\drivers
2013-08-07 13:11:12 ----D---- C:\WINDOWS\WinSxS
2013-08-07 13:10:10 ----D---- C:\WINDOWS
2013-08-07 09:01:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2013-08-07 04:52:19 ----D---- C:\WINDOWS\system32\oodag
2013-08-07 04:40:00 ----D---- C:\WINDOWS\system32\config
2013-08-06 23:51:22 ----D---- C:\WINDOWS\system32\LogFiles
2013-08-06 23:45:41 ----D---- C:\Documents and Settings\Xerno\Data aplikací\BITS
2013-08-06 22:35:39 ----D---- C:\Program Files\Mozilla Firefox
2013-08-06 19:54:37 ----D---- C:\Documents and Settings\Xerno\Data aplikací\Winamp
2013-08-06 19:54:35 ----D---- C:\WINDOWS\Debug
2013-08-06 19:53:04 ----D---- C:\Program Files\CCleaner
2013-07-25 05:00:20 ----HD---- C:\P
2013-07-13 15:51:44 ----D---- C:\Documents and Settings\Xerno\Data aplikací\Skype
2013-07-13 12:58:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-07-13 12:58:23 ----RD---- C:\Program Files\Skype
2013-07-13 12:58:22 ----D---- C:\Program Files\Common Files
2013-07-11 20:08:07 ----RSD---- C:\WINDOWS\assembly
2013-07-11 20:08:07 ----D---- C:\WINDOWS\Microsoft.NET
2013-07-11 19:36:17 ----D---- C:\Program Files\Microsoft Silverlight

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2013-05-09 49760]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-08-08 770344]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-08-08 369584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2009-10-07 54184]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-10-07 35168]
R1 LUMDriver;LUMDriver; \??\C:\WINDOWS\system32\drivers\LUMDriver.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-10-07 40824]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2001-06-22 73728]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-05-02 546976]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-03-09 2868736]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2007-03-23 539072]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2007-03-23 37424]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-03-31 876384]
R3 Cam5607;Acer Crystal Eye webcam; C:\WINDOWS\System32\Drivers\BisonC07.sys [2007-05-03 767664]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2007-06-07 17408]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-30 4424192]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-13 28672]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-02 5888]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-12-15 191936]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2007-04-17 255232]
S2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys []
S3 a1pdkq8x;a1pdkq8x; C:\WINDOWS\system32\drivers\a1pdkq8x.sys []
S3 aush3735;aush3735; C:\WINDOWS\system32\drivers\aush3735.sys []
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2007-03-23 149123]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2007-03-31 55352]
S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2007-03-23 37280]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-03-23 67960]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2011-03-18 61704]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2011-03-18 73096]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-10-25 25280]
S3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys []
S3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2008-04-13 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS [2006-06-09 6909]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbser;USB RS-232 Emulation Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2009-10-07 94992]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys []
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys []
S3 WinDriver6;WinDriver6; C:\WINDOWS\system32\drivers\windrvr6.sys [2010-01-17 196064]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ANSYS FLEXlm license manager;ANSYS FLEXlm license manager; C:\PROGRA~1\ANSYSI~1\SHARED~1\LICENS~1\Intel\lmgrd.exe [2006-03-24 1294336]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-03-09 520192]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-04-01 273256]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-10-07 472280]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-03-10 170912]
R2 JobManagerService110;Ansys JobManager Service V11; C:\Program Files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe [2007-01-16 20480]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT; C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe [2002-12-17 7520337]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2008-11-03 1332480]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Oz128 Driver\o2flash.exe [2007-02-12 65536]
R2 ScriptHostService110;Ansys ScriptHost Service V11; C:\Program Files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe [2007-01-16 20480]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 Unigraphics License Server (uglmd);Unigraphics License Server (uglmd); C:\Program Files\UGS\License Servers\UGNXFLEXlm\lmgrd.exe [2005-10-27 962560]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-07 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12 256904]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-11-26 79360]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-10-07 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-06-28 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-07 116648]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-04-14 820520]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-06-25 117144]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT; C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE [2002-12-17 311872]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-18 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#10 Příspěvek od **Rudy** » 10 srp 2013 09:54

Log je již OK. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?

Dedik · #11 Příspěvek od **Dedik** » 10 srp 2013 11:56

Ani po reštarte žiadna zmena

#12 Příspěvek od **Rudy** » 10 srp 2013 12:25

Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

Dedik · #13 Příspěvek od **Dedik** » 10 srp 2013 22:12

Tu je log z Combofix. Dokopy aj s konzolou obnovy to trvalo asi hodinu. Comp sa nereštartoval ani raz.

ComboFix 13-08-09.02 - Xerno 10.08.2013 22:14:42.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1022.507 [GMT 2:00]
Spuštěný z: c:\documents and settings\Xerno\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\QMDispatch.dll
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\WinIo.sys
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-07-10 do 2013-08-10 )))))))))))))))))))))))))))))))
.
.
2013-08-08 09:47 . 2013-08-09 23:53 -------- d-----w- c:\program files\trend micro
2013-08-07 11:15 . 2013-08-07 11:15 -------- d-----w- c:\program files\Google
2013-08-07 11:14 . 2013-05-09 08:58 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-08-07 11:05 . 2013-08-07 11:05 -------- d-----w- c:\program files\AVAST Software
2013-08-07 11:05 . 2013-08-10 10:41 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2013-08-07 08:03 . 2013-08-07 08:03 -------- d-----w- c:\program files\Western Digital Corporation
2013-08-04 12:46 . 2013-08-04 14:48 -------- d-----w- C:\Oblivion (2013) [1080p]
2013-07-13 10:58 . 2013-07-13 10:58 -------- d-----w- c:\program files\Common Files\Skype
2013-07-13 06:38 . 2013-07-13 06:50 -------- d-----w- c:\windows\system32\MRT
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-12 16:10 . 2012-04-10 16:22 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-12 16:10 . 2011-05-20 16:12 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-05 09:08 . 2006-03-02 12:00 1876736 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 07:23 . 2006-03-02 12:00 563712 ----a-w- c:\windows\system32\qedit.dll
2013-05-29 07:43 . 2006-03-02 12:00 669696 ----a-w- c:\windows\system32\wininet.dll
2013-05-29 07:43 . 2006-03-02 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-05-29 07:43 . 2006-03-02 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2013-05-29 07:40 . 2006-03-02 12:00 370176 ----a-w- c:\windows\system32\html.iec
2008-07-25 08:31 . 2013-06-25 16:05 28672 ----a-w- c:\program files\mozilla firefox\components\flashgetXpi.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-12-15 761945]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-06-07 850704]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 53248]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"RTHDCPL"="RTHDCPL.EXE" [2007-05-27 16132608]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-1 568176]
Post-it® Software Notes Lite.lnk - c:\program files\3M\PSNLite\PsnLite.exe -RegRun [2004-10-15 2080768]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2013-05-08 01:17 642664 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
2013-05-08 12:14 44128 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet 3]
2012-03-15 02:05 3090056 ----a-w- c:\program files\FlashGet Network\FlashGet 3\Flashget3.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-04-14 09:32 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2013-04-19 21:10 1631144 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" silent
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
"NokiaOviSuite2"=c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
"FlashGet 3"="c:\program files\FlashGet Network\FlashGet 3\Flashget3.exe" -minimize
"NokiaSuite.exe"=c:\program files\Nokia\Nokia Suite\NokiaSuite.exe -tray
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe"
"SolidWorks_CheckForUpdates"="c:\program files\Common Files\Manažer instalací SolidWorks\Scheduler\sldIMScheduler.exe" /scheduler
"NokiaMServer"=c:\program files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\KN_StrongDC\\StrongDC.exe"=
"c:\\Program Files\\QIP Infium\\infium.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ANSYS Inc\\v110\\AISOL\\CommonFiles\\intel\\AnsysWBU.exe"=
"c:\\Program Files\\ANSYS Inc\\v110\\ANSYS\\bin\\intel\\ANSYS.exe"=
"c:\\Program Files\\ANSYS Inc\\v110\\AISOL\\CAD Integration\\intel\\ActivePIMgrU.exe"=
"c:\\Program Files\\ANSYS Inc\\v110\\AISOL\\CAD Integration\\intel\\ReaderHostU.exe"=
"c:\\Program Files\\ANSYS Inc\\v110\\CommonFiles\\TCL\\bin\\intel\\tclsh.exe"=
"c:\\Program Files\\ANSYS Inc\\v110\\CommonFiles\\TCL\\bin\\intel\\wish.exe"=
"c:\\Program Files\\ANSYS Inc\\v110\\RSM\\bin\\JobManagerService.exe"=
"c:\\Program Files\\ANSYS Inc\\v110\\RSM\\bin\\JMAdmin.exe"=
"c:\\Program Files\\ANSYS Inc\\v110\\RSM\\bin\\JMPassword.exe"=
"c:\\Program Files\\ANSYS Inc\\v110\\RSM\\bin\\ScriptHostService.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\MATLAB\\R2007a\\bin\\win32\\MATLAB.exe"=
"c:\\Program Files\\Maple 12\\jre\\bin\\maple.exe"=
"c:\\Program Files\\Maple 12\\jre\\bin\\java.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Program Files\\Dassault Systemes\\B19\\intel_a\\code\\bin\\orbixd.exe"=
"c:\\Program Files\\Dassault Systemes\\B19\\intel_a\\code\\bin\\CNEXT.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\UGS\\NX 4.0\\UGII\\ugraf.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\terraria\\TerrariaServer.exe"=
"c:\\Program Files\\FlashGet Network\\FlashGet 3\\FlashGet3.exe"=
"c:\\Program Files\\VideoLAN\\VLC3\\vlc.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
.
R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [18.11.2008 21:42 39680]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [18.11.2008 21:42 35712]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18.11.2008 23:25 717296]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [1.7.2008 10:04 35168]
R1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [24.4.2007 17:52 16688]
R2 ANSYS FLEXlm license manager;ANSYS FLEXlm license manager;c:\progra~1\ANSYSI~1\SHARED~1\LICENS~1\Intel\lmgrd.exe [27.11.2008 13:28 1294336]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [1.7.2008 10:02 472280]
R2 JobManagerService110;Ansys JobManager Service V11;c:\program files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe [16.1.2007 16:20 20480]
R2 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT;c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe -sINVENTORCONTENT --> c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe -sINVENTORCONTENT [?]
R2 ScriptHostService110;Ansys ScriptHost Service V11;c:\program files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe [16.1.2007 16:20 20480]
R2 Unigraphics License Server (uglmd);Unigraphics License Server (uglmd);c:\program files\UGS\License Servers\UGNXFLEXlm\lmgrd.exe [27.10.2005 21:34 962560]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7.8.2013 13:15 116648]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [21.6.2013 9:53 162408]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7.8.2013 13:15 116648]
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT;c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT --> c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT [?]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [16.10.2009 14:06 94992]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys --> c:\windows\system32\DRIVERS\VBoxNetFlt.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-08-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 16:10]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.fme.vutbr.cz/
uDefault_Search_URL = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = hxxp://192.168.0.1/
uSearchAssistant = hxxp://www.google.com
IE: Download all links by FlashGet3 - c:\program files\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm
IE: Download by FlashGet3 - c:\program files\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 85.237.225.250 192.168.0.1
DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
FF - ProfilePath - c:\documents and settings\Xerno\Data aplikací\Mozilla\Firefox\Profiles\b5jjvlja.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.fme.vutbr.cz/
FF - ExtSQL: !HIDDEN! 2009-09-02 01:38; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-QipGuard - c:\documents and settings\Xerno\Data aplikací\QipGuard\QipGuard.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-08-10 22:38
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="4B66AB29DF2C4001D0D982F47B2533530426305EDF9BABEC76CC9D729B66B6EDD8FAF5832E09A6C34BA5FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933C038D530D6EB34529DB7CE019D40AA5CBA7FD869164D6794BD138FEEBB957C8797BCC7177E8CF9FA2F0141920E9ACC7C088C56BF1289D41ADE7177469EE8FBDBD796F247B21A82D3C6694A57C1B15E827D69994B4EA92810AF020FD4915D1BCA66AE6F70BBE2A30201F82D9DB8A0FD26C7BC91F08FC4E2BB10C2ED6C4684C7A6EB29662F63ACACB66F1A48EEF680FB1382566CC530EA7669C28C34508E81B4F473038A1617D03254880E7BCAA17FED2A2D5BDC5731401B94EF8805B7640C5A72EF0A8D2866BC8BF124682BA101E12E00A7C49822B47AC970A2B20650E272738A35E0A661077056DC8190405A057B585D3B5F579A806640E1C9DEE23849137E63797E13AB5183F19240C2284F3F384DBD11CBD8A780E18181B9324A057BE2BE50DA2E92E9C29D82C7E68D524DE49533D236FDDDA4C461D29D29266D3D82EA3D5E598EE670FB7C6FE3DED53418D0A572809FBFABDE7DEBBF38B389835E0A45C14AD9125808C2706782F45346E37F103A5FA12E8D1B829B95065A7CC7D7E024DE8625FE34EEFD60D6F15B91055C148DF8BBF7394F114F22E5F07D76798E7CCCE5BB6570C7D43CC4753825F0711ED3ECE496402642E804400796E6BF595974156D422E566960AEABB9894F2410BB2911F7A4FC0DBEC3604E154840F63084036952A9F0F16E282835DED3B534683C21EFEECE945B9B354E38EA8B9A0DC64F89CB3334085BB23B2416E637197B88186F924930D151B842567CAD9A67C9ECEF0B50F1D8AEFB17993D9995859EAA81BEE799CE1AE205F467A92F41E180C4758CB19DB7C086947F39369CF146D0C4669006350790D9DDB9141AF5D18320ECB5C146716DCC13355182730F49B51C2351E466ACBFCC2E996D291E0DCB55E4830A9F3B1B448D3DC67A527DF62BC3D3EF5E06CB5A893BB847FE00CF44E15F531F4FAA22FE2EC9D082697A01EDEB922BACAD301B2B39FBB9CDDFE1F07E0BE15229E8593517E2FB7E79923F4FA0A3FABC2BE3176024E9645164078FE132014BAD5EBE1A4FEC5ED3DA8B6DD95D51AE0805932ADF47D8F67C8819EBBAAA6C414314513ACA70235DB2DDF1F476C3D32C7966E22E2623F48180C64B8D8AF5CA8EA219684940BB6C65B06436A8383F92034226E79EF5E736EF615DB1EC1A9301EF76B4DCDF4279923C95AEB70D32B18AD70B6CC731D1B16EE9C37DD290797457AC02C1BCF40E96F06DE1E1292AEE9E4D192E48F71EB0BD06DEFE3D0D022A302856B8016802D122F648C884108AE93000F63B2AC5A2FAEEF47CA017114EA302E1BCC5939885B3D02A"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(892)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2013-08-10 22:47:34
ComboFix-quarantined-files.txt 2013-08-10 20:47
.
Před spuštěním: Volných bajtů: 26 296 975 360
Po spuštění: Volných bajtů: 26 402 398 208
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer
.
- - End Of File - - 6018894B4C6773809EA32D35B3D8A3D1
413FC2A0C716421B3158746D63736515

#14 Příspěvek od **Rudy** » 11 srp 2013 10:31

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

Regnull::
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Dedik · #15 Příspěvek od **Dedik** » 11 srp 2013 21:37

ComboFix 13-08-09.02 - Xerno 11.08.2013 21:27:57.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1022.348 [GMT 2:00]
Spuštěný z: c:\documents and settings\Xerno\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Xerno\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 3.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Xerno\WINDOWS
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-07-11 do 2013-08-11 )))))))))))))))))))))))))))))))
.
.
2013-08-08 09:47 . 2013-08-09 23:53 -------- d-----w- c:\program files\trend micro
2013-08-07 11:15 . 2013-08-07 11:15 -------- d-----w- c:\program files\Google
2013-08-07 11:14 . 2013-05-09 08:58 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-08-07 11:05 . 2013-08-10 10:41 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2013-08-07 08:03 . 2013-08-07 08:03 -------- d-----w- c:\program files\Western Digital Corporation
2013-08-04 12:46 . 2013-08-04 14:48 -------- d-----w- C:\Oblivion (2013) [1080p]
2013-07-13 10:58 . 2013-07-13 10:58 -------- d-----w- c:\program files\Common Files\Skype
2013-07-13 06:38 . 2013-07-13 06:50 -------- d-----w- c:\windows\system32\MRT
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-12 16:10 . 2012-04-10 16:22 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-12 16:10 . 2011-05-20 16:12 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-05 09:08 . 2006-03-02 12:00 1876736 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 07:23 . 2006-03-02 12:00 563712 ----a-w- c:\windows\system32\qedit.dll
2013-05-29 07:43 . 2006-03-02 12:00 669696 ----a-w- c:\windows\system32\wininet.dll
2013-05-29 07:43 . 2006-03-02 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-05-29 07:43 . 2006-03-02 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2013-05-29 07:40 . 2006-03-02 12:00 370176 ----a-w- c:\windows\system32\html.iec
2008-07-25 08:31 . 2013-06-25 16:05 28672 ----a-w- c:\program files\mozilla firefox\components\flashgetXpi.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-12-15 761945]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-06-07 850704]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 53248]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"RTHDCPL"="RTHDCPL.EXE" [2007-05-27 16132608]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-1 568176]
Post-it® Software Notes Lite.lnk - c:\program files\3M\PSNLite\PsnLite.exe -RegRun [2004-10-15 2080768]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2013-05-08 01:17 642664 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
2013-05-08 12:14 44128 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet 3]
2012-03-15 02:05 3090056 ----a-w- c:\program files\FlashGet Network\FlashGet 3\Flashget3.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-04-14 09:32 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2013-04-19 21:10 1631144 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" silent
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
"NokiaOviSuite2"=c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
"FlashGet 3"="c:\program files\FlashGet Network\FlashGet 3\Flashget3.exe" -minimize
"NokiaSuite.exe"=c:\program files\Nokia\Nokia Suite\NokiaSuite.exe -tray
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe"
"SolidWorks_CheckForUpdates"="c:\program files\Common Files\Manažer instalací SolidWorks\Scheduler\sldIMScheduler.exe" /scheduler
"NokiaMServer"=c:\program files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\KN_StrongDC\\StrongDC.exe"=
"c:\\Program Files\\QIP Infium\\infium.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ANSYS Inc\\v110\\AISOL\\CommonFiles\\intel\\AnsysWBU.exe"=
"c:\\Program Files\\ANSYS Inc\\v110\\ANSYS\\bin\\intel\\ANSYS.exe"=
"c:\\Program Files\\ANSYS Inc\\v110\\AISOL\\CAD Integration\\intel\\ActivePIMgrU.exe"=
"c:\\Program Files\\ANSYS Inc\\v110\\AISOL\\CAD Integration\\intel\\ReaderHostU.exe"=
"c:\\Program Files\\ANSYS Inc\\v110\\CommonFiles\\TCL\\bin\\intel\\tclsh.exe"=
"c:\\Program Files\\ANSYS Inc\\v110\\CommonFiles\\TCL\\bin\\intel\\wish.exe"=
"c:\\Program Files\\ANSYS Inc\\v110\\RSM\\bin\\JobManagerService.exe"=
"c:\\Program Files\\ANSYS Inc\\v110\\RSM\\bin\\JMAdmin.exe"=
"c:\\Program Files\\ANSYS Inc\\v110\\RSM\\bin\\JMPassword.exe"=
"c:\\Program Files\\ANSYS Inc\\v110\\RSM\\bin\\ScriptHostService.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\MATLAB\\R2007a\\bin\\win32\\MATLAB.exe"=
"c:\\Program Files\\Maple 12\\jre\\bin\\maple.exe"=
"c:\\Program Files\\Maple 12\\jre\\bin\\java.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Program Files\\Dassault Systemes\\B19\\intel_a\\code\\bin\\orbixd.exe"=
"c:\\Program Files\\Dassault Systemes\\B19\\intel_a\\code\\bin\\CNEXT.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\UGS\\NX 4.0\\UGII\\ugraf.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\terraria\\TerrariaServer.exe"=
"c:\\Program Files\\FlashGet Network\\FlashGet 3\\FlashGet3.exe"=
"c:\\Program Files\\VideoLAN\\VLC3\\vlc.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
.
R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [18.11.2008 21:42 39680]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [18.11.2008 21:42 35712]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18.11.2008 23:25 717296]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [1.7.2008 10:04 35168]
R1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [24.4.2007 17:52 16688]
R2 ANSYS FLEXlm license manager;ANSYS FLEXlm license manager;c:\progra~1\ANSYSI~1\SHARED~1\LICENS~1\Intel\lmgrd.exe [27.11.2008 13:28 1294336]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [1.7.2008 10:02 472280]
R2 JobManagerService110;Ansys JobManager Service V11;c:\program files\ANSYS Inc\v110\RSM\bin\JobManagerService.exe [16.1.2007 16:20 20480]
R2 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT;c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe -sINVENTORCONTENT --> c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe -sINVENTORCONTENT [?]
R2 ScriptHostService110;Ansys ScriptHost Service V11;c:\program files\ANSYS Inc\v110\RSM\bin\ScriptHostService.exe [16.1.2007 16:20 20480]
R2 Unigraphics License Server (uglmd);Unigraphics License Server (uglmd);c:\program files\UGS\License Servers\UGNXFLEXlm\lmgrd.exe [27.10.2005 21:34 962560]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7.8.2013 13:15 116648]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [21.6.2013 9:53 162408]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7.8.2013 13:15 116648]
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT;c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT --> c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT [?]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [16.10.2009 14:06 94992]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys --> c:\windows\system32\DRIVERS\VBoxNetFlt.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-08-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 16:10]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.fme.vutbr.cz/
uDefault_Search_URL = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = hxxp://192.168.0.1/
uSearchAssistant = hxxp://www.google.com
IE: Download all links by FlashGet3 - c:\program files\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm
IE: Download by FlashGet3 - c:\program files\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 192.168.0.1
DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
FF - ProfilePath - c:\documents and settings\Xerno\Data aplikací\Mozilla\Firefox\Profiles\b5jjvlja.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.fme.vutbr.cz/
FF - ExtSQL: !HIDDEN! 2009-09-02 01:38; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-08-11 21:58
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(896)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(6780)
c:\windows\system32\btmmhook.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_slk.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\progra~1\ANSYSI~1\SHARED~1\LICENS~1\Intel\ansyslmd.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe
c:\windows\system32\oodag.exe
c:\program files\O2Micro Oz128 Driver\o2flash.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\UGS\NX 4.0\UGFLEXLM\uglmd.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\RTHDCPL.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\3M\PSNLite\PsnLite.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\progra~1\3M\PSNLite\PSNGive.exe
c:\docume~1\Xerno\LOCALS~1\Temp\RtkBtMnt.exe
.
**************************************************************************
.
Celkový čas: 2013-08-11 22:15:33 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-08-11 20:15
ComboFix2.txt 2013-08-10 20:47
.
Před spuštěním: Volných bajtů: 28 509 130 752
Po spuštění: Volných bajtů: 28 498 841 600
.
- - End Of File - - 437888B52911E0ABF7D29065E5F4D1F8
413FC2A0C716421B3158746D63736515

VIRY.CZ

Spomalený Notebook

Spomalený Notebook

Re: Spomalený Notebook

Re: Spomalený Notebook

Re: Spomalený Notebook

Re: Spomalený Notebook

Re: Spomalený Notebook

Re: Spomalený Notebook

Re: Spomalený Notebook

Re: Spomalený Notebook

Re: Spomalený Notebook

Re: Spomalený Notebook

Re: Spomalený Notebook

Re: Spomalený Notebook

Re: Spomalený Notebook

Re: Spomalený Notebook