VIRY.CZ

prosim o preventivku,kedze sa mi vidi PC velni spomaleny v poslednej dobe
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jozef at 2013-09-10 12:35:30
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 3 GB (14%) free of 24 GB
Total RAM: 895 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:35:40, on 10.9.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINXP\System32\smss.exe
C:\WINXP\system32\winlogon.exe
C:\WINXP\system32\services.exe
C:\WINXP\system32\lsass.exe
C:\WINXP\system32\Ati2evxx.exe
C:\WINXP\system32\svchost.exe
C:\WINXP\System32\svchost.exe
C:\WINXP\system32\Ati2evxx.exe
C:\WINXP\Explorer.EXE
C:\WINXP\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINXP\RTHDCPL.EXE
C:\WINXP\system32\ctfmon.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINXP\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINXP\system32\wuauclt.exe
E:\download\RSIT.exe
C:\Program Files\trend micro\Jozef.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://thebestgamesonlinefree.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINXP\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Jozef\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINXP\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINXP\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 2675644421
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINXP\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINXP\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINXP\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINXP\system32\Ati2evxx.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6839 bytes

======Scheduled tasks folder======

C:\WINXP\tasks\Adobe Flash Player Updater.job
C:\WINXP\tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-616249376-1606980848-1003Core.job
C:\WINXP\tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-616249376-1606980848-1003UA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Jozef\Application Data\Mozilla\Firefox\Profiles\y1x7p1pd.default

prefs.js - "browser.startup.homepage" - "about:home"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINXP\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\WINXP\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINXP\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Documents and Settings\Jozef\Application Data\Mozilla\Firefox\Profiles\y1x7p1pd.default\extensions\
4fc07f965c6d2@4fc07f965c70e.info

C:\Documents and Settings\Jozef\Application Data\Mozilla\Firefox\Profiles\y1x7p1pd.default\searchplugins\
ask-search.xml
askcom.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll [2011-12-23 503808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll [2011-12-23 503808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2006-03-09 344064]
"SkyTel"=C:\WINXP\SkyTel.EXE [2006-05-17 2879488]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2013-08-20 347192]
"RTHDCPL"=C:\WINXP\RTHDCPL.EXE [2006-05-04 16206848]
"Alcmtr"=C:\WINXP\ALCMTR.EXE [2005-05-03 69632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"= []
"ctfmon.exe"=C:\WINXP\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\Jozef\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-03-09 136176]
""= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Jozef\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-03-09 136176]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINXP\system32\Ati2evxx.dll [2006-03-09 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINXP\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINXP\system32\wpdshserviceobj.dll [2010-09-16 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\AVG\AVG2013\avgmfapx.exe"="C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:Inštalátor produktu AVG"
"C:\Program Files\TornTV.com\TornTV Downloader.exe"="C:\Program Files\TornTV.com\TornTV Downloader.exe:*:Disabled:TorntvDownloader"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINXP\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINXP\system32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-09-10 12:35:30 ----D---- C:\rsit
2013-08-28 21:07:51 ----HDC---- C:\WINXP\$NtUninstallKB2834904-v2_WM11$
2013-08-26 14:36:41 ----A---- C:\WINXP\system32\FNTCACHE.DAT
2013-08-18 21:16:35 ----D---- C:\Program Files\MSXML 4.0
2013-08-17 11:11:30 ----D---- C:\Program Files\Mozilla Firefox
2013-08-17 11:08:22 ----D---- C:\Documents and Settings\Jozef\Application Data\PC Suite
2013-08-17 11:08:15 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2013-08-17 11:04:50 ----D---- C:\Program Files\Common Files\Nokia
2013-08-17 11:04:50 ----D---- C:\Documents and Settings\All Users\Application Data\Nokia
2013-08-17 11:03:31 ----A---- C:\WINXP\system32\drivers\pccsmcfd.sys
2013-08-17 11:03:21 ----D---- C:\Program Files\PC Connectivity Solution
2013-08-17 11:03:00 ----A---- C:\WINXP\system32\nmwcdcls.dll
2013-08-17 11:01:50 ----D---- C:\Program Files\Nokia
2013-08-17 11:01:50 ----D---- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
2013-08-16 19:16:02 ----D---- C:\WINXP\Elf Bowling Holiday Pack
2013-08-16 19:16:01 ----D---- C:\Program Files\Elf Bowling Holiday Pack
2013-08-16 17:14:26 ----D---- C:\Documents and Settings\All Users\Application Data\MumboJumbo
2013-08-16 17:13:56 ----D---- C:\WINXP\Elf Bowling - Hawaiian Vacation
2013-08-16 17:13:56 ----D---- C:\Program Files\Elf Bowling - Hawaiian Vacation
2013-08-15 16:20:18 ----D---- C:\Documents and Settings\All Users\Application Data\APN
2013-08-15 16:18:54 ----D---- C:\Program Files\TornTV.com

======List of files/folders modified in the last 1 month======

2013-09-10 12:35:39 ----D---- C:\WINXP\Temp
2013-09-10 12:35:37 ----D---- C:\WINXP\Prefetch
2013-09-10 12:35:36 ----D---- C:\Program Files\trend micro
2013-09-10 12:28:31 ----D---- C:\WINXP\system32\CatRoot2
2013-09-10 12:28:22 ----D---- C:\WINXP\system32
2013-09-08 21:05:56 ----A---- C:\WINXP\SchedLgU.Txt
2013-09-01 12:08:21 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2013-08-29 07:00:40 ----D---- C:\WINXP
2013-08-28 21:08:01 ----HD---- C:\WINXP\inf
2013-08-28 19:58:31 ----D---- C:\Documents and Settings\Jozef\Application Data\VSO
2013-08-28 07:50:56 ----SHD---- C:\WINXP\Installer
2013-08-28 07:50:47 ----SHD---- C:\Config.Msi
2013-08-28 07:50:44 ----RD---- C:\Program Files
2013-08-28 07:50:37 ----SD---- C:\WINXP\Tasks
2013-08-27 18:21:42 ----D---- C:\Documents and Settings\Jozef\Application Data\vlc
2013-08-26 09:09:19 ----A---- C:\WINXP\system32\FlashPlayerApp.exe
2013-08-18 21:16:43 ----D---- C:\WINXP\WinSxS
2013-08-18 10:44:12 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-08-17 13:23:31 ----D---- C:\Documents and Settings\Jozef\Application Data\uTorrent
2013-08-17 13:23:03 ----D---- C:\WINXP\Debug
2013-08-17 13:22:44 ----D---- C:\Program Files\CCleaner
2013-08-17 11:22:00 ----A---- C:\WINXP\ModemLog_Standard 33600 bps Modem.txt
2013-08-17 11:04:50 ----D---- C:\Program Files\Common Files
2013-08-17 11:03:31 ----DC---- C:\WINXP\system32\DRVSTORE
2013-08-17 11:03:31 ----D---- C:\WINXP\system32\drivers
2013-08-16 17:15:02 ----D---- C:\WINXP\system32\NtmsData
2013-08-16 17:06:48 ----D---- C:\WINXP\Registration
2013-08-15 18:29:55 ----D---- C:\WINXP\Microsoft.NET
2013-08-15 18:29:51 ----RSD---- C:\WINXP\assembly
2013-08-15 18:21:06 ----A---- C:\WINXP\system32\PerfStringBackup.INI
2013-08-15 16:38:27 ----RSHDC---- C:\WINXP\system32\dllcache
2013-08-15 16:38:24 ----D---- C:\Program Files\Internet Explorer
2013-08-15 16:38:10 ----D---- C:\WINXP\ie8updates
2013-08-15 16:37:58 ----D---- C:\WINXP\system32\MRT
2013-08-15 16:35:27 ----A---- C:\WINXP\system32\MRT.exe
2013-08-15 16:35:17 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdide;amdide; C:\WINXP\system32\DRIVERS\amdide.sys [2009-07-07 11832]
R0 mv61xxmm;mv61xxmm; C:\WINXP\system32\drivers\mv61xxmm.sys [2010-12-18 5632]
R0 mv64xxmm;mv64xxmm; C:\WINXP\system32\drivers\mv64xxmm.sys [2010-12-18 5632]
R0 mvxxmm;mvxxmm; C:\WINXP\system32\drivers\mvxxmm.sys [2010-12-18 5632]
R0 rimsptsk;rimsptsk; C:\WINXP\system32\DRIVERS\rimsptsk.sys [2004-12-07 51328]
R0 risdptsk;risdptsk; C:\WINXP\system32\DRIVERS\risdptsk.sys [2005-04-19 27136]
R1 avipbb;avipbb; C:\WINXP\system32\DRIVERS\avipbb.sys [2013-08-20 136672]
R1 avkmgr;avkmgr; C:\WINXP\system32\DRIVERS\avkmgr.sys [2013-06-29 37352]
R1 intelppm;Intel Processor Driver; C:\WINXP\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 ssmdrv;ssmdrv; C:\WINXP\system32\DRIVERS\ssmdrv.sys [2013-06-29 28520]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINXP\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R2 avgntflt;avgntflt; C:\WINXP\system32\DRIVERS\avgntflt.sys [2013-09-07 88840]
R2 irda;IrDA Protocol; C:\WINXP\system32\DRIVERS\irda.sys [2008-04-14 88192]
R3 ati2mtag;ati2mtag; C:\WINXP\system32\DRIVERS\ati2mtag.sys [2006-03-09 1506816]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINXP\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINXP\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINXP\system32\drivers\RtkHDAud.sys [2006-05-04 4271616]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINXP\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 mouhid;Mouse HID Driver; C:\WINXP\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINXP\system32\DRIVERS\ATKACPI.sys [2007-08-28 5760]
R3 Rasirda;WAN Miniport (IrDA); C:\WINXP\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINXP\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
R3 SynMini;USB2.0 1.3M WebCam; C:\WINXP\System32\Drivers\SynMini.sys [2006-07-03 1056512]
R3 SynScan;USB2.0 1.3M WebCam Still Image; C:\WINXP\System32\Drivers\SynScan.sys [2006-06-30 8064]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINXP\system32\DRIVERS\tosporte.sys [2005-11-24 47104]
S3 Ambfilt;Ambfilt; C:\WINXP\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINXP\system32\ASNDIS5.SYS []
S3 BCM43XX;ASUS 802.11 ovládač sieťového adaptéru; C:\WINXP\system32\DRIVERS\bcmwl5.sys [2005-02-12 371712]
S3 CCDECODE;Closed Caption Decoder; C:\WINXP\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 Monfilt;Monfilt; C:\WINXP\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINXP\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINXP\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINXP\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINXP\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINXP\System32\Drivers\RootMdm.sys [2008-04-14 5888]
S3 sdbus;sdbus; C:\WINXP\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
S3 SLIP;BDA Slip De-Framer; C:\WINXP\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINXP\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINXP\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINXP\System32\Drivers\tosrfbd.sys [2006-02-02 108928]
S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINXP\System32\Drivers\tosrfbnp.sys [2005-12-14 37632]
S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINXP\system32\DRIVERS\Tosrfhid.sys [2006-02-08 62848]
S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINXP\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINXP\system32\drivers\TosRfSnd.sys [2005-11-11 52864]
S3 Tosrfusb;Bluetooth USB Controller; C:\WINXP\System32\Drivers\tosrfusb.sys [2006-02-24 40192]
S3 usbscan;USB Scanner Driver; C:\WINXP\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINXP\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINXP\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINXP\system32\DRIVERS\WudfPf.sys [2010-09-16 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINXP\system32\DRIVERS\wudfrd.sys [2010-09-16 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2013-08-20 108088]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2013-08-20 84024]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINXP\system32\Ati2evxx.exe [2006-03-09 405504]
R2 Irmon;Infrared Monitor; C:\WINXP\system32\svchost.exe [2008-04-14 14336]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
S2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINXP\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-26 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINXP\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-17 117656]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-01-31 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINXP\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Zdravím,

Stáhni Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Ulož jej na plochu a spusť - zobrazí se licenční podminky -> start libovolnou klávesou.
Bude vytvořena záloha a proběhne skenování.
Vyskočí log (nebo je uložen zde c:\JRT jako JRT.txt) - zkopíruj jej sem

Stáhni AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Ulož nejlépe na plochu -> ukonči všechny programy -> spusť AdwCleaner -> klikni na Search po dokončení na Clean
bude provedena oprava, restartuje se - (případně restartuj) a vypadne log C:\AdwCleaner\AdwCleaner[S?].txt , jeho obsah vložíš sem

Stáhni a nainstaluj MBAM zde http://www.malwarebytes.org/products/malwarebytes_free/
Spustit -> na 3.záložce "Aktualizace" -> Kontrola aktualizací
následně na 1.záložce "Kontrolor" -> Rychlá kontrola -> Prohledat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.9 (09.07.2013:1)
OS: Microsoft Windows XP x86
Ran by Jozef on st 11.09.2013 at 7:34:09,10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9DDDCFB5-A779-4756-9931-543AA2BD33D9}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\apn"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\trymedia"
Successfully deleted: [Folder] "C:\Documents and Settings\Jozef\Local Settings\Application Data\apn"
Successfully deleted: [Folder] "C:\Program Files\torntv.com"
Successfully deleted: [Folder] "C:\Documents and Settings\Jozef\start menu\programs\torntv.com"



~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\Jozef\Application Data\mozilla\firefox\profiles\y1x7p1pd.default\extensions\trtv3@trtv.com.xpi
Successfully deleted: [File] C:\Documents and Settings\Jozef\Application Data\mozilla\firefox\profiles\y1x7p1pd.default\searchplugins\askcom.xml
Successfully deleted the following from C:\Documents and Settings\Jozef\Application Data\mozilla\firefox\profiles\y1x7p1pd.default\prefs.js

user_pref("extensions.4fc07f965c783.scode", "(function(){try{if('aol.com,mail.google.com,premiumreports.info,search.babylon.com,search.gboxapp.com'.indexOf(window.self.locatio



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 11.09.2013 at 7:46:40,20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


ADWcleaner

# AdwCleaner v3.003 - Report created 11/09/2013 at 07:50:56
# Updated 07/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Jozef - NJ
# Running from : C:\Documents and Settings\Jozef\My Documents\Preberanie\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\AlawarWrapper
Folder Deleted : C:\Program Files\1ClickDownload
Folder Deleted : C:\Program Files\Mail.Ru
Folder Deleted : C:\Documents and Settings\LocalService\Local Settings\Application Data\AskToolbar
Folder Deleted : C:\Documents and Settings\Jozef\Application Data\Mozilla\Firefox\Profiles\y1x7p1pd.default\jetpack
File Deleted : C:\Documents and Settings\Jozef\Application Data\Mozilla\Firefox\Profiles\y1x7p1pd.default\.autoreg
File Deleted : C:\Documents and Settings\Jozef\Application Data\Mozilla\Firefox\Profiles\y1x7p1pd.default\searchplugins\ask-search.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\TornTV.com\TornTV Downloader.exe]
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKLM\Software\PIP
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v23.0.1 (sk)

[ File : C:\Documents and Settings\Jozef\Application Data\Mozilla\Firefox\Profiles\y1x7p1pd.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Documents and Settings\Jozef\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Deleted : search_url
Deleted : suggest_url

*************************

AdwCleaner[R0].txt - [2509 octets] - [11/09/2013 07:48:12]
AdwCleaner[S0].txt - [2476 octets] - [11/09/2013 07:50:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2536 octets] ##########


Malwarebytes

skodlive som dal odstranit a restart

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verzia databázy: v2013.09.11.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Jozef :: NJ [administrátor]

11.9.2013 8:05:54
mbam-log-2013-09-11 (08-05-54).txt

Typ kontroly: Rýchla kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 203004
Uplynutý čas: 8 min, 24 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 3
C:\Documents and Settings\Jozef\My Documents\Downloads\Elf_Bowling_Hawaiian_Vacation___Crack.exe (PUP.Optional.OneClickDownloader.A) -> Žiadna úloha nevykonaná.
C:\Documents and Settings\Jozef\My Documents\Downloads\Elf_Bowling_Hawaiian_Vacation_SETUP___CRACK.exe (PUP.Optional.OneClickDownloader.A) -> Pridanie do karantény a zmazanie úspešné.
C:\Documents and Settings\Jozef\My Documents\Downloads\Elf_Bowling_Hawaiian_Vacation_[h33t][oi812heet].exe (PUP.Optional.OneClickDownloader.A) -> Pridanie do karantény a zmazanie úspešné.

(koniec)

nález MBAM nech "Odstranit"

je nějaká změna k lepšímu? jinak mi dej nový RSIT

velky rozdiel neni vidno,mozno to chce asi svoj cas...
prikladam RSIT
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jozef at 2013-09-11 11:08:19
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 3 GB (13%) free of 24 GB
Total RAM: 895 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:08:57, on 11.9.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINXP\System32\smss.exe
C:\WINXP\system32\winlogon.exe
C:\WINXP\system32\services.exe
C:\WINXP\system32\lsass.exe
C:\WINXP\system32\Ati2evxx.exe
C:\WINXP\system32\svchost.exe
C:\WINXP\System32\svchost.exe
C:\WINXP\system32\Ati2evxx.exe
C:\WINXP\Explorer.EXE
C:\WINXP\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINXP\RTHDCPL.EXE
C:\WINXP\system32\ctfmon.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINXP\system32\svchost.exe
C:\WINXP\system32\wuauclt.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
E:\download\RSIT.exe
C:\Program Files\trend micro\Jozef.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://thebestgamesonlinefree.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINXP\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Jozef\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINXP\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINXP\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 2675644421
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINXP\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINXP\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINXP\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINXP\system32\Ati2evxx.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6965 bytes

======Scheduled tasks folder======

C:\WINXP\tasks\Adobe Flash Player Updater.job
C:\WINXP\tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-616249376-1606980848-1003Core.job
C:\WINXP\tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-616249376-1606980848-1003UA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Jozef\Application Data\Mozilla\Firefox\Profiles\y1x7p1pd.default

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINXP\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\WINXP\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINXP\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Documents and Settings\Jozef\Application Data\Mozilla\Firefox\Profiles\y1x7p1pd.default\extensions\
4fc07f965c6d2@4fc07f965c70e.info

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll [2011-12-23 503808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll [2011-12-23 503808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2006-03-09 344064]
"SkyTel"=C:\WINXP\SkyTel.EXE [2006-05-17 2879488]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2013-08-20 347192]
"RTHDCPL"=C:\WINXP\RTHDCPL.EXE [2006-05-04 16206848]
"Alcmtr"=C:\WINXP\ALCMTR.EXE [2005-05-03 69632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"= []
"ctfmon.exe"=C:\WINXP\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\Jozef\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-03-09 136176]
""= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Jozef\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-03-09 136176]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINXP\system32\Ati2evxx.dll [2006-03-09 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINXP\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINXP\system32\wpdshserviceobj.dll [2010-09-16 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\AVG\AVG2013\avgmfapx.exe"="C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:Inštalátor produktu AVG"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINXP\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINXP\system32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-09-11 08:04:33 ----D---- C:\Documents and Settings\Jozef\Application Data\Malwarebytes
2013-09-11 08:04:17 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2013-09-11 08:04:15 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-09-11 08:04:15 ----A---- C:\WINXP\system32\drivers\mbam.sys
2013-09-11 07:48:09 ----D---- C:\AdwCleaner
2013-09-11 07:34:01 ----D---- C:\WINXP\ERUNT
2013-09-10 12:35:30 ----D---- C:\rsit
2013-08-28 21:07:51 ----HDC---- C:\WINXP\$NtUninstallKB2834904-v2_WM11$
2013-08-26 14:36:41 ----A---- C:\WINXP\system32\FNTCACHE.DAT
2013-08-18 21:16:35 ----D---- C:\Program Files\MSXML 4.0
2013-08-17 11:11:30 ----D---- C:\Program Files\Mozilla Firefox
2013-08-17 11:08:22 ----D---- C:\Documents and Settings\Jozef\Application Data\PC Suite
2013-08-17 11:08:15 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2013-08-17 11:04:50 ----D---- C:\Program Files\Common Files\Nokia
2013-08-17 11:04:50 ----D---- C:\Documents and Settings\All Users\Application Data\Nokia
2013-08-17 11:03:31 ----A---- C:\WINXP\system32\drivers\pccsmcfd.sys
2013-08-17 11:03:21 ----D---- C:\Program Files\PC Connectivity Solution
2013-08-17 11:03:00 ----A---- C:\WINXP\system32\nmwcdcls.dll
2013-08-17 11:01:50 ----D---- C:\Program Files\Nokia
2013-08-17 11:01:50 ----D---- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
2013-08-16 19:16:02 ----D---- C:\WINXP\Elf Bowling Holiday Pack
2013-08-16 19:16:01 ----D---- C:\Program Files\Elf Bowling Holiday Pack
2013-08-16 17:14:26 ----D---- C:\Documents and Settings\All Users\Application Data\MumboJumbo
2013-08-16 17:13:56 ----D---- C:\WINXP\Elf Bowling - Hawaiian Vacation
2013-08-16 17:13:56 ----D---- C:\Program Files\Elf Bowling - Hawaiian Vacation

======List of files/folders modified in the last 1 month======

2013-09-11 11:08:30 ----D---- C:\WINXP\Temp
2013-09-11 11:08:27 ----D---- C:\Program Files\trend micro
2013-09-11 11:08:20 ----D---- C:\WINXP\Prefetch
2013-09-11 11:04:26 ----A---- C:\WINXP\SchedLgU.Txt
2013-09-11 08:17:46 ----D---- C:\WINXP\system32\drivers
2013-09-11 08:04:15 ----RD---- C:\Program Files
2013-09-11 07:51:35 ----D---- C:\WINXP\system32
2013-09-11 07:34:01 ----D---- C:\WINXP
2013-09-10 20:48:29 ----D---- C:\WINXP\system32\CatRoot2
2013-09-01 12:08:21 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2013-08-28 21:08:01 ----HD---- C:\WINXP\inf
2013-08-28 19:58:31 ----D---- C:\Documents and Settings\Jozef\Application Data\VSO
2013-08-28 07:50:56 ----SHD---- C:\WINXP\Installer
2013-08-28 07:50:47 ----SHD---- C:\Config.Msi
2013-08-28 07:50:37 ----SD---- C:\WINXP\Tasks
2013-08-27 18:21:42 ----D---- C:\Documents and Settings\Jozef\Application Data\vlc
2013-08-26 09:09:19 ----A---- C:\WINXP\system32\FlashPlayerApp.exe
2013-08-18 21:16:43 ----D---- C:\WINXP\WinSxS
2013-08-18 10:44:12 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-08-17 13:23:31 ----D---- C:\Documents and Settings\Jozef\Application Data\uTorrent
2013-08-17 13:23:03 ----D---- C:\WINXP\Debug
2013-08-17 13:22:44 ----D---- C:\Program Files\CCleaner
2013-08-17 11:22:00 ----A---- C:\WINXP\ModemLog_Standard 33600 bps Modem.txt
2013-08-17 11:04:50 ----D---- C:\Program Files\Common Files
2013-08-17 11:03:31 ----DC---- C:\WINXP\system32\DRVSTORE
2013-08-16 17:15:02 ----D---- C:\WINXP\system32\NtmsData
2013-08-16 17:06:48 ----D---- C:\WINXP\Registration
2013-08-15 18:29:55 ----D---- C:\WINXP\Microsoft.NET
2013-08-15 18:29:51 ----RSD---- C:\WINXP\assembly
2013-08-15 18:21:06 ----A---- C:\WINXP\system32\PerfStringBackup.INI
2013-08-15 16:38:27 ----RSHDC---- C:\WINXP\system32\dllcache
2013-08-15 16:38:24 ----D---- C:\Program Files\Internet Explorer
2013-08-15 16:38:10 ----D---- C:\WINXP\ie8updates
2013-08-15 16:37:58 ----D---- C:\WINXP\system32\MRT
2013-08-15 16:35:27 ----A---- C:\WINXP\system32\MRT.exe
2013-08-15 16:35:17 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdide;amdide; C:\WINXP\system32\DRIVERS\amdide.sys [2009-07-07 11832]
R0 mv61xxmm;mv61xxmm; C:\WINXP\system32\drivers\mv61xxmm.sys [2010-12-18 5632]
R0 mv64xxmm;mv64xxmm; C:\WINXP\system32\drivers\mv64xxmm.sys [2010-12-18 5632]
R0 mvxxmm;mvxxmm; C:\WINXP\system32\drivers\mvxxmm.sys [2010-12-18 5632]
R0 rimsptsk;rimsptsk; C:\WINXP\system32\DRIVERS\rimsptsk.sys [2004-12-07 51328]
R0 risdptsk;risdptsk; C:\WINXP\system32\DRIVERS\risdptsk.sys [2005-04-19 27136]
R1 avipbb;avipbb; C:\WINXP\system32\DRIVERS\avipbb.sys [2013-08-20 136672]
R1 avkmgr;avkmgr; C:\WINXP\system32\DRIVERS\avkmgr.sys [2013-06-29 37352]
R1 intelppm;Intel Processor Driver; C:\WINXP\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 ssmdrv;ssmdrv; C:\WINXP\system32\DRIVERS\ssmdrv.sys [2013-06-29 28520]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINXP\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R2 avgntflt;avgntflt; C:\WINXP\system32\DRIVERS\avgntflt.sys [2013-09-07 88840]
R2 irda;IrDA Protocol; C:\WINXP\system32\DRIVERS\irda.sys [2008-04-14 88192]
R3 ati2mtag;ati2mtag; C:\WINXP\system32\DRIVERS\ati2mtag.sys [2006-03-09 1506816]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINXP\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINXP\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINXP\system32\drivers\RtkHDAud.sys [2006-05-04 4271616]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINXP\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 mouhid;Mouse HID Driver; C:\WINXP\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINXP\system32\DRIVERS\ATKACPI.sys [2007-08-28 5760]
R3 Rasirda;WAN Miniport (IrDA); C:\WINXP\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINXP\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
R3 SynMini;USB2.0 1.3M WebCam; C:\WINXP\System32\Drivers\SynMini.sys [2006-07-03 1056512]
R3 SynScan;USB2.0 1.3M WebCam Still Image; C:\WINXP\System32\Drivers\SynScan.sys [2006-06-30 8064]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINXP\system32\DRIVERS\tosporte.sys [2005-11-24 47104]
R3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINXP\System32\Drivers\tosrfbd.sys [2006-02-02 108928]
R3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINXP\System32\Drivers\tosrfbnp.sys [2005-12-14 37632]
R3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINXP\system32\DRIVERS\Tosrfhid.sys [2006-02-08 62848]
R3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINXP\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
R3 Tosrfusb;Bluetooth USB Controller; C:\WINXP\System32\Drivers\tosrfusb.sys [2006-02-24 40192]
S3 Ambfilt;Ambfilt; C:\WINXP\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINXP\system32\ASNDIS5.SYS []
S3 BCM43XX;ASUS 802.11 ovládač sieťového adaptéru; C:\WINXP\system32\DRIVERS\bcmwl5.sys [2005-02-12 371712]
S3 CCDECODE;Closed Caption Decoder; C:\WINXP\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 Monfilt;Monfilt; C:\WINXP\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINXP\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINXP\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINXP\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINXP\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINXP\System32\Drivers\RootMdm.sys [2008-04-14 5888]
S3 sdbus;sdbus; C:\WINXP\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
S3 SLIP;BDA Slip De-Framer; C:\WINXP\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINXP\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINXP\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINXP\system32\drivers\TosRfSnd.sys [2005-11-11 52864]
S3 usbscan;USB Scanner Driver; C:\WINXP\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINXP\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINXP\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINXP\system32\DRIVERS\WudfPf.sys [2010-09-16 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINXP\system32\DRIVERS\wudfrd.sys [2010-09-16 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2013-08-20 108088]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2013-08-20 84024]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINXP\system32\Ati2evxx.exe [2006-03-09 405504]
R2 Irmon;Infrared Monitor; C:\WINXP\system32\svchost.exe [2008-04-14 14336]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
S2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINXP\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-26 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINXP\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-17 117656]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-01-31 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINXP\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

MBAM odinstaluj

Stáhni OTM z jednoho odkazu a rozbal nejlépe na plochu.
http://oldtimer.geekstogo.com/OTM.exe
http://www.itxassociates.com/OT-Tools/OTM.exe

Spusť program „OTM.exe“ (pro Vistu a Win7 – pravým a „Run As Administrator“).
Do okna pod žlutou čáru vlož celý text zeleným písmem ze „Scriptu“

Klikni na červené „MoveIt!“

Při nabídce restartu „YES“
a log potom najdeš v C:\_OTM\MovedFiles\ - dej mi ho sem na kontrolu
Script OTM Spusť opět OTM -> CleanUp! - odinstaluje a vyčistí po sobě.

Máš tam Ccleaner - vyčisti "Cleaner" + "Registry"

Po vyčištění by se hodila defragmentace
doporučuji http://www.slunecnice.cz/sw/defraggler/ + čeština

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Jozef
->Temp folder emptied: 3081848 bytes
->Temporary Internet Files folder emptied: 800768 bytes
->FireFox cache emptied: 617749846 bytes
->Google Chrome cache emptied: 11628527 bytes
->Flash cache emptied: 3327 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 44928 bytes

User: NetworkService
->Temp folder emptied: 1866 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 505 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 145948036 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 2135454005 bytes

Total Files Cleaned = 2 780,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: Jozef
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default User

User: Jozef

User: LocalService

User: NetworkService

Total Java Files Cleaned = 0,00 mb


Restore point Set: OTM Restore Point
========== FILES ==========
File/Folder C:\WINXP\system32\*.tmp.dll not found.
File/Folder C:\WINXP\system32\SET*.tmp not found.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP10.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP11B.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP17B.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP186.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP199.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1FD.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP210.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP23F.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP252.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP282.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2AE.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2D2.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP379.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3C.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP45B.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP489.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP58F.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP66.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP678.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP72.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAP88.tmp folder moved successfully.
C:\WINXP\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC9.tmp folder moved successfully.
C:\WINXP\Installer\MSI4.tmp moved successfully.
C:\WINXP\Installer\MSI768.tmp moved successfully.
C:\WINXP\SoftwareDistribution\Download\db6aa510ecf2319725b6f699aa6e9d90\BIT85.tmp moved successfully.
C:\WINXP\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINXP\tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-616249376-1606980848-1003Core.job moved successfully.
C:\WINXP\tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-616249376-1606980848-1003UA.job moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files\1ClickDownload folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\LocalService\Local Settings\Application Data\AskToolbar folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\LocalService\Local Settings\Application Data folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\LocalService\Local Settings folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\LocalService folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Jozef\Application Data\Mozilla\Firefox\Profiles\y1x7p1pd.default\searchplugins folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Jozef\Application Data\Mozilla\Firefox\Profiles\y1x7p1pd.default\jetpack\trtv3@trtv.com\simple-storage folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Jozef\Application Data\Mozilla\Firefox\Profiles\y1x7p1pd.default\jetpack\trtv3@trtv.com folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Jozef\Application Data\Mozilla\Firefox\Profiles\y1x7p1pd.default\jetpack folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Jozef\Application Data\Mozilla\Firefox\Profiles\y1x7p1pd.default folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Jozef\Application Data\Mozilla\Firefox\Profiles folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Jozef\Application Data\Mozilla\Firefox folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Jozef\Application Data\Mozilla folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Jozef\Application Data folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Jozef folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\temp folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\fd folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\fc folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\fb folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\f9 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\f0 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\ee folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\e6 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\e5 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\e1 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\de folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\d1 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\c5 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\c2 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\c1 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\c0 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\bb folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\b8 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\b4 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\af folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\ab folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\a9 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\a4 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\a3 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\a0 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\9e folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\9d folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\9b folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\99 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\8d folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\8a folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\86 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\85 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\84 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\81 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\7a folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\71 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\70 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\6f folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\6d folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\69 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\66 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\65 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\5e folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\5d folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\5c folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\5b folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\58 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\52 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\4c folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\4b folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\4a folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\49 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\46 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\41 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\3e folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\39 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\33 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\2c folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\2b folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\27 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\21 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\20 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\1f folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\1d folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\1c folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\19 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\18 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\16 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\14 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\0c folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\09 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\05 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\02 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache\00 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\webcache folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\1660\skins\multilang\3.1.3.1276\wdata\images folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\1660\skins\multilang\3.1.3.1276\wdata folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\1660\skins\multilang\3.1.3.1276 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\1660\skins\multilang folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\1660\skins folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\1660\5691\wdata\multilang\3.1.3.1276 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\1660\5691\wdata\multilang folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\1660\5691\wdata folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\1660\5691\download folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\1660\5691 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content\1660 folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper\content folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\AlawarWrapper folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users folder moved successfully.
C:\AdwCleaner\Quarantine\C\Documents and Settings folder moved successfully.
C:\AdwCleaner\Quarantine\C folder moved successfully.
C:\AdwCleaner\Quarantine folder moved successfully.
C:\AdwCleaner\Backup\C\Documents and Settings\Jozef\Application Data\Mozilla\Firefox\Profiles\y1x7p1pd.default folder moved successfully.
C:\AdwCleaner\Backup\C\Documents and Settings\Jozef\Application Data\Mozilla\Firefox\Profiles folder moved successfully.
C:\AdwCleaner\Backup\C\Documents and Settings\Jozef\Application Data\Mozilla\Firefox folder moved successfully.
C:\AdwCleaner\Backup\C\Documents and Settings\Jozef\Application Data\Mozilla folder moved successfully.
C:\AdwCleaner\Backup\C\Documents and Settings\Jozef\Application Data folder moved successfully.
C:\AdwCleaner\Backup\C\Documents and Settings\Jozef folder moved successfully.
C:\AdwCleaner\Backup\C\Documents and Settings folder moved successfully.
C:\AdwCleaner\Backup\C folder moved successfully.
C:\AdwCleaner\Backup folder moved successfully.
C:\AdwCleaner folder moved successfully.
C:\Program Files\AVG\AVG2013 folder moved successfully.
C:\Program Files\AVG folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Program Files\AVG\AVG2013\avgmfapx.exe deleted successfully.
========== SERVICES/DRIVERS ==========

OTM by OldTimer - Version 3.1.21.0 log created on 09122013_070430

Zdá se, že to máš čisté - jsou ještě nějaké problémy? nebo po sobě můžu uklidit?

Tento PC uz je OK dakujem ,ale keby bolo mozne urobit poriadok aj na druhom kedze moje slecny pouzivaju aj tento ,prikladam RSIT
Logfile of random's system information tool 1.09 (written by random/random)
Run by hp at 2013-09-12 08:10:48
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 116 GB (76%) free of 152 GB
Total RAM: 2002 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:10:55, on 12. 9. 2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\AMT\atchk.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
C:\Program Files\Intel\AMT\atchksrv.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\AMT\UNS.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
G:\preberanie z internetu\RSIT.exe
C:\Program Files\trend micro\hp.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [atchk] "C:\Program Files\Intel\AMT\atchk.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Nikon Monitor.lnk = C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 9931346906
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Intel(R) Active Management Technology System Status Service (atchksrv) - Intel Corporation - C:\Program Files\Intel\AMT\atchksrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel - C:\Program Files\Intel\AMT\UNS.exe

--
End of file - 7875 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\hp\Application Data\Mozilla\Firefox\Profiles\pqmu0f1a.default

prefs.js - "browser.startup.homepage" - "http://www.sme.sk/"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.168 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


C:\Documents and Settings\hp\Application Data\Mozilla\Firefox\Profiles\pqmu0f1a.default\extensions\
info@djzig.com
{77d2ed30-4cd2-11e0-b8af-0800200c9a66}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-12 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-12 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"atchk"=C:\Program Files\Intel\AMT\atchk.exe [2007-06-07 408344]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-12-12 143360]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-12-12 172032]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-12-12 143360]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-12-11 1044480]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2008-07-17 888832]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"CanonQuickMenu"=C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [2012-04-03 1273448]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"ApnTBMon"=C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2013-08-14 1601488]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]
""= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2013-04-19 1090912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Nikon Monitor.lnk]
C:\PROGRA~1\COMMON~1\Nikon\Monitor\NKMONI~1.EXE [2007-10-18 479232]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Nikon Monitor.lnk - C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-12-12 217088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\AVG\AVG2013\avgmfapx.exe"="C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:Inštalátor produktu AVG"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-09-12 08:10:48 ----D---- C:\rsit
2013-09-12 08:10:48 ----D---- C:\Program Files\trend micro
2013-09-12 06:07:26 ----D---- C:\WINDOWS\LastGood
2013-09-02 11:22:58 ----D---- C:\Program Files\Common Files\muvee Technologies
2013-09-02 11:22:51 ----D---- C:\Documents and Settings\All Users\Application Data\Nikon
2013-09-01 23:53:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-08-19 07:09:44 ----D---- C:\Program Files\Mozilla Firefox
2013-08-18 07:11:41 ----D---- C:\Program Files\Common Files\Nokia
2013-08-18 07:10:19 ----D---- C:\Program Files\PC Connectivity Solution
2013-08-18 07:09:58 ----A---- C:\WINDOWS\system32\drivers\ccdcmb.sys
2013-08-18 07:02:42 ----D---- C:\Program Files\AskPartnerNetwork
2013-08-18 07:02:42 ----D---- C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork
2013-08-18 07:02:42 ----D---- C:\Config.Msi
2013-08-18 06:59:18 ----D---- C:\Program Files\VS Revo Group
2013-08-18 06:41:02 ----A---- C:\WINDOWS\Plants vs Zombies - Game of the Year Uninstaller.exe.bak
2013-08-18 06:40:59 ----D---- C:\Program Files\Plants vs Zombies - Game of the Year
2013-08-18 05:45:46 ----D---- C:\Program Files\PC Connectivity Solution(2)
2013-08-15 13:40:16 ----D---- C:\Documents and Settings\All Users\Application Data\APN
2013-08-14 21:41:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2850869$
2013-08-14 21:41:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2859537$
2013-08-14 21:41:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2863058$
2013-08-14 21:41:20 ----A---- C:\WINDOWS\imsins.BAK
2013-08-14 21:41:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2849470$

======List of files/folders modified in the last 1 month======

2013-09-12 08:10:48 ----RD---- C:\Program Files
2013-09-12 06:41:39 ----D---- C:\WINDOWS\Temp
2013-09-12 06:09:14 ----HD---- C:\WINDOWS\inf
2013-09-12 06:07:50 ----D---- C:\WINDOWS\Prefetch
2013-09-12 06:07:49 ----D---- C:\WINDOWS
2013-09-12 06:07:23 ----D---- C:\WINDOWS\system32\CatRoot2
2013-09-12 05:59:10 ----A---- C:\WINDOWS\system32\log.txt
2013-09-11 22:52:08 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-09-11 19:54:58 ----D---- C:\WINDOWS\system32
2013-09-11 19:54:58 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-09-09 18:24:16 ----A---- C:\WINDOWS\NeroDigital.ini
2013-09-06 19:35:11 ----D---- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
2013-09-03 13:45:15 ----D---- C:\Documents and Settings\hp\Application Data\vlc
2013-09-02 18:17:37 ----D---- C:\Documents and Settings\hp\Application Data\uTorrent
2013-09-02 11:59:08 ----D---- C:\WINDOWS\system32\CatRoot
2013-09-02 11:57:20 ----D---- C:\WINDOWS\system32\drivers
2013-09-02 11:23:35 ----SHD---- C:\WINDOWS\Installer
2013-09-02 11:23:29 ----D---- C:\Program Files\Common Files\Nikon
2013-09-02 11:23:05 ----D---- C:\WINDOWS\WinSxS
2013-09-02 11:22:58 ----D---- C:\Program Files\Common Files
2013-09-02 11:22:50 ----D---- C:\Program Files\Nikon
2013-09-02 11:22:30 ----A---- C:\WINDOWS\system32\ATL71.DLL
2013-08-19 14:05:29 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-08-18 07:10:26 ----DC---- C:\WINDOWS\system32\DRVSTORE
2013-08-18 07:09:57 ----D---- C:\Program Files\Nokia
2013-08-18 07:06:41 ----SD---- C:\WINDOWS\Tasks
2013-08-18 07:04:43 ----D---- C:\WINDOWS\system32\config
2013-08-18 07:04:26 ----D---- C:\WINDOWS\system32\wbem
2013-08-18 07:04:24 ----D---- C:\WINDOWS\Registration
2013-08-18 07:02:13 ----D---- C:\WINDOWS\system32\Restore
2013-08-14 21:51:57 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-08-14 21:51:55 ----D---- C:\Program Files\Internet Explorer
2013-08-14 21:51:44 ----D---- C:\WINDOWS\ie8updates
2013-08-14 21:50:51 ----D---- C:\WINDOWS\assembly
2013-08-14 21:46:16 ----D---- C:\WINDOWS\Microsoft.NET
2013-08-14 21:45:58 ----D---- C:\WINDOWS\system32\MRT
2013-08-14 21:45:58 ----D---- C:\WINDOWS\Debug
2013-08-14 21:45:48 ----A---- C:\WINDOWS\system32\MRT.exe
2013-08-14 21:45:43 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2013-08-14 21:43:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-05-09 49376]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-06-28 175176]
R0 SFAUDIO;Sonic Focus DSP Driver; C:\WINDOWS\system32\drivers\sfaudio.sys [2008-03-28 24064]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2013-05-09 49760]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-06-28 770344]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-06-28 369584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2008-12-11 338944]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2009-03-12 112896]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2009-09-04 239120]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2009-09-18 45184]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HssDrv;Hotspot Shield Routing Miniport; C:\WINDOWS\system32\DRIVERS\HssDrv.sys [2012-08-01 39656]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-12-12 6048768]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2008-07-23 44800]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2013-01-23 18560]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:\WINDOWS\system32\DRIVERS\s125bus.sys [2007-04-24 83336]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s125mdfl.sys [2007-04-24 15112]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s125mdm.sys [2007-04-24 108680]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s125mgmt.sys [2007-04-24 100488]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s125obex.sys [2007-04-24 98696]
S3 taphss;Anchorfree HSS Adapter; C:\WINDOWS\system32\DRIVERS\taphss.sys [2012-08-01 33512]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 APNMCP;Ask Update Service; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-08-14 164816]
R2 atchksrv;Intel(R) Active Management Technology System Status Service; C:\Program Files\Intel\AMT\atchksrv.exe [2007-06-07 183064]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2012-03-28 140456]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-06-12 182184]
R2 LMS;Intel(R) Active Management Technology Local Management Service; C:\Program Files\Intel\AMT\LMS.exe [2007-06-07 109336]
R2 UNS;Intel(R) Active Management Technology User Notification Service; C:\Program Files\Intel\AMT\UNS.exe [2007-06-07 2521880]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-11 257416]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-19 117656]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-18 754856]

-----------------EOF-----------------

Dobrá, začínáme čistit PC č.2

Stáhni Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/
Ulož nejlépe na plochu
Ukonči všechny programy a dvojklikem SC spusť
Proběhne skenování a pak se objevi log, případně bude uložen v místě spuštení jako sc-cleaner.txt, jeho obsah sem vlož

Stáhni Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Ulož jej na plochu a spusť - zobrazí se licenční podminky -> start libovolnou klávesou.
Bude vytvořena záloha a proběhne skenování.
Vyskočí log (nebo je uložen zde c:\JRT jako JRT.txt) - zkopíruj jej sem

Stáhni AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Ulož nejlépe na plochu -> ukonči všechny programy -> spusť AdwCleaner -> klikni na Search po dokončení na Clean
bude provedena oprava, restartuje se - (případně restartuj) a vypadne log C:\AdwCleaner\AdwCleaner[S?].txt , jeho obsah vložíš sem

Shortcut Cleaner 1.2.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/

Windows Version: Microsoft Windows XP Service Pack 3
Program started at: 09/13/2013 07:12:02 AM.

Scanning for registry hijacks:

* No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Documents and Settings\hp\Start Menu\

Searching C:\Documents and Settings\All Users\Start Menu\

Searching C:\Documents and Settings\hp\Application Data\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Documents and Settings\All Users\Desktop\

Searching C:\Documents and Settings\hp\Desktop


0 bad shortcuts found.

Program finished at: 09/13/2013 07:12:04 AM
Execution time: 0 hours(s), 0 minute(s), and 1 seconds(s)

Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.0 (09.12.2013:1)
OS: Microsoft Windows XP x86
Ran by hp on pi 13. 09. 2013 at 7:13:32,03
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] APNMCP
Successfully deleted: [Service] APNMCP



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\startsearch
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\askpartnernetwork"
Successfully deleted: [Registry Key] "hkey_current_user\software\pip"
Successfully deleted: [Registry Key] "hkey_local_machine\software\askpartnernetwork"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\apn"
Successfully deleted: [Folder] "C:\Documents and Settings\hp\Application Data\pdfforge"
Successfully deleted: [Folder] "C:\Program Files\optimizer pro"
Successfully deleted: [Folder] "C:\Program Files\askpartnernetwork"



~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\hp\Application Data\mozilla\firefox\profiles\pqmu0f1a.default\user.js
Emptied folder: C:\Documents and Settings\hp\Application Data\mozilla\firefox\profiles\pqmu0f1a.default\minidumps [3 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on pi 13. 09. 2013 at 7:18:40,43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


# AdwCleaner v3.003 - Report created 13/09/2013 at 07:22:55
# Updated 07/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : hp - FS
# Running from : G:\preberanie z internetu\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork
Folder Deleted : C:\Documents and Settings\hp\IECompatCache
Folder Deleted : C:\DOCUME~1\hp\LOCALS~1\Temp\apn

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\PIP

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v23.0.1 (sk)

[ File : C:\Documents and Settings\hp\Application Data\Mozilla\Firefox\Profiles\pqmu0f1a.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");

*************************

AdwCleaner[R0].txt - [1434 octets] - [13/09/2013 07:22:28]
AdwCleaner[S0].txt - [1379 octets] - [13/09/2013 07:22:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1439 octets] ##########

OK

Přidáme MBAM
Stáhni a nainstaluj MBAM zde http://www.malwarebytes.org/products/malwarebytes_free/
Spustit -> na 3.záložce "Aktualizace" -> Kontrola aktualizací
následně na 1.záložce "Kontrolor" -> Rychlá kontrola -> Prohledat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verzia databázy: v2013.09.13.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
hp :: FS [administrátor]

13. 9. 2013 7:44:58
MBAM-log-2013-09-13 (07-50-54).txt

Typ kontroly: Rýchla kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 232654
Uplynutý čas: 5 min, 21 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 1
HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> Žiadna úloha nevykonaná.

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 4
C:\Documents and Settings\hp\Local Settings\Temp\AskPIP_FF_.exe (PUP.Optional.BundledToolBar.A) -> Žiadna úloha nevykonaná.
C:\Documents and Settings\hp\Local Settings\Temp\nQCJykE_.exe.part (PUP.Optional.OneClickDownloader.A) -> Žiadna úloha nevykonaná.
C:\Documents and Settings\hp\Local Settings\Temp\nsq49.tmp (PUP.Optional.Somoto.A) -> Žiadna úloha nevykonaná.
C:\Documents and Settings\hp\Local Settings\Temp\OptimizerPro.exe (PUP.Optional.OptimizePro.A) -> Žiadna úloha nevykonaná.

(koniec)

DAl som to zmazat az potom ako som dal urobit log...vosiel som do karanteny a dal som zmazat vsetky..dufam ze som to ne....znicil


Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verzia databázy: v2013.09.13.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
hp :: FS [administrátor]

13. 9. 2013 21:28:45
MBAM-log-2013-09-13 (22-22-39).txt

Typ kontroly: Úplná kontrola (C:\|D:\|E:\|F:\|G:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 284924
Uplynutý čas: 44 min, 59 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 8
C:\Documents and Settings\hp\My Documents\APNSetup.exe (PUP.Optional.ASKToolbar.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{9B27BEB0-16AE-4024-A727-6F520997558C}\RP298\A0058597.rbf (PUP.Optional.ASKToolbar.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{9B27BEB0-16AE-4024-A727-6F520997558C}\RP328\A0061859.exe (PUP.Optional.ASKToolbar.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{9B27BEB0-16AE-4024-A727-6F520997558C}\RP274\A0050425.exe (PUP.Optional.OptimizePro.A) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{9B27BEB0-16AE-4024-A727-6F520997558C}\RP275\A0051380.exe (PUP.Optional.Somoto.A) -> Žiadna úloha nevykonaná.
G:\preberanie z internetu\DAEMON.Tools.Lite.v4.47.1.exe (PUP.Optional.OpenCandy) -> Žiadna úloha nevykonaná.
G:\preberanie z internetu\Adobe photoshop CS 3 cz full version by steven\keygen.exe (RiskWare.Tool.CK) -> Žiadna úloha nevykonaná.
G:\RECYCLER\S-1-5-21-1123561945-1035525444-1801674531-1003\Dg34.exe (PUP.Optional.Somoto) -> Žiadna úloha nevykonaná.

(koniec)