VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

SpyHunter

https://forum.viry.cz:443/viewtopic.php?t=133147

Stránka 1 z 2

SpyHunter

Napsal: 03 říj 2013 07:49
od kory
Dobrý den ,měl jsem před časem nainstalovaný Spy hunter ,ale jak jsem ho odinstaloval ,tak po startu windows
pokaždé napíše hlášku Enigma Software Group,LLC Custom Removal in Action a pak to dokončí viz foto.Nevím
jak se toho zbavit všechno jsem prošel po spuštění,registry ,hledal jsem to vším možným ,ale nic jsem nenašel.

Re: SpyHunter

Napsal: 03 říj 2013 20:39
od ŠlapetkaCZ
Zdravím,
zkuste svůj problém dát do řešení logů, protože mohli zůstat zbytky v registrech a nyní Vám to dělá neplechu.

Re: SpyHunter

Napsal: 03 říj 2013 21:21
od vyosek
Zdravim :)

:arrow: Nove tema nezakladejte, pokracujte tady...

:arrow: Ono ne nadarmo se SpyHunter popisuje na renomovanych forech takto
quietman píše:SpyHunter by Enigma Software is a program that was previously listed as a rogue product on the Rogue/Suspect Anti-Spyware Products List because of the company's history of employing aggressive and deceptive advertising. It has since been delisted but in my opinion it is a dubious program which is not very effective compared to others with a proven track record and I would not trust all the detections provided by its scanning engine.

When searching for unfamiliar or unknown malware on the Internet, it is not unusual to find numerous hits from untrustworthy and scam sites which misclassify detections or provide misleading information. This is deliberately done more as a scam to entice folks into buying an advertised fix or removal tool. SpyHunter is one of those so-called removal tools pushed by these sites.
A jeste jeden nazor ze http://spywarewarrior.com
Note on Enigma SpyHunter: Enigma's SpyHunter anti-spyware application was listed on this page primarily because of the company's history of employing aggressive, deceptive advertising (1, 2, 3, 4, 5). The company was also known for exploiting the name "spybot" in its domain names and online advertising. These objectionable business practices were employed primarily from late-2002 to mid-2004.

Sometime during summer of 2004 the company halted the most obnoxious and objectionable aspects of its online advertising. It also unloaded all the "spybot" domains (which were promptly picked up by Paretologic for its XoftSpy anti-spyware application).

While there are still unresolved allegations that SpyHunter transmits the Windows Product ID from users' PCs (1), we can no longer classify this application as "rogue/suspect." Nonetheless, SpyHunter -- at least in its current state -- cannot be recommended because of its mediocre performance as an anti-spyware scanner. Testing indicates that it does not recognize some well-known spyware installations and has difficulty removing critical spyware/adware files even from those it does recognize (1). Given the many excellent competing anti-spyware applications that are available (some for free), users would do better looking elsewhere for trustworthy anti-spyware protection.
:arrow: Dejte sem log z RSIT http://forum.viry.cz/viewtopic.php?f=24&t=130784 a mrknem na to...

Re: SpyHunter

Napsal: 04 říj 2013 07:29
od kory
Dík za odezvu tady je : budu tady až v pondělí večer


Logfile of random's system information tool 1.06 (written by random/random)
Run by kory at 2013-10-04 08:27:47
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 18 GB (8%) free of 238 GB
Total RAM: 3199 MB (83% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-PB-7D1560991FC9-kory.job
C:\WINDOWS\tasks\AutoKMS.job
C:\WINDOWS\tasks\avast! Emergency Update.job

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-08-30 4858968]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-12-29 15635896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2012-01-03 35736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-03-27 499608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeBridge]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR11]
C:\Program Files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [2011-08-18 925960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-05-12 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2012-12-29 108984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2009-03-15 180224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2006-12-19 16062464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2005-05-12 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Ralink Wireless Utility.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^TotalMedia Server.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^TP-LINK Wireless Configuration Utility.lnk]
C:\PROGRA~1\TP-LINK\TP-LIN~1\TWCU.exe [2011-04-11 788992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^kory^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk]
C:\PROGRA~1\MICROS~2\Office14\ONENOTEM.EXE [2010-03-29 227712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Microsoft SharePoint Workspace Audit Service"=3
"osppsvc"=3
"ose"=3
"JavaQuickStarterService"=2
"FlowFinder3MonstersOFX32"=2
"Transbase"=3
"ACS"=3

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-04-27 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDesktop"=0
"NoActiveDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\CyberLink\PowerDVD10\PowerDVD10.exe"="C:\Program Files\CyberLink\PowerDVD10\PowerDVD10.exe:*:Enabled:CyberLink PowerDVD 10.0"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Documents and Settings\kory\Local Settings\Temp\7zS7340\HPDiagnosticCoreUI.exe"="C:\Documents and Settings\kory\Local Settings\Temp\7zS7340\HPDiagnosticCoreUI.exe:*:Enabled:HPSAPS"
"C:\Documents and Settings\kory\Local Settings\Temp\7zS1389\HPDiagnosticCoreUI.exe"="C:\Documents and Settings\kory\Local Settings\Temp\7zS1389\HPDiagnosticCoreUI.exe:*:Enabled:HPSAPS"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\theHunter\launcher\launcher.exe"="C:\Program Files\theHunter\launcher\launcher.exe:*:Enabled:theHunter Launcher"
"C:\Program Files\theHunter\game\theHunter.exe"="C:\Program Files\theHunter\game\theHunter.exe:*:Enabled:theHunter"
"C:\Program Files\Woodcutter Simulator 2013\iupdate.dll"="C:\Program Files\Woodcutter Simulator 2013\iupdate.dll:*:Enabled:Woodcutter Simulator 2013"
"C:\Program Files\Woodcutter Simulator 2013\woodcutter2013.dll"="C:\Program Files\Woodcutter Simulator 2013\woodcutter2013.dll:*:Enabled:Woodcutter Simulator 2013"
"C:\Program Files\CyberLink\PowerDVD13\PowerDVD13.exe"="C:\Program Files\CyberLink\PowerDVD13\PowerDVD13.exe:*:Enabled:CyberLink PowerDVD13"
"C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe"="C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe:*:Enabled:CyberLink PowerDVD 13 Media Server Service"
"C:\Program Files\CyberLink\PowerDVD13\PowerDVD13Agent.exe"="C:\Program Files\CyberLink\PowerDVD13\PowerDVD13Agent.exe:*:Enabled:CyberLink PowerDVD13 Agent"
"C:\Program Files\CyberLink\PowerDVD13\PowerDVD13ML.exe"="C:\Program Files\CyberLink\PowerDVD13\PowerDVD13ML.exe:*:Enabled:CyberLink PowerDVD13 Moovie Live"
"C:\Program Files\CyberLink\PowerDVD13\Movie\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD13\Movie\PowerDVD.exe:*:Enabled:CyberLink PowerDVD13 Movie Module"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerDVD10\PowerDVD10.exe"="C:\Program Files\CyberLink\PowerDVD10\PowerDVD10.exe:*:Enabled:CyberLink PowerDVD 10.0"
"C:\Program Files\CyberLink\PowerDVD13\PowerDVD13.exe"="C:\Program Files\CyberLink\PowerDVD13\PowerDVD13.exe:*:Enabled:CyberLink PowerDVD13"
"C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe"="C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe:*:Enabled:CyberLink PowerDVD 13 Media Server Service"
"C:\Program Files\CyberLink\PowerDVD13\PowerDVD13Agent.exe"="C:\Program Files\CyberLink\PowerDVD13\PowerDVD13Agent.exe:*:Enabled:CyberLink PowerDVD13 Agent"
"C:\Program Files\CyberLink\PowerDVD13\PowerDVD13ML.exe"="C:\Program Files\CyberLink\PowerDVD13\PowerDVD13ML.exe:*:Enabled:CyberLink PowerDVD13 Moovie Live"
"C:\Program Files\CyberLink\PowerDVD13\Movie\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD13\Movie\PowerDVD.exe:*:Enabled:CyberLink PowerDVD13 Movie Module"

======List of files/folders created in the last 1 months======

2013-10-04 07:43:47 ----D---- C:\Program Files\trend micro
2013-10-04 07:43:46 ----D---- C:\rsit
2013-09-30 09:54:57 ----D---- C:\Program Files\CyberLink
2013-09-10 19:20:43 ----D---- C:\Documents and Settings\kory\Data aplikací\Malwarebytes
2013-09-10 19:20:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-09-10 19:19:46 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

======List of files/folders modified in the last 1 months======

2013-10-04 08:26:07 ----D---- C:\WINDOWS\Prefetch
2013-10-04 08:25:53 ----D---- C:\WINDOWS\Temp
2013-10-04 07:43:47 ----D---- C:\Program Files
2013-10-03 20:18:19 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-10-03 09:02:28 ----D---- C:\Documents and Settings\kory\Data aplikací\AIMP
2013-10-02 21:06:07 ----SHD---- C:\WINDOWS\Installer
2013-10-02 21:05:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-10-02 16:07:37 ----D---- C:\WINDOWS
2013-09-30 18:18:44 ----D---- C:\WINDOWS\system32
2013-09-30 16:30:54 ----D---- C:\Documents and Settings\kory\Data aplikací\uTorrent
2013-09-30 12:22:27 ----D---- C:\WINDOWS\system32\CatRoot2
2013-09-30 10:36:15 ----D---- C:\Documents and Settings\kory\Data aplikací\ArcSoft
2013-09-30 10:33:32 ----D---- C:\WINDOWS\system32\drivers
2013-09-30 09:58:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\CyberLink
2013-09-30 09:58:09 ----D---- C:\Documents and Settings\kory\Data aplikací\CyberLink
2013-09-30 09:56:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\install_clap
2013-09-30 09:56:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\PDVD
2013-09-30 09:54:49 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2013-09-30 09:54:48 ----HD---- C:\Program Files\InstallShield Installation Information
2013-09-19 18:48:55 ----SD---- C:\WINDOWS\Tasks
2013-09-14 17:07:49 ----A---- C:\WINDOWS\system32\ssprs.dll
2013-09-14 17:07:49 ----A---- C:\WINDOWS\system32\lsprst7.dll
2013-09-11 11:50:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2013-09-11 08:49:49 ----D---- C:\Program Files\PhotoFiltre Studio X
2013-09-06 11:21:03 ----D---- C:\Program Files\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2013-08-30 49760]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-08-30 770344]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-08-30 369584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-08-30 56080]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5};Power Control [2013/09/30 09:56:43]; \??\C:\Program Files\CyberLink\PowerDVD13\Common\NavFilter\000.fcl []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-08-30 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2009-09-17 92712]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver; C:\WINDOWS\system32\DRIVERS\thdudf.sys [2006-11-11 66944]
R3 AR5416;Wireless PCI Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2011-04-11 1606976]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-12-21 4405248]
R3 JSWSCIMD;jswscimd Service; C:\WINDOWS\system32\DRIVERS\jswscimd.sys [2011-04-11 57440]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-12-29 10686200]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2005-11-02 10368]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2011-04-11 58208]
S1 ArcCtrl;ArcCtrl; C:\WINDOWS\system32\drivers\ArcCtrl.sys []
S1 ArcSec;ArcSec; C:\WINDOWS\system32\drivers\ArcSec.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 zumbus;Zune Bus Enumerator Driver; C:\WINDOWS\system32\DRIVERS\zumbus.sys []
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-27 60800]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-27 61824]
S3 RT61;Ralink RT61 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-04-27 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-04-27 82944]
S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2005-05-06 232064]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 jswpsapi;JumpStart Wi-Fi Protected Setup; C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe [2011-04-11 360529]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 ACS;TP-LINK Configuration Service; C:\WINDOWS\system32\acs.exe [2011-04-11 499796]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 CyberLink PowerDVD 13 Media Server Monitor Service;CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [2013-07-05 77576]
S4 CyberLink PowerDVD 13 Media Server Service;CyberLink PowerDVD 13 Media Server Service; C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [2013-07-05 327432]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-03-19 153376]
S4 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-12-29 157112]
S4 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-12-29 1260472]
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]

-----------------EOF-----------------

Re: SpyHunter

Napsal: 04 říj 2013 16:23
od cernohous13
Zdravím a doporučuji odinstalovat nelegální Office a zbytečný Spybot
pak nový RSIT - kolega by mohl být nepříjemný :D

Re: SpyHunter

Napsal: 04 říj 2013 21:18
od vyosek
Diky kolegovi za vstup, az bude splneno co psal, tak budem pokracovat :)

Re: SpyHunter

Napsal: 07 říj 2013 22:15
od kory
office mám ofiko ale kms tam byl z dřívější doby ,spybotem jsem někdy proskenoval jinak nebyl spuštěn



Logfile of random's system information tool 1.06 (written by random/random)
Run by kory at 2013-10-07 23:02:48
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 31 GB (13%) free of 238 GB
Total RAM: 3199 MB (84% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-08-30 4858968]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-12-29 15635896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2012-01-03 35736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-03-27 499608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeBridge]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR11]
C:\Program Files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [2011-08-18 925960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-05-12 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2012-12-29 108984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2009-03-15 180224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2006-12-19 16062464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2005-05-12 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Ralink Wireless Utility.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^TotalMedia Server.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^TP-LINK Wireless Configuration Utility.lnk]
C:\PROGRA~1\TP-LINK\TP-LIN~1\TWCU.exe [2011-04-11 788992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^kory^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Microsoft SharePoint Workspace Audit Service"=3
"osppsvc"=3
"ose"=3
"JavaQuickStarterService"=2
"FlowFinder3MonstersOFX32"=2
"Transbase"=3
"ACS"=3

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-04-27 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDesktop"=0
"NoActiveDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Documents and Settings\kory\Local Settings\Temp\7zS7340\HPDiagnosticCoreUI.exe"="C:\Documents and Settings\kory\Local Settings\Temp\7zS7340\HPDiagnosticCoreUI.exe:*:Enabled:HPSAPS"
"C:\Documents and Settings\kory\Local Settings\Temp\7zS1389\HPDiagnosticCoreUI.exe"="C:\Documents and Settings\kory\Local Settings\Temp\7zS1389\HPDiagnosticCoreUI.exe:*:Enabled:HPSAPS"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\theHunter\launcher\launcher.exe"="C:\Program Files\theHunter\launcher\launcher.exe:*:Enabled:theHunter Launcher"
"C:\Program Files\theHunter\game\theHunter.exe"="C:\Program Files\theHunter\game\theHunter.exe:*:Enabled:theHunter"
"C:\Program Files\CyberLink\PowerDVD13\PowerDVD13.exe"="C:\Program Files\CyberLink\PowerDVD13\PowerDVD13.exe:*:Enabled:CyberLink PowerDVD13"
"C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe"="C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe:*:Enabled:CyberLink PowerDVD 13 Media Server Service"
"C:\Program Files\CyberLink\PowerDVD13\PowerDVD13Agent.exe"="C:\Program Files\CyberLink\PowerDVD13\PowerDVD13Agent.exe:*:Enabled:CyberLink PowerDVD13 Agent"
"C:\Program Files\CyberLink\PowerDVD13\PowerDVD13ML.exe"="C:\Program Files\CyberLink\PowerDVD13\PowerDVD13ML.exe:*:Enabled:CyberLink PowerDVD13 Moovie Live"
"C:\Program Files\CyberLink\PowerDVD13\Movie\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD13\Movie\PowerDVD.exe:*:Enabled:CyberLink PowerDVD13 Movie Module"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerDVD13\PowerDVD13.exe"="C:\Program Files\CyberLink\PowerDVD13\PowerDVD13.exe:*:Enabled:CyberLink PowerDVD13"
"C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe"="C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe:*:Enabled:CyberLink PowerDVD 13 Media Server Service"
"C:\Program Files\CyberLink\PowerDVD13\PowerDVD13Agent.exe"="C:\Program Files\CyberLink\PowerDVD13\PowerDVD13Agent.exe:*:Enabled:CyberLink PowerDVD13 Agent"
"C:\Program Files\CyberLink\PowerDVD13\PowerDVD13ML.exe"="C:\Program Files\CyberLink\PowerDVD13\PowerDVD13ML.exe:*:Enabled:CyberLink PowerDVD13 Moovie Live"
"C:\Program Files\CyberLink\PowerDVD13\Movie\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD13\Movie\PowerDVD.exe:*:Enabled:CyberLink PowerDVD13 Movie Module"

======List of files/folders created in the last 1 months======

2013-10-07 20:56:03 ----SHD---- C:\Config.Msi
2013-10-04 07:43:47 ----D---- C:\Program Files\trend micro
2013-10-04 07:43:46 ----D---- C:\rsit
2013-09-30 09:54:57 ----D---- C:\Program Files\CyberLink

======List of files/folders modified in the last 1 months======

2013-10-07 22:58:19 ----SD---- C:\WINDOWS\Tasks
2013-10-07 22:54:41 ----D---- C:\WINDOWS\Prefetch
2013-10-07 22:46:01 ----D---- C:\Documents and Settings\kory\Data aplikací\CyberLink
2013-10-07 22:13:22 ----D---- C:\WINDOWS\Temp
2013-10-07 22:12:34 ----D---- C:\Program Files\CCleaner
2013-10-07 22:09:03 ----D---- C:\WINDOWS
2013-10-07 22:03:21 ----N---- C:\WINDOWS\SchedLgU.Txt
2013-10-07 21:30:10 ----D---- C:\Program Files
2013-10-07 21:28:00 ----D---- C:\Program Files\Common Files
2013-10-07 21:11:11 ----D---- C:\WINDOWS\system32\drivers
2013-10-07 21:11:08 ----SHD---- C:\WINDOWS\Installer
2013-10-07 20:59:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-10-07 20:59:31 ----RSD---- C:\WINDOWS\assembly
2013-10-07 20:59:21 ----D---- C:\Program Files\Microsoft.NET
2013-10-07 20:59:21 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-10-07 20:58:25 ----RSD---- C:\WINDOWS\Fonts
2013-10-07 20:58:17 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-10-07 20:58:04 ----D---- C:\WINDOWS\system32
2013-10-07 20:54:55 ----HD---- C:\WINDOWS\inf
2013-10-03 09:02:28 ----D---- C:\Documents and Settings\kory\Data aplikací\AIMP
2013-09-30 16:30:54 ----D---- C:\Documents and Settings\kory\Data aplikací\uTorrent
2013-09-30 12:22:27 ----D---- C:\WINDOWS\system32\CatRoot2
2013-09-30 09:58:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\CyberLink
2013-09-30 09:56:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\install_clap
2013-09-30 09:56:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\PDVD
2013-09-30 09:54:49 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2013-09-30 09:54:48 ----HD---- C:\Program Files\InstallShield Installation Information
2013-09-14 17:07:49 ----A---- C:\WINDOWS\system32\ssprs.dll
2013-09-14 17:07:49 ----A---- C:\WINDOWS\system32\lsprst7.dll
2013-09-11 08:49:49 ----D---- C:\Program Files\PhotoFiltre Studio X

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2013-08-30 49760]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-08-30 770344]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-08-30 369584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-08-30 56080]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5};Power Control [2013/09/30 09:56:43]; \??\C:\Program Files\CyberLink\PowerDVD13\Common\NavFilter\000.fcl []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-08-30 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2009-09-17 92712]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver; C:\WINDOWS\system32\DRIVERS\thdudf.sys [2006-11-11 66944]
R3 AR5416;Wireless PCI Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2011-04-11 1606976]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-12-21 4405248]
R3 JSWSCIMD;jswscimd Service; C:\WINDOWS\system32\DRIVERS\jswscimd.sys [2011-04-11 57440]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-12-29 10686200]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2005-11-02 10368]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2011-04-11 58208]
S1 ArcCtrl;ArcCtrl; C:\WINDOWS\system32\drivers\ArcCtrl.sys []
S1 ArcSec;ArcSec; C:\WINDOWS\system32\drivers\ArcSec.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 zumbus;Zune Bus Enumerator Driver; C:\WINDOWS\system32\DRIVERS\zumbus.sys []
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-27 60800]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-27 61824]
S3 RT61;Ralink RT61 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-04-27 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-04-27 82944]
S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2005-05-06 232064]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 jswpsapi;JumpStart Wi-Fi Protected Setup; C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe [2011-04-11 360529]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 ACS;TP-LINK Configuration Service; C:\WINDOWS\system32\acs.exe [2011-04-11 499796]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 CyberLink PowerDVD 13 Media Server Monitor Service;CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [2013-07-05 77576]
S4 CyberLink PowerDVD 13 Media Server Service;CyberLink PowerDVD 13 Media Server Service; C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [2013-07-05 327432]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-03-19 153376]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-12-29 157112]
S4 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-12-29 1260472]
S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]

-----------------EOF-----------------

Re: SpyHunter

Napsal: 08 říj 2013 07:52
od vyosek
Poprosim o log z FRSTL http://forum.viry.cz/viewtopic.php?f=24&t=132509

Re: SpyHunter

Napsal: 08 říj 2013 08:09
od kory
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2013
Ran by kory (administrator) on PB-7D1560991FC9 on 08-10-2013 09:02:50
Running from C:\Documents and Settings\kory\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastUI.exe
(Opera Software) C:\Program Files\Opera\opera.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD13\PowerDVD13Agent.exe
(forum.viry.cz) C:\Documents and Settings\kory\Plocha\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM\...\Run: [Alcmtr] - C:\Windows\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKCU\...\Policies\system: [EnableLUA] 0
HKU\Default User\...\RunOnce: [nltide_2] - regsvr32 /s /n /i:U shell32
HKU\LocalService\...\RunOnce: [nltide_2] - regsvr32 /s /n /i:U shell32
HKU\UpdatusUser\...\RunOnce: [nltide_2] - regsvr32 /s /n /i:U shell32
BootExecute: autocheck autochk * sh4native Sh4Removal

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... R}&ar=home
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {DA9BD144-37DB-4C47-9C2E-BB9104FFE825} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKCU - {DA9BD144-37DB-4C47-9C2E-BB9104FFE825} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

Chrome:
=======
CHR Extension: () - C:\DOCUME~1\kory\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\fbephpdejkehiohdhedkphnmphcoafdk\1

========================== Services (Whitelisted) =================

S4 ACS; C:\WINDOWS\system32\acs.exe [499796 2011-04-11] (Atheros)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
S4 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-07-05] (CyberLink)
S4 CyberLink PowerDVD 13 Media Server Service; C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2013-07-05] (CyberLink)
S3 jswpsapi; C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe [360529 2011-04-11] (wireless)
S4 ADExchange;
S4 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"

==================== Drivers (Whitelisted) ====================

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R3 AR5416; C:\Windows\System32\DRIVERS\athw.sys [1606976 2011-04-11] (Atheros Communications, Inc.)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [49760 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [177864 2013-08-30] ()
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [51120 2005-03-08] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2005-03-08] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21744 2005-03-08] (HP)
R3 JSWSCIMD; C:\Windows\System32\DRIVERS\jswscimd.sys [57440 2011-04-11] (Atheros Communications, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [10368 2005-11-02] (Padus, Inc.)
R2 thdudf; C:\Windows\System32\DRIVERS\thdudf.sys [66944 2006-11-11] (TOSHIBA Corporation)
R0 TPkd; C:\Windows\System32\Drivers\TPkd.sys [93232 2008-09-08] (PACE Anti-Piracy, Inc.)
R3 WSIMD; C:\Windows\System32\DRIVERS\wsimd.sys [58208 2011-04-11] (Atheros Communications, Inc.)
S3 yukonwxp; C:\Windows\System32\DRIVERS\yk51x86.sys [232064 2005-05-06] (Marvell)
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [76560 2013-07-06] (CyberLink Corp.)
S1 ArcCtrl; system32\drivers\ArcCtrl.sys [x]
S1 ArcSec; system32\drivers\ArcSec.sys [x]
S3 CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys [x]
S4 IntelIde; No ImagePath
S3 RT61; system32\DRIVERS\RT61.sys [x]
U1 WS2IFSL;
S2 zumbus; system32\DRIVERS\zumbus.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-08 09:02 - 2013-10-08 09:02 - 00000000 ____D C:\FRST
2013-10-08 09:01 - 2013-10-08 09:01 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\kory\Plocha\FRSTLauncher.exe
2013-10-08 08:59 - 2013-10-08 08:59 - 01087213 _____ (Farbar) C:\Documents and Settings\kory\Plocha\FRST.exe
2013-10-08 08:56 - 2013-10-08 08:56 - 00001525 _____ C:\Documents and Settings\All Users\Plocha\mkvmerge GUI.lnk
2013-10-08 08:56 - 2013-10-08 08:56 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\MKVToolNix
2013-10-08 08:44 - 2013-10-08 08:44 - 00000821 _____ C:\Documents and Settings\kory\Plocha\tsMuxerGUI.lnk
2013-10-08 08:35 - 2013-10-08 08:35 - 02806952 _____ C:\Documents and Settings\kory\Dokumenty\tsMuxeR_1.12.14b.zip
2013-10-08 07:54 - 2013-10-08 07:56 - 112060463 _____ C:\Documents and Settings\kory\Dokumenty\Aplikace Nokia Pro Cam - Stereo video pro Lumia 820, Lumia 920 ....mp4
2013-10-08 06:39 - 2013-10-08 06:39 - 00000000 ___HD C:\WINDOWS\PIF
2013-10-07 23:53 - 2013-10-07 23:53 - 00000841 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-07 22:11 - 2013-10-07 22:11 - 04369632 _____ (Piriform Ltd) C:\Documents and Settings\kory\Dokumenty\ccsetup406.exe
2013-10-04 07:43 - 2013-10-07 23:02 - 00000000 ____D C:\rsit
2013-10-04 07:43 - 2013-10-07 23:02 - 00000000 ____D C:\Program Files\trend micro
2013-10-04 07:43 - 2013-10-04 07:43 - 00781909 _____ C:\Documents and Settings\kory\Plocha\RSIT.exe
2013-10-03 08:37 - 2013-10-03 08:37 - 01278372 _____ C:\Documents and Settings\kory\Plocha\Track 2013-08-17 10_32.gpx
2013-10-02 16:07 - 2013-10-04 13:34 - 00000130 _____ C:\WINDOWS\pink
2013-10-02 16:07 - 2013-10-02 16:08 - 00000000 ____D C:\Documents and Settings\kory\Plocha\rytir hra
2013-10-02 16:07 - 2013-10-02 16:07 - 05846158 _____ C:\Documents and Settings\kory\Plocha\wf.zip
2013-09-30 17:54 - 2013-09-30 19:08 - 682168321 _____ C:\Documents and Settings\kory\Dokumenty\Ucastnici-zajezdu.avi
2013-09-30 09:58 - 2013-09-30 09:58 - 00000000 ____D C:\Documents and Settings\kory\Local Settings\Data aplikací\Cyberlink SoftDMA
2013-09-30 09:58 - 2013-09-30 09:58 - 00000000 ____D C:\Documents and Settings\kory\Dokumenty\CyberLink
2013-09-30 09:56 - 2013-09-30 09:56 - 00001808 _____ C:\Documents and Settings\All Users\Plocha\CyberLink PowerDVD 13.lnk
2013-09-30 09:56 - 2013-09-30 09:56 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\MediaServer
2013-09-30 09:56 - 2013-09-30 09:56 - 00000000 ____D C:\Documents and Settings\kory\CyberLink
2013-09-30 09:56 - 2013-09-30 09:56 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\CyberLink PowerDVD 13
2013-09-30 09:54 - 2013-09-30 09:54 - 00000000 ____D C:\Program Files\CyberLink
2013-09-28 22:45 - 2013-09-30 09:31 - 09743083 _____ (Moritz Bunkus) C:\Documents and Settings\kory\Dokumenty\mkvtoolnix-unicode-6.4.1-setup.exe
2013-09-28 07:41 - 2013-09-28 07:41 - 00000000 ____D C:\Documents and Settings\kory\Dokumenty\045662
2013-09-24 06:04 - 2013-09-24 06:04 - 00000000 ____D C:\Documents and Settings\kory\Dokumenty\Nabijecka_ze_zdroje_PC
2013-09-24 06:01 - 2011-11-22 17:37 - 00000000 ____D C:\Documents and Settings\kory\Dokumenty\Kniha Inteligentní nabíječky
2013-09-24 05:51 - 2013-09-24 05:57 - 118697383 _____ C:\Documents and Settings\kory\Dokumenty\Kniha-Inteligentní-nabíječky.rar
2013-09-11 07:06 - 2013-09-11 07:06 - 00042348 _____ C:\Documents and Settings\kory\Dokumenty\kyo126.xps
2013-09-11 06:48 - 2013-09-11 06:48 - 11611134 _____ C:\Documents and Settings\kory\Dokumenty\onkyo.bmp
2013-09-10 00:25 - 2013-09-10 00:26 - 00000000 ____D C:\Documents and Settings\kory\Dokumenty\FLASH
2013-09-10 00:23 - 2010-08-07 15:38 - 07997251 _____ (AIMP DevTeam) C:\Documents and Settings\kory\Dokumenty\aimp_2.61.583.exe
2013-09-08 16:39 - 2013-09-08 16:39 - 00001460 _____ C:\Documents and Settings\All Users\Plocha\Counter-Strike Source.lnk
2013-09-08 16:39 - 2013-09-08 16:39 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Counter-Strike Source
2013-09-08 16:24 - 2013-09-08 16:39 - 00000000 ____D C:\Documents and Settings\kory\Plocha\css

==================== One Month Modified Files and Folders =======

2013-10-08 09:02 - 2013-10-08 09:02 - 00000000 ____D C:\FRST
2013-10-08 09:02 - 2012-02-19 18:51 - 00000000 ___HD C:\Documents and Settings\kory\Local Settings\Data aplikací
2013-10-08 09:02 - 2012-02-19 18:51 - 00000000 ____D C:\Documents and Settings\kory\Plocha
2013-10-08 09:01 - 2013-10-08 09:01 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\kory\Plocha\FRSTLauncher.exe
2013-10-08 08:59 - 2013-10-08 08:59 - 01087213 _____ (Farbar) C:\Documents and Settings\kory\Plocha\FRST.exe
2013-10-08 08:56 - 2013-10-08 08:56 - 00001525 _____ C:\Documents and Settings\All Users\Plocha\mkvmerge GUI.lnk
2013-10-08 08:56 - 2013-10-08 08:56 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\MKVToolNix
2013-10-08 08:56 - 2012-03-05 18:30 - 00000000 ____D C:\Program Files\MKVtoolnix
2013-10-08 08:56 - 2012-02-19 19:35 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-10-08 08:56 - 2012-02-19 19:35 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-10-08 08:44 - 2013-10-08 08:44 - 00000821 _____ C:\Documents and Settings\kory\Plocha\tsMuxerGUI.lnk
2013-10-08 08:43 - 2012-02-24 06:52 - 00000000 ____D C:\Documents and Settings\kory\Dokumenty\ÚPRAVA HD
2013-10-08 08:43 - 2012-02-19 18:51 - 00000000 __RHD C:\Documents and Settings\kory\Dokumenty
2013-10-08 08:35 - 2013-10-08 08:35 - 02806952 _____ C:\Documents and Settings\kory\Dokumenty\tsMuxeR_1.12.14b.zip
2013-10-08 08:10 - 2012-10-29 09:39 - 00002698 _____ C:\Documents and Settings\kory\Dokumenty\ytd.xml
2013-10-08 08:10 - 2012-02-23 11:19 - 00000000 ____D C:\Documents and Settings\kory\Data aplikací\CyberLink
2013-10-08 07:56 - 2013-10-08 07:54 - 112060463 _____ C:\Documents and Settings\kory\Dokumenty\Aplikace Nokia Pro Cam - Stereo video pro Lumia 820, Lumia 920 ....mp4
2013-10-08 07:52 - 2013-08-05 16:49 - 00000000 ____D C:\Documents and Settings\kory\Dokumenty\Lumia Amber
2013-10-08 06:48 - 2012-07-11 14:29 - 00000316 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2013-10-08 06:39 - 2013-10-08 06:39 - 00000000 ___HD C:\WINDOWS\PIF
2013-10-08 06:20 - 2012-02-24 17:34 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-10-08 06:20 - 2012-02-24 17:34 - 00000049 _____ C:\WINDOWS\wiaservc.log
2013-10-08 06:20 - 2012-02-19 18:50 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-10-08 06:20 - 2001-10-25 18:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-10-07 23:53 - 2013-10-07 23:53 - 00000841 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-07 23:53 - 2012-05-22 11:10 - 00032186 _____ C:\WINDOWS\SchedLgU.Txt
2013-10-07 23:53 - 2012-02-19 18:51 - 00000178 ___SH C:\Documents and Settings\kory\ntuser.ini
2013-10-07 23:02 - 2013-10-04 07:43 - 00000000 ____D C:\rsit
2013-10-07 23:02 - 2013-10-04 07:43 - 00000000 ____D C:\Program Files\trend micro
2013-10-07 22:50 - 2012-02-19 18:51 - 00000000 ____D C:\Documents and Settings\kory
2013-10-07 22:45 - 2012-02-19 18:51 - 00000000 ___HD C:\Documents and Settings\kory\Data aplikací
2013-10-07 22:39 - 2012-02-19 19:35 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-10-07 22:12 - 2012-02-20 17:31 - 00000682 _____ C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
2013-10-07 22:12 - 2012-02-20 17:31 - 00000000 ____D C:\Program Files\CCleaner
2013-10-07 22:11 - 2013-10-07 22:11 - 04369632 _____ (Piriform Ltd) C:\Documents and Settings\kory\Dokumenty\ccsetup406.exe
2013-10-07 22:06 - 2012-02-19 19:34 - 02003640 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-07 22:02 - 2012-02-19 18:52 - 00087008 _____ C:\Documents and Settings\kory\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2013-10-07 20:59 - 2012-03-08 13:06 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-10-07 20:59 - 2012-03-08 13:04 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-10-07 20:59 - 2012-02-19 19:36 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-10-06 17:02 - 2012-03-08 13:07 - 00065536 _____ C:\WINDOWS\system32\config\OAlerts.evt
2013-10-04 13:34 - 2013-10-02 16:07 - 00000130 _____ C:\WINDOWS\pink
2013-10-04 07:43 - 2013-10-04 07:43 - 00781909 _____ C:\Documents and Settings\kory\Plocha\RSIT.exe
2013-10-03 09:02 - 2012-02-19 21:51 - 00000000 ____D C:\Documents and Settings\kory\Data aplikací\AIMP
2013-10-03 08:37 - 2013-10-03 08:37 - 01278372 _____ C:\Documents and Settings\kory\Plocha\Track 2013-08-17 10_32.gpx
2013-10-02 16:08 - 2013-10-02 16:07 - 00000000 ____D C:\Documents and Settings\kory\Plocha\rytir hra
2013-10-02 16:07 - 2013-10-02 16:07 - 05846158 _____ C:\Documents and Settings\kory\Plocha\wf.zip
2013-09-30 19:08 - 2013-09-30 17:54 - 682168321 _____ C:\Documents and Settings\kory\Dokumenty\Ucastnici-zajezdu.avi
2013-09-30 16:30 - 2012-03-12 07:19 - 00000000 ____D C:\Documents and Settings\kory\Data aplikací\uTorrent
2013-09-30 11:17 - 2013-04-10 13:18 - 1051591300 _____ C:\Documents and Settings\kory\Dokumenty\Opl.rar
2013-09-30 09:58 - 2013-09-30 09:58 - 00000000 ____D C:\Documents and Settings\kory\Local Settings\Data aplikací\Cyberlink SoftDMA
2013-09-30 09:58 - 2013-09-30 09:58 - 00000000 ____D C:\Documents and Settings\kory\Dokumenty\CyberLink
2013-09-30 09:58 - 2012-02-23 11:19 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\CyberLink
2013-09-30 09:56 - 2013-09-30 09:56 - 00001808 _____ C:\Documents and Settings\All Users\Plocha\CyberLink PowerDVD 13.lnk
2013-09-30 09:56 - 2013-09-30 09:56 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\MediaServer
2013-09-30 09:56 - 2013-09-30 09:56 - 00000000 ____D C:\Documents and Settings\kory\CyberLink
2013-09-30 09:56 - 2013-09-30 09:56 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\CyberLink PowerDVD 13
2013-09-30 09:56 - 2012-02-23 11:47 - 00000000 ____D C:\Documents and Settings\kory\Local Settings\Data aplikací\Cyberlink
2013-09-30 09:56 - 2012-02-23 11:19 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\PDVD
2013-09-30 09:56 - 2012-02-23 11:16 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\install_clap
2013-09-30 09:56 - 2012-02-19 18:50 - 00000000 ___HD C:\Documents and Settings\NetworkService\Local Settings\Data aplikací
2013-09-30 09:54 - 2013-09-30 09:54 - 00000000 ____D C:\Program Files\CyberLink
2013-09-30 09:54 - 2012-02-19 19:17 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-09-30 09:31 - 2013-09-28 22:45 - 09743083 _____ (Moritz Bunkus) C:\Documents and Settings\kory\Dokumenty\mkvtoolnix-unicode-6.4.1-setup.exe
2013-09-28 07:41 - 2013-09-28 07:41 - 00000000 ____D C:\Documents and Settings\kory\Dokumenty\045662
2013-09-24 06:04 - 2013-09-24 06:04 - 00000000 ____D C:\Documents and Settings\kory\Dokumenty\Nabijecka_ze_zdroje_PC
2013-09-24 05:57 - 2013-09-24 05:51 - 118697383 _____ C:\Documents and Settings\kory\Dokumenty\Kniha-Inteligentní-nabíječky.rar
2013-09-19 18:48 - 2012-02-19 18:47 - 00002504 _____ C:\WINDOWS\system32\CONFIG.NT
2013-09-14 17:07 - 2012-03-08 17:25 - 00000349 _____ C:\WINDOWS\system32\lsprst7.tgz
2013-09-14 17:07 - 2012-03-08 17:25 - 00000335 _____ C:\WINDOWS\system32\lsprst7.dll
2013-09-14 17:07 - 2012-03-08 17:25 - 00000087 _____ C:\WINDOWS\system32\ssprs.tgz
2013-09-14 17:07 - 2012-03-08 17:25 - 00000073 _____ C:\WINDOWS\system32\ssprs.dll
2013-09-11 08:49 - 2012-02-19 22:00 - 00000000 ____D C:\Program Files\PhotoFiltre Studio X
2013-09-11 07:06 - 2013-09-11 07:06 - 00042348 _____ C:\Documents and Settings\kory\Dokumenty\kyo126.xps
2013-09-11 06:48 - 2013-09-11 06:48 - 11611134 _____ C:\Documents and Settings\kory\Dokumenty\onkyo.bmp
2013-09-11 05:56 - 2013-04-29 09:11 - 00002485 _____ C:\Documents and Settings\All Users\Plocha\ABBYY FineReader 11.lnk
2013-09-10 00:26 - 2013-09-10 00:25 - 00000000 ____D C:\Documents and Settings\kory\Dokumenty\FLASH
2013-09-08 16:39 - 2013-09-08 16:39 - 00001460 _____ C:\Documents and Settings\All Users\Plocha\Counter-Strike Source.lnk
2013-09-08 16:39 - 2013-09-08 16:39 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Counter-Strike Source
2013-09-08 16:39 - 2013-09-08 16:24 - 00000000 ____D C:\Documents and Settings\kory\Plocha\css

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2008-04-14 10:52] - [2008-04-14 10:52] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2008-04-14 10:52] - [2008-04-14 10:52] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2008-04-14 10:52] - [2008-04-14 10:52] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2008-04-14 10:52] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2008-04-14 10:52] - [2008-04-14 10:52] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2008-04-14 10:52] - [2008-04-14 10:52] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\Drivers\volsnap.sys
[2008-04-14 09:42] - [2008-04-14 09:42] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1





===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:232.88 GB) (Free:30.11 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (Místní disk) (Fixed) (Total:232.88 GB) (Free:1.31 GB) NTFS
Drive n: (Místní disk) (Fixed) (Total:465.76 GB) (Free:23.06 GB) NTFS

Available physical RAM: 2402.06 MB
Total physical RAM: 3199.17 MB
Percentage of memory in use: 24%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 233 GB) (Disk ID: 0FD80FD7)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: ABFF3AF6)
Partition 1: (Not Active) - (Size=466 GB) - (Type=42)
Disk: 2 (Size: 233 GB) (Disk ID: 87F587F5)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:0888F409
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:3440EB47
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:373E1720
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:66633281

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus (Disabled) {7591DB91-41F0-48A3-B128-1A293FD8233D}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\kory\Plocha" je 1455 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeBridge
"C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager
"C:\Program Files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR11
RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
C:\Program Files\PowerISO\PWRISOVM.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter
"C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL
Reim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel
Reim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
Reim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard
Reim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender
Reim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^HP Digital Imaging Monitor.lnk
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^Ralink Wireless Utility.lnk
C:\PROGRA~1\TP-LINK\TP-LIN~1\TWCU.exe -nogui [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^TotalMedia Server.lnk


HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^TP-LINK Wireless Configuration Utility.lnk


HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^kory^Nabdka Start^Programy^Po sputn^Vezy obrazovky a sputn aplikace OneNote 2010.lnk



HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services
Microsoft SharePoint Workspace Audit Service REG_DWORD 0x3
osppsvc REG_DWORD 0x3
ose REG_DWORD 0x3
JavaQuickStarterService REG_DWORD 0x2
FlowFinder3MonstersOFX32 REG_DWORD 0x2
Transbase REG_DWORD 0x3
ACS REG_DWORD 0x3

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\CyberLink\\PowerDVD13\\PowerDVD13.exe"="C:\\Program Files\\CyberLink\\PowerDVD13\\PowerDVD13.exe:*:Enabled:CyberLink PowerDVD13"
"C:\\Program Files\\CyberLink\\PowerDVD13\\Kernel\\DMS\\CLMSServerPDVD13.exe"="C:\\Program Files\\CyberLink\\PowerDVD13\\Kernel\\DMS\\CLMSServerPDVD13.exe:*:Enabled:CyberLink PowerDVD 13 Media Server Service"
"C:\\Program Files\\CyberLink\\PowerDVD13\\PowerDVD13Agent.exe"="C:\\Program Files\\CyberLink\\PowerDVD13\\PowerDVD13Agent.exe:*:Enabled:CyberLink PowerDVD13 Agent"
"C:\\Program Files\\CyberLink\\PowerDVD13\\PowerDVD13ML.exe"="C:\\Program Files\\CyberLink\\PowerDVD13\\PowerDVD13ML.exe:*:Enabled:CyberLink PowerDVD13 Moovie Live"
"C:\\Program Files\\CyberLink\\PowerDVD13\\Movie\\PowerDVD.exe"="C:\\Program Files\\CyberLink\\PowerDVD13\\Movie\\PowerDVD.exe:*:Enabled:CyberLink PowerDVD13 Movie Module"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Opera\\opera.exe"="C:\\Program Files\\Opera\\opera.exe:*:Enabled:Opera Internet Browser"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:uTorrent"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Documents and Settings\\kory\\Local Settings\\Temp\\7zS7340\\HPDiagnosticCoreUI.exe"="C:\\Documents and Settings\\kory\\Local Settings\\Temp\\7zS7340\\HPDiagnosticCoreUI.exe:*:Enabled:HPSAPS"
"C:\\Documents and Settings\\kory\\Local Settings\\Temp\\7zS1389\\HPDiagnosticCoreUI.exe"="C:\\Documents and Settings\\kory\\Local Settings\\Temp\\7zS1389\\HPDiagnosticCoreUI.exe:*:Enabled:HPSAPS"
"C:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"="C:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\\Program Files\\theHunter\\launcher\\launcher.exe"="C:\\Program Files\\theHunter\\launcher\\launcher.exe:*:Enabled:theHunter Launcher"
"C:\\Program Files\\theHunter\\game\\theHunter.exe"="C:\\Program Files\\theHunter\\game\\theHunter.exe:*:Enabled:theHunter"
"C:\\Program Files\\CyberLink\\PowerDVD13\\PowerDVD13.exe"="C:\\Program Files\\CyberLink\\PowerDVD13\\PowerDVD13.exe:*:Enabled:CyberLink PowerDVD13"
"C:\\Program Files\\CyberLink\\PowerDVD13\\Kernel\\DMS\\CLMSServerPDVD13.exe"="C:\\Program Files\\CyberLink\\PowerDVD13\\Kernel\\DMS\\CLMSServerPDVD13.exe:*:Enabled:CyberLink PowerDVD 13 Media Server Service"
"C:\\Program Files\\CyberLink\\PowerDVD13\\PowerDVD13Agent.exe"="C:\\Program Files\\CyberLink\\PowerDVD13\\PowerDVD13Agent.exe:*:Enabled:CyberLink PowerDVD13 Agent"
"C:\\Program Files\\CyberLink\\PowerDVD13\\PowerDVD13ML.exe"="C:\\Program Files\\CyberLink\\PowerDVD13\\PowerDVD13ML.exe:*:Enabled:CyberLink PowerDVD13 Moovie Live"
"C:\\Program Files\\CyberLink\\PowerDVD13\\Movie\\PowerDVD.exe"="C:\\Program Files\\CyberLink\\PowerDVD13\\Movie\\PowerDVD.exe:*:Enabled:CyberLink PowerDVD13 Movie Module"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008"


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: SpyHunter

Napsal: 08 říj 2013 11:25
od vyosek
:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
HKU\Default User\...\RunOnce: [nltide_2] - regsvr32 /s /n /i:U shell32
HKU\LocalService\...\RunOnce: [nltide_2] - regsvr32 /s /n /i:U shell32
HKU\UpdatusUser\...\RunOnce: [nltide_2] - regsvr32 /s /n /i:U shell32

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {DA9BD144-37DB-4C47-9C2E-BB9104FFE825} URL = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms}
SearchScopes: HKCU - {DA9BD144-37DB-4C47-9C2E-BB9104FFE825} URL = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms}

CHR Extension: () - C:\DOCUME~1\kory\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\fbephpdejkehiohdhedkphnmphcoafdk\1

S4 ADExchange; 
S4 IntelIde; No ImagePath
S3 RT61; system32\DRIVERS\RT61.sys [x]
U1 WS2IFSL;
S2 zumbus; system32\DRIVERS\zumbus.sys [x]

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:0888F409
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:3440EB47
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:373E1720
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:66633281

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeBridge" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard" /f

Hosts:
CMD: shutdown /r /f /t 2
End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt

Re: SpyHunter

Napsal: 08 říj 2013 12:43
od kory
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 03-10-2013
Ran by kory at 2013-10-08 13:36:20 Run:1
Running from C:\Documents and Settings\kory\Plocha
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKU\Default User\...\RunOnce: [nltide_2] - regsvr32 /s /n /i:U shell32
HKU\LocalService\...\RunOnce: [nltide_2] - regsvr32 /s /n /i:U shell32
HKU\UpdatusUser\...\RunOnce: [nltide_2] - regsvr32 /s /n /i:U shell32

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... R}&ar=home
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {DA9BD144-37DB-4C47-9C2E-BB9104FFE825} URL = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms}
SearchScopes: HKCU - {DA9BD144-37DB-4C47-9C2E-BB9104FFE825} URL = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms}

CHR Extension: () - C:\DOCUME~1\kory\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\fbephpdejkehiohdhedkphnmphcoafdk\1

S4 ADExchange;
S4 IntelIde; No ImagePath
S3 RT61; system32\DRIVERS\RT61.sys [x]
U1 WS2IFSL;
S2 zumbus; system32\DRIVERS\zumbus.sys [x]

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:0888F409
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:3440EB47
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:373E1720
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:66633281

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeBridge" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard" /f

Hosts:
CMD: shutdown /r /f /t 2
End
*****************

HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 => Value deleted successfully.
HKU\LocalService\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 => Value deleted successfully.
HKU\UpdatusUser\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\SearchURL => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Bar => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DA9BD144-37DB-4C47-9C2E-BB9104FFE825} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{DA9BD144-37DB-4C47-9C2E-BB9104FFE825} => Key not found.
C:\DOCUME~1\kory\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\fbephpdejkehiohdhedkphnmphcoafdk => Moved successfully.
ADExchange => Service deleted successfully.
IntelIde => Service deleted successfully.
RT61 => Service deleted successfully.
WS2IFSL => Service deleted successfully.
zumbus => Service deleted successfully.
C:\Documents and Settings\All Users\Data aplikací\TEMP => ":0888F409" ADS removed successfully.
C:\Documents and Settings\All Users\Data aplikací\TEMP => ":3440EB47" ADS removed successfully.
C:\Documents and Settings\All Users\Data aplikací\TEMP => ":373E1720" ADS removed successfully.
C:\Documents and Settings\All Users\Data aplikací\TEMP => ":66633281" ADS removed successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeBridge" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard" /f =========


Operace byla dokončena úspěšně.


========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========


==== End of Fixlog ====

Re: SpyHunter

Napsal: 08 říj 2013 13:10
od vyosek
Uvodni stranka od SpyHunteru zmizela? Predpokladam ze asi ne :?:

Re: SpyHunter

Napsal: 08 říj 2013 18:34
od kory
ne nezmizela je to stejné

Re: SpyHunter

Napsal: 08 říj 2013 18:41
od vyosek
Mate instalacni CD od windows :???:

Re: SpyHunter

Napsal: 08 říj 2013 19:24
od kory
mám
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz