VIRY.CZ

Dobrý den. Nejde mi naistalovat žádný antivirus skoušel jsem Avast, Eset NoD 32, AVG.
Zde přikládám log z AdwCleaner:
# AdwCleaner v3.023 - Report created 07/04/2014 at 13:39:18
# Updated 01/04/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : GhostFaceKilla - GHOSTFACE
# Running from : C:\Documents and Settings\GhostFaceKilla\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : APNMCP

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\apn
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork
Folder Deleted : C:\Program Files\AskPartnerNetwork
Folder Deleted : C:\Documents and Settings\GhostFaceKilla\Local Settings\Data aplikací\genienext
Folder Deleted : C:\Documents and Settings\GhostFaceKilla\Local Settings\Data aplikací\Mobogenie
Folder Deleted : C:\Documents and Settings\GhostFaceKilla\Data aplikací\newnext.me
Folder Deleted : C:\Documents and Settings\GhostFaceKilla\Nabídka Start\Programy\Mobogenie

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Key Deleted : HKCU\Software\babe8364d0b44de2ea6e4bcccd70281e
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Documents and Settings\GhostFaceKilla\Plocha\torchlight-2-cz\Torchlight 2 CZ\tl2.runic.launcher.exe]
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\UpdateStar
Key Deleted : HKLM\Software\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Mobogenie

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Google Chrome v33.0.1750.154

[ File : C:\Documents and Settings\GhostFaceKilla\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2383 octets] - [07/04/2014 07:26:48]
AdwCleaner[R1].txt - [2443 octets] - [07/04/2014 13:35:52]
AdwCleaner[R2].txt - [2490 octets] - [07/04/2014 13:38:03]
AdwCleaner[S0].txt - [2467 octets] - [07/04/2014 13:39:18]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2527 octets] ##########

Vítám tě u nás

Stáhni zde - http://screen317.changelog.fr/SecurityCheck.exe
nebo zde - http://screen317.spywareinfoforum.org/SecurityCheck.exe
ulož na plochu a spusť - další informace v černém okně
až skončí, otevře se notepad - obsah zkopíruj do své odpovědi.
zavřením notepadu se ukončí i program.

Přidej log RSIT http://forum.viry.cz/viewtopic.php?f=13&t=130786

Security Check:
Results of screen317's Security Check version 0.99.81
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
FirewallEngine
`````````Anti-malware/Other Utilities Check:`````````
CCleaner
Java 7 Update 51
Adobe Flash Player 12.0.0.70
Adobe Reader XI
Google Chrome 33.0.1750.146
Google Chrome 33.0.1750.154
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C::
````````````````````End of Log``````````````````````

RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by GhostFaceKilla at 2014-04-07 14:45:31
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 74 GB (48%) free of 153 GB
Total RAM: 2807 MB (75% free)


======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cf48baa2ba7ca2.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files\Internet Download Manager\IDMIECC.dll [2014-02-03 401944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-03-04 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-03-04 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-07-28 19557480]
"AGEIA PhysX SysTray"=C:\Program Files\AGEIA Technologies\TrayIcon.exe [2006-09-08 339968]
"VNT"=C:\Program Files\VNT\vntldr.exe [2014-03-19 196048]
""= []
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2013-10-23 337432]
"MSStp"=C:\WINDOWS\system32\msstp.vbe [2014-01-13 1418]
"mncvsjelxSrv"=C:\WINDOWS\inf\mncvsjelx.vbe [2014-01-13 1338]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2014-01-10 1861968]
"Windows COM Host"=C:\{$1284-9213-2940-1289$}\comhost.exe [2014-02-07 297984]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2014-02-26 3814736]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-02-15 135168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-02-15 159744]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-02-15 131072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2010-01-16 717696]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2014-03-13 3829328]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-02-10 20922016]

C:\Documents and Settings\GhostFaceKilla\Nabídka Start\Programy\Po spuštění
Google.com.url

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-02-15 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\GhostFaceKilla\Data aplikací\.creativeportal\jre\bin\javaw.exe"="C:\Documents and Settings\GhostFaceKilla\Data aplikací\.creativeportal\jre\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre7\bin\javaw.exe"="C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Documents and Settings\GhostFaceKilla\Data aplikací\uTorrent\utorrent.exe"="C:\Documents and Settings\GhostFaceKilla\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\EA Games\Battlefield Play4Free\BFP4f.exe"="C:\Program Files\EA Games\Battlefield Play4Free\BFP4f.exe:*:Enabled:BFP4f Application"
"C:\Program Files\EA Games\Battlefield 2 Demo\Bf2_w32ded.exe"="C:\Program Files\EA Games\Battlefield 2 Demo\Bf2_w32ded.exe:*:Enabled:Bf2_w32ded"
"C:\Program Files\EA Games\Battlefield Heroes\BFHeroes.exe"="C:\Program Files\EA Games\Battlefield Heroes\BFHeroes.exe:*:Enabled:Battlefield Heroes"
"C:\Program Files\Battlefield Vietnam CZ\BfVietnam.exe"="C:\Program Files\Battlefield Vietnam CZ\BfVietnam.exe:*:Enabled:BfVietnam"
"C:\Games\tf2\hl2.exe"="C:\Games\tf2\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.EXE"="C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.EXE:*:Enabled:GRAW"
"C:\Documents and Settings\GhostFaceKilla\Dokumenty\Downloads\team\Team Fortress 2\hl2.exe"="C:\Documents and Settings\GhostFaceKilla\Dokumenty\Downloads\team\Team Fortress 2\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Games\CS Source 2013\hl2.exe"="C:\Games\CS Source 2013\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\SteamApps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe"="C:\Program Files\Steam\SteamApps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe:*:Enabled:Sanctum 2"
"C:\Documents and Settings\GhostFaceKilla\Dokumenty\Downloads\Garrys.Mod.13.v163\Garrys.Mod.13.v163\Garry's Mod\hl2.exe"="C:\Documents and Settings\GhostFaceKilla\Dokumenty\Downloads\Garrys.Mod.13.v163\Garrys.Mod.13.v163\Garry's Mod\hl2.exe:*:Enabled:hl2"
"C:\Documents and Settings\GhostFaceKilla\Dokumenty\Downloads\Garrys.Mod.v13.12.06.Fixed\Garrys.Mod.v13.12.06.Fixed\Garry's Mod\garrysmod.exe"="C:\Documents and Settings\GhostFaceKilla\Dokumenty\Downloads\Garrys.Mod.v13.12.06.Fixed\Garrys.Mod.v13.12.06.Fixed\Garry's Mod\garrysmod.exe:*:Enabled:garrysmod"
"C:\Documents and Settings\GhostFaceKilla\Dokumenty\Downloads\Garrys.Mod.v13.12.06.Fixed\Garrys.Mod.v13.12.06.Fixed\Garry's Mod\hl2.exe"="C:\Documents and Settings\GhostFaceKilla\Dokumenty\Downloads\Garrys.Mod.v13.12.06.Fixed\Garrys.Mod.v13.12.06.Fixed\Garry's Mod\hl2.exe:*:Enabled:hl2"
"C:\Documents and Settings\GhostFaceKilla\Dokumenty\Downloads\vb_demo\F3.exe"="C:\Documents and Settings\GhostFaceKilla\Dokumenty\Downloads\vb_demo\F3.exe:*:Enabled:F3"
"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe"="C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)"
"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe"="C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)"
"C:\Documents and Settings\GhostFaceKilla\Local Settings\Temp\server.exe"="C:\Documents and Settings\GhostFaceKilla\Local Settings\Temp\server.exe:*:Enabled:server.exe"
"C:\Documents and Settings\GhostFaceKilla\Dokumenty\Downloads\Live For Speed 0.6 B + Unlocker\Live For Speed 0.6 B + Unlock\LFS.exe"="C:\Documents and Settings\GhostFaceKilla\Dokumenty\Downloads\Live For Speed 0.6 B + Unlocker\Live For Speed 0.6 B + Unlock\LFS.exe:*:Enabled:LFS"
"C:\Program Files\Knights Of The Temple\Templar.exe"="C:\Program Files\Knights Of The Temple\Templar.exe:*:Enabled:Templar"
"C:\Program Files\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe"="C:\Program Files\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe:*:Enabled:Cry of Fear"
"C:\Program Files\GameforgeLive\gfl_client.exe"="C:\Program Files\GameforgeLive\gfl_client.exe:*:Enabled:Gameforge Live"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Java\jre7\bin\java.exe"="C:\Program Files\Java\jre7\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Boiling Point\XENUS.EXE"="C:\Program Files\Boiling Point\XENUS.EXE:*:Enabled:XENUS"
"C:\Documents and Settings\GhostFaceKilla\Plocha\Boiling Point\XENUS.EXE"="C:\Documents and Settings\GhostFaceKilla\Plocha\Boiling Point\XENUS.EXE:*:Enabled:XENUS"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\TeamViewer\Version9\TeamViewer.exe"="C:\Program Files\TeamViewer\Version9\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\PANDORA.TV\PanService\KMPProcess.exe"="C:\Program Files\PANDORA.TV\PanService\KMPProcess.exe:*:Enabled:KMPProcess"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe]
"Debugger="nsjw.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avguard.exe]
"Debugger="nsjw.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe]
"Debugger="nsjw.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdagent.exe]
"Debugger="nsjw.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccuac.exe]
"Debugger="nsjw.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ComboFix.exe]
"Debugger="nsjw.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe]
"Debugger="nsjw.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hijackthis.exe]
"Debugger="nsjw.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\keyscrambler.exe]
"Debugger="nsjw.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mbam.exe]
"Debugger="nsjw.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpCmdRun.exe]
"Debugger="nsjw.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MSASCui.exe]
"Debugger="nsjw.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MsMpEng.exe]
"Debugger="nsjw.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msseces.exe]
"Debugger="nsjw.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spybotsd.exe]
"Debugger="nsjw.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wireshark.exe]
"Debugger="nsjw.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zlclient.exe]
"Debugger="nsjw.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv

======List of files/folders created in the last 1 month======

2014-04-07 14:45:31 ----D---- C:\rsit
2014-04-07 14:45:31 ----D---- C:\Program Files\trend micro
2014-04-07 14:33:05 ----D---- C:\WINDOWS\LastGood
2014-04-07 14:20:58 ----D---- C:\Program Files\ESET
2014-04-07 07:26:45 ----D---- C:\AdwCleaner
2014-04-07 07:17:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2014-04-06 19:19:01 ----D---- C:\WINDOWS\pss
2014-04-06 08:53:53 ----D---- C:\Program Files\VID_0E8F&PID_0003
2014-04-06 08:53:51 ----D---- C:\Documents and Settings\GhostFaceKilla\Data aplikací\InstallShield
2014-04-02 19:40:08 ----H---- C:\Boot.BAK
2014-04-02 18:51:12 ----SHD---- C:\$RECYCLE.BIN
2014-04-02 18:28:31 ----RASH---- C:\BOOTSECT.BAK
2014-04-02 18:28:24 ----SHD---- C:\Boot
2014-04-01 19:51:44 ----D---- C:\Documents and Settings\GhostFaceKilla\Data aplikací\TeamViewer
2014-04-01 19:26:26 ----D---- C:\Documents and Settings\GhostFaceKilla\Data aplikací\SMRecorder
2014-04-01 19:25:34 ----D---- C:\Program Files\SMRecorder
2014-03-31 18:46:47 ----D---- C:\Documents and Settings\GhostFaceKilla\Data aplikací\mctitanpokemine4
2014-03-30 10:30:29 ----D---- C:\Program Files\EA GAMES
2014-03-30 10:30:23 ----A---- C:\debugInstaller.txt
2014-03-26 16:26:04 ----D---- C:\Documents and Settings\GhostFaceKilla\Data aplikací\runic games
2014-03-24 18:49:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\RELOADED
2014-03-23 20:51:52 ----A---- C:\WINDOWS\system32\drivers\rockusb.sys
2014-03-23 20:51:52 ----A---- C:\WINDOWS\system32\DriverCoInstaller.dll
2014-03-22 22:04:31 ----D---- C:\WINDOWS\WBEM
2014-03-22 22:03:49 ----HDC---- C:\WINDOWS\ie8
2014-03-22 21:52:12 ----D---- C:\119ad7180408a5e85a68
2014-03-22 21:31:14 ----D---- C:\Program Files\Common Files\Skype
2014-03-22 21:31:13 ----RD---- C:\Program Files\Skype
2014-03-21 15:32:11 ----A---- C:\WINDOWS\system32\drivers\lirsgt.sys
2014-03-21 15:32:11 ----A---- C:\WINDOWS\system32\drivers\atksgt.sys
2014-03-21 15:31:30 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2014-03-21 15:28:53 ----D---- C:\Program Files\Playlogic
2014-03-21 14:34:08 ----D---- C:\kunda
2014-03-20 12:57:58 ----D---- C:\Program Files\Baldur's Gate II Enhanced Edition
2014-03-18 20:25:19 ----D---- C:\Documents and Settings\GhostFaceKilla\Data aplikací\.StarMade
2014-03-17 14:46:53 ----D---- C:\fix
2014-03-15 16:47:06 ----D---- C:\Documents and Settings\GhostFaceKilla\Data aplikací\MCTitan172
2014-03-14 07:59:23 ----D---- C:\Program Files\LogMeIn Hamachi
2014-03-13 22:38:59 ----N---- C:\WINDOWS\system32\spmsg2.dll
2014-03-13 22:38:57 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2014-03-11 12:13:58 ----D---- C:\Program Files\JavaEmulator.com
2014-03-11 12:09:57 ----D---- C:\Program Files\Jar2Exe Wizard

======List of files/folders modified in the last 1 month======

2014-04-07 14:45:31 ----RD---- C:\Program Files
2014-04-07 14:45:30 ----A---- C:\Documents and Settings\GhostFaceKilla\Data aplikací\msconfig.ini
2014-04-07 14:44:07 ----HD---- C:\WINDOWS\inf
2014-04-07 14:44:07 ----HD---- C:\WINDOWS\$hf_mig$
2014-04-07 14:44:07 ----D---- C:\WINDOWS
2014-04-07 14:33:04 ----D---- C:\WINDOWS\system32\CatRoot2
2014-04-07 14:11:15 ----SHD---- C:\WINDOWS\Installer
2014-04-07 14:06:07 ----D---- C:\Program Files\Common Files
2014-04-07 13:50:39 ----D---- C:\WINDOWS\Temp
2014-04-07 13:42:40 ----D---- C:\Documents and Settings\GhostFaceKilla\Data aplikací\Skype
2014-04-07 06:44:01 ----D---- C:\Documents and Settings\GhostFaceKilla\Data aplikací\IDM
2014-04-06 20:57:16 ----D---- C:\Program Files\The KMPlayer
2014-04-06 19:15:55 ----D---- C:\Documents and Settings\GhostFaceKilla\Data aplikací\uTorrent
2014-04-06 19:15:55 ----D---- C:\Documents and Settings\GhostFaceKilla\Data aplikací\DAEMON Tools Lite
2014-04-06 08:53:53 ----HD---- C:\Program Files\InstallShield Installation Information
2014-04-03 13:40:16 ----D---- C:\Documents and Settings\GhostFaceKilla\Data aplikací\DMCache
2014-04-02 19:40:08 ----RSH---- C:\boot.ini
2014-04-02 18:03:55 ----D---- C:\WINDOWS\system32
2014-04-02 18:03:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-02 15:26:08 ----D---- C:\Documents and Settings\GhostFaceKilla\Data aplikací\TS3Client
2014-04-02 15:05:24 ----D---- C:\Program Files\VNT
2014-04-01 19:25:45 ----D---- C:\WINDOWS\WinSxS
2014-03-31 21:05:55 ----D---- C:\Documents and Settings\GhostFaceKilla\Data aplikací\Mc Titan FTB
2014-03-30 19:36:54 ----D---- C:\Documents and Settings\GhostFaceKilla\Data aplikací\.minecraft
2014-03-30 19:13:26 ----SD---- C:\Documents and Settings\GhostFaceKilla\Data aplikací\Microsoft
2014-03-29 17:45:31 ----A---- C:\WINDOWS\system.ini
2014-03-26 08:14:24 ----SD---- C:\WINDOWS\Tasks
2014-03-25 22:45:55 ----D---- C:\LFS
2014-03-23 21:42:00 ----D---- C:\WINDOWS\system32\drivers
2014-03-22 22:07:40 ----D---- C:\WINDOWS\system32\cs-cz
2014-03-22 22:07:39 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-03-22 22:07:39 ----D---- C:\WINDOWS\Help
2014-03-22 22:07:39 ----D---- C:\Program Files\Internet Explorer
2014-03-22 22:04:40 ----D---- C:\WINDOWS\system32\config
2014-03-22 22:04:25 ----D---- C:\WINDOWS\Media
2014-03-22 21:31:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2014-03-22 09:42:47 ----D---- C:\Fraps
2014-03-21 15:32:08 ----RSD---- C:\WINDOWS\assembly
2014-03-21 15:31:55 ----D---- C:\WINDOWS\system32\DirectX
2014-03-21 15:31:44 ----D---- C:\Program Files\AGEIA Technologies
2014-03-21 15:31:43 ----D---- C:\WINDOWS\system32\ageia
2014-03-19 16:56:18 ----D---- C:\Program Files\SystemRequirementsLab
2014-03-13 23:24:31 ----D---- C:\WINDOWS\Microsoft.NET
2014-03-13 22:02:01 ----D---- C:\Program Files\Electronic Arts
2014-03-13 22:00:26 ----D---- C:\Games
2014-03-13 20:21:15 ----D---- C:\Program Files\Internet Download Manager
2014-03-13 17:27:43 ----D---- C:\Program Files\Postal2
2014-03-13 17:27:27 ----D---- C:\Program Files\Nidhogg

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-04-08 70400]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2003-09-06 6944]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2012-12-29 24184]
R1 bdftdif;bdftdif; \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdftdif.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2014-01-11 243128]
R1 IDMTDI;IDMTDI; C:\WINDOWS\system32\DRIVERS\idmtdi.sys [2013-11-28 121184]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-04-08 54272]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2013-10-23 114376]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2014-03-21 271360]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2014-03-21 18048]
R2 litsgt;litsgt; C:\WINDOWS\system32\DRIVERS\litsgt.sys [2014-02-05 137344]
R2 tansgt;tansgt; C:\WINDOWS\system32\DRIVERS\tansgt.sys [2014-02-05 12032]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-02-16 160256]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service; \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfndisf.sys []
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-15 5854752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-07-28 6108776]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 gzflt;gzflt; \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\gzflt.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 Rockusb;Driver for Rockusb Device; C:\WINDOWS\system32\DRIVERS\rockusb.sys [2011-12-08 45040]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 Trufos;Trufos; C:\WINDOWS\system32\DRIVERS\Trufos.sys [2013-07-17 340624]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WinUSB;Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2009-07-13 34944]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2014-02-26 1678672]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-03-04 182696]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-02-26 375056]
R2 PanService;PandoraService; C:\Program Files\PANDORA.TV\PanService\KMPService.exe [2013-07-08 1922600]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2014-01-11 76888]
R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-03-25 4971840]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-20 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-24 257928]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-20 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------

Stáhni Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Ulož jej na plochu a spusť - zobrazí se licenční podminky -> start libovolnou klávesou.
Bude vytvořena záloha a proběhne skenování.
Vyskočí log (nebo je uložen zde c:\JRT jako JRT.txt) - zkopíruj jej sem

Stáhni AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Ulož nejlépe na plochu -> ukonči všechny programy -> spusť AdwCleaner -> klikni na Scan po dokončení na Clean
bude provedena oprava, restartuje se - (případně restartuj) a vypadne log C:\AdwCleaner\AdwCleaner[S?].txt , jeho obsah vložíš sem

vyosek píše: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Po spuštění do okna vlozte skript nize

  Kód: Vybrat vše

  srinfo;
  autoclean;
  emptyclsid;
  iedefaults;
  process;
  hijackthis;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Log bude zde C:\zoek-results.log

JRT log :
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by GhostFaceKilla on po 07.04.2014 at 17:22:16,49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 07.04.2014 at 17:26:50,19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


AdwCleaner log:
# AdwCleaner v3.023 - Report created 07/04/2014 at 17:29:33
# Updated 01/04/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : GhostFaceKilla - GHOSTFACE
# Running from : C:\Documents and Settings\GhostFaceKilla\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Google Chrome v33.0.1750.154

[ File : C:\Documents and Settings\GhostFaceKilla\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2383 octets] - [07/04/2014 07:26:48]
AdwCleaner[R1].txt - [2443 octets] - [07/04/2014 13:35:52]
AdwCleaner[R2].txt - [2490 octets] - [07/04/2014 13:38:03]
AdwCleaner[R3].txt - [1074 octets] - [07/04/2014 13:48:39]
AdwCleaner[R4].txt - [1135 octets] - [07/04/2014 17:28:16]
AdwCleaner[S0].txt - [2607 octets] - [07/04/2014 13:39:18]
AdwCleaner[S1].txt - [1057 octets] - [07/04/2014 17:29:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1117 octets] ##########


Zoek log:

Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by GhostFaceKilla on po 07.04.2014 at 17:33:32,89.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode No Internet Access Detected
Launched: C:\Documents and Settings\GhostFaceKilla\Plocha\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

7.4.2014 17:36:48 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AGEIA Technologies\TrayIcon.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Documents and Settings\GhostFaceKilla\Local Settings\Data aplikací\VNT\vntldr.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\{$1284-9213-2940-1289$}\comhost.exe
C:\Program Files\PANDORA.TV\PanService\KMPService.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files\PANDORA.TV\PanService\KMPProcess.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Documents and Settings\GhostFaceKilla\daemonprocess.txt deleted
C:\Documents and Settings\GhostFaceKilla\.android deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\Package Cache deleted
C:\DOCUME~1\GHOSTF~1\NABDKA~1\Programy\Internet Download Manager deleted
"C:\DOCUME~1\ALLUSE~1\DATAAP~1\27218346293184.exe" not deleted
"C:\Program Files\Internet Download Manager\idmmkb.dll" deleted
"C:\Program Files\Internet Download Manager\IDMNetMon.dll" deleted
"C:\Program Files\Internet Download Manager\IDMShellExt.dll" deleted
"C:\Program Files\Internet Download Manager\IEMonitor.exe" deleted
"C:\Program Files\Internet Download Manager" not deleted

======== System Restore Points ========

RP69: 5.2.2014 20:13:46 - Odstraněno Nosferatu
RP70: 5.2.2014 22:48:39 - Installed Asterix and Obelix XXL2
RP71: 6.2.2014 23:38:42 - Kontrolní bod systému
RP72: 9.2.2014 8:27:48 - Installed Morrowind
RP73: 9.2.2014 8:30:03 - Installed TES Construction Set
RP74: 9.2.2014 8:30:53 - Installed Tribunal
RP75: 9.2.2014 8:32:10 - Installed Bloodmoon
RP76: 11.2.2014 1:38:55 - Kontrolní bod systému
RP77: 12.2.2014 3:31:56 - Kontrolní bod systému
RP78: 12.2.2014 19:04:23 - Installed Microsoft Office Professional Plus 2010
RP79: 12.2.2014 19:13:52 - Je nainstalován ovladač tiskárny Send To Microsoft OneNote 2010
RP80: 12.2.2014 19:20:47 - Nainstalováno: Jazyk popisů ovládacích prvků systému Microsoft Office 2010 – čeština
RP81: 13.2.2014 23:05:03 - Kontrolní bod systému
RP82: 15.2.2014 11:09:20 - Removed Morrowind
RP83: 15.2.2014 11:25:01 - Installed Morrowind
RP84: 15.2.2014 11:30:42 - Installed TES Construction Set
RP85: 15.2.2014 11:37:19 - Installed Tribunal
RP86: 15.2.2014 11:40:57 - Installed Bloodmoon
RP87: 15.2.2014 17:04:11 - Removed Morrowind
RP88: 15.2.2014 18:56:31 - Installed Morrowind
RP89: 15.2.2014 19:00:13 - Removed TES Construction Set
RP90: 15.2.2014 19:01:20 - Removed Morrowind
RP91: 15.2.2014 19:07:35 - Installed Morrowind
RP92: 15.2.2014 19:10:59 - Installed TES Construction Set
RP93: 15.2.2014 19:11:42 - Installed Tribunal
RP94: 15.2.2014 19:13:01 - Installed Bloodmoon
RP95: 16.2.2014 13:26:49 - Removed Morrowind
RP96: 16.2.2014 13:28:11 - Installed Morrowind
RP97: 16.2.2014 13:30:39 - Removed TES Construction Set
RP98: 16.2.2014 13:31:46 - Removed Morrowind
RP99: 16.2.2014 13:32:32 - Installed Morrowind
RP100: 16.2.2014 13:34:43 - Installed TES Construction Set
RP101: 16.2.2014 13:35:54 - Removed Morrowind
RP102: 16.2.2014 13:40:41 - Installed Morrowind
RP103: 16.2.2014 13:42:47 - Installed TES Construction Set
RP104: 16.2.2014 13:43:16 - Installed Tribunal
RP105: 16.2.2014 13:45:04 - Installed Bloodmoon
RP106: 16.2.2014 14:06:55 - Removed Morrowind
RP107: 16.2.2014 14:10:05 - Installed Morrowind
RP108: 16.2.2014 14:12:26 - Installed TES Construction Set
RP109: 16.2.2014 14:13:49 - Installed Tribunal
RP110: 16.2.2014 14:15:24 - Installed Bloodmoon
RP111: 17.2.2014 14:17:06 - Kontrolní bod systému
RP112: 18.2.2014 14:20:26 - Kontrolní bod systému
RP113: 19.2.2014 14:31:52 - Kontrolní bod systému
RP114: 21.2.2014 1:06:58 - Kontrolní bod systému
RP115: 22.2.2014 6:11:36 - Kontrolní bod systému
RP116: 23.2.2014 6:35:39 - Kontrolní bod systému
RP117: 24.2.2014 8:46:56 - Kontrolní bod systému
RP118: 25.2.2014 15:45:06 - Kontrolní bod systému
RP119: 27.2.2014 14:42:45 - Kontrolní bod systému
RP120: 1.3.2014 1:25:20 - Kontrolní bod systému
RP121: 2.3.2014 6:50:33 - Kontrolní bod systému
RP122: 3.3.2014 8:40:16 - Kontrolní bod systému
RP123: 4.3.2014 9:27:48 - Kontrolní bod systému
RP124: 4.3.2014 16:50:48 - Nainstalováno: Mc Titan FTB
RP125: 4.3.2014 19:44:23 - Removed Java 7 Update 51
RP126: 4.3.2014 19:45:01 - Installed Java 7 Update 51
RP127: 5.3.2014 23:54:37 - Kontrolní bod systému
RP128: 6.3.2014 11:56:25 - Installed The Floor is Jelly
RP129: 7.4.2014 17:36:48 - zoek.exe restore point

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aaaaipkbmjkakicapiinmamgjlkaeehh - C:\Documents and Settings\All Users\Data aplikacˇ\AskPartnerNetwork\Toolbar\KMPV7\CRX\ToolbarCR.crx[]
jeaohhlajejodfjadcponpnjgkiikocn - C:\Program Files\Internet Download Manager\IDMGCExt.crx[]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.microsoft.com/isapi/redir.dl ... ar=msnhome"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.microsoft.com/isapi/redir.dl ... ar=msnhome"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1606980848-152049171-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_USERS\S-1-5-21-1606980848-152049171-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aaaaipkbmjkakicapiinmamgjlkaeehh deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jeaohhlajejodfjadcponpnjgkiikocn deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Internet Download Manager deleted successfully

Stáhni a nainstaluj MBAM zde http://www.bleepingcomputer.com/downloa ... i-malware/
"Sken hrozeb" - výsledek mi ukaž

edit: verze 2.0 má s WinXP problém proto zvol verzi 1.75
Spustit -> na 3.záložce "Aktualizace" -> Kontrola aktualizací (možná bude provedeno automaticky)
následně na 1.záložce "Kontrolor" -> Úplná kontrola -> Prohledat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení