VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu - vyskakovacie okná a pod.

https://forum.viry.cz:443/viewtopic.php?t=145393

Stránka 1 z 1

Prosím o kontrolu - vyskakovacie okná a pod.

Napsal: 26 črc 2015 17:29
od roki
Zdravím, na začiatok by som chcel zdôrazniť že sa nejedná o môj počítač.
Po spustení prehliadača (chrome, IE) sa zobrazujú rozne protivné vyskakovacie okná, sem tam aj presmeruje boh vie kam..


Logfile of random's system information tool 1.10 (written by random/random)
Run by Store at 2015-07-26 18:26:11
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 92 GB (39%) free of 238 GB
Total RAM: 2013 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:27:15, on 26.07.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\All Users\Application Data\IePluginServices\PluginService.exe
C:\Documents and Settings\All Users\Application Data\WindowsMangerProtect\ProtectWindowsManager.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Store\Local Settings\Application Data\helper king\helper_king_notification_service.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Documents and Settings\All Users\Application Data\421e43cc-ed79-4e60-91b6-5efd8c307dd0\maintainer.exe
c:\mysql\bin\mysqld-nt.exe
C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\PnkBstrA.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WebSpades\updateWebSpades.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe
C:\Program Files\AdFender\AdFender.exe
C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
C:\Program Files\WebSpades\bin\utilWebSpades.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\WebSpades\bin\WebSpades.expext.exe
C:\Program Files\WebSpades\bin\WebSpades.BrowserAdapter.exe
C:\Program Files\WebSpades\bin\WebSpades.PurBrowse.exe
D:\FILES\SETUP\OSE.EXE
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\share\FirefoxPortable\App\firefox\firefox.exe
C:\share\RSIT.exe
C:\Program Files\trend micro\Store.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts= ... 0018900189
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com/?fr=hp-ddc-bd&t ... syc_bd_com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts= ... 0018900189
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts= ... 0018900189
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R3 - URLSearchHook: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Documents and Settings\Store\Local Settings\Application Data\uTorrentControl_v2\prxtbuTo0.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: CrossriderApp0051390 - {11111111-1111-1111-1111-110511131190} - C:\Program Files\Torntv V9.0\Torntv V9.0-bho.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll
O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Documents and Settings\Store\Local Settings\Application Data\uTorrentControl_v2\prxtbuTo0.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: WebSpades 1.0.0.7 - {c919d8b2-11e4-43c7-a2c2-9294fd2c4106} - C:\Program Files\WebSpades\WebSpadesBHO.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Documents and Settings\Store\Local Settings\Application Data\uTorrentControl_v2\prxtbuTo0.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [TBHostSupport] "C:\WINDOWS\system32\Rundll32.exe" "C:\Documents and Settings\Store\Local Settings\Application Data\TBHostSupport\TBHostSupport_0.dll",DLLRunTBHostSupportPlugin
O4 - HKCU\..\Run: [APISupport] "C:\WINDOWS\system32\Rundll32.exe" "C:\Documents and Settings\Store\Local Settings\Application Data\TB\APISupport\APISupport.dll",DLLRunAPISupport
O4 - HKCU\..\Run: [Yahoo! Search] C:\Program Files\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: pripoj.lnk = C:\pripoj.bat
O4 - Global Startup: AdFender.lnk = C:\Program Files\AdFender\AdFender.exe
O4 - Global Startup: PHOTOfunSTUDIO HD Edition.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\SupTab\SEARCH~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\Documents and Settings\All Users\Application Data\IePluginServices\PluginService.exe
O23 - Service: MaintainerSvc3.62.8360938 - Unknown owner - C:\Documents and Settings\All Users\Application Data\421e43cc-ed79-4e60-91b6-5efd8c307dd0\maintainer.exe
O23 - Service: MySql - Unknown owner - c:\mysql\bin\mysqld-nt (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Update WebSpades - Unknown owner - C:\Program Files\WebSpades\updateWebSpades.exe
O23 - Service: Util WebSpades - Unknown owner - C:\Program Files\WebSpades\bin\utilWebSpades.exe
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\Documents and Settings\All Users\Application Data\WindowsMangerProtect\ProtectWindowsManager.exe

--
End of file - 11907 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Backup.job - C:\Tng_Backup\Backup.exe AUTO
C:\WINDOWS\tasks\CK_impMySQL.job - C:\Program Files\josal\CK_impMySQL\CK_impMySQL.exe
C:\WINDOWS\tasks\d0b6d37f-ae50-41ea-abd9-6aea8ca04343-1.job - C:\Program Files\Torntv V9.0\Torntv V9.0-codedownloader.exe /tXmRNJozj /BkEysK=task /FhlATiZ='Torntv V9.0' /YBvfqcD=51390 /NtGZE='001602' /YsoJB='0' /XZBmYJtZ='0' /FpRzft=2193E077864E4AD7B1A3B2F3A06A58E6IE /RsCzSHPIj=7d0ae06250abf5ed9378be77fc01e126 /XvcAS=1_34_06_10 /XULNPzFkr=1.34.6.10 /JQMoJs=1404139221 /LpujMNl=http://stats.democlientnet.com /yrsve=http://errors.democlientnet.com /GzaKgsZ=http://cr.install-daddy.com /HuoRJHY=opera /uGImq='Torntv V9.0' /OavAy=http://cr.install-daddy.com /rCmieM /TSndPTjZ='{"asw":[0, 321, 0]}' /VryOYXuD='http://update.democlientnet.com/ie_code ... pdate.json' /BkEysK='task' /AMkAUj=''
C:\WINDOWS\tasks\d0b6d37f-ae50-41ea-abd9-6aea8ca04343-11.job - C:\Program Files\Torntv V9.0\d0b6d37f-ae50-41ea-abd9-6aea8ca04343-11.exe /HpIMTze=hrzmSQ5UGLoc5KfJqp2RspPO3FrUztDQW00c0Ilv1nQj7KjsqqrUXIMv1orFMaYCRBVuRzjvMiMskaRqzlmX+qEdQzZTxNR526dqAENK6uxTwQaVc87d6GX7+mALsS5rudyK6uLjUsiLl5J/8Yseh0BIWPBD2/SwWN6gnx289n6007TVZG+GY/45ZXE1ZHc5kbXAnoSaq9f+vQJdWWKbPLWkJVJ6vkwKI9sn8tAy/pk/u5za973pbCtc9cuk+QwL2MeVtoyKOUWhg1EzhAuC1kH4sHVbhqTyRtVtc7wMJIaanxRZ/GAT8uwvZAK+JVs58GHn2mlkmj0Uwn+bo7eIfiwcGdlYpza7tZe4AZSV8KFkX0rfC9NDmAyff707pUy8D1kmAvaiLn4lgsQYtPhOgnpx1c/FiwtRYTyNlzrjvsycAdrckqRja1o7sFwgDf+nmoUsQ6ecs6Xd8FWtJQa4sjJEt+PpqJtDqwPr40c5v+GzANG5NYV1UeINPcEt2+RslnX4b2j55X8hNiUbjx9p0e5Tu105tN1WyWVTWApptm6y0EMWwjf/3YhaRld6teidSFqnhkGnKYkD95WlhDtVi4U5+baXg9qzf/zJCHeBcBQXLfPqbmVwX4Y/K3M3nJKWJ1vUHmeWmZIRctVpqTFmWPRxgwX7DfB/eOrGsSV9bjAE0oiOUnret6PZmN+DPp9uOrqQUpPFTbBYyrXxeaRAqXarK0/sQC2BqgjxJ0kZRdaMDeF4VS06eR/T1V1cqxGo8nxV1WyoM0CjPFNf+c9VsDzIGtiIK5C3oeGpNT+sZmHFAnYj0qGujbA3mi9w4/kbDt3Ky1aIZ/D+W+rYgsQ4Y6xEPnCv1iG/SpA1MvfE0XCjI7L+wLleYfuBnE7lbasKiaSX/mnUg1zfOpq2/8rO5j0s8/KRz05+4+60FkXMILHK7JGGZVqIqNXTwdfD824w8zUYW6YnFkwHstF8e03xAVnjJpin9r1kU5Ivh41zCMlhVLSRnIv/LSOkuZchhPAoXO1DYiSX6E8DoJ8og3xLuHI0qnDtxAh4WLx/JLRqRqsIvg79kuQQRU8aq8WCpRtvqdEnYCNR7T3uVTsfPMYSwphleiLNnOraFaHKeaQuT9xaLbTYtvQQQ1KJQAoe/exvbkawrsiGJs852kaaKfEF4k9yhNkZFhgqJaAIbWd3O39RNcQD/Q7W3NKeGpA9FFn3yazhr4WyCgeFleegaRI/83VRoKe3+INpFdDE6Ton/9+ELDDKnvxGnYuokYyxT0rYFtDUj2VK6vMbeYGVx/MCwJQp9aUh6jDYOJht1aHKUO7RNtG9nZhPTBmjHtDjG6+fFL+WFWsQb2NvFGQlsJjQiJAOlThzDlk4tqtvwXfbnbTGtJu9Y6FJ8tzB3MN5bZMrXbT0dfd3KjrUJ+72Kr//3hG4OZAPEvS6CsH1o5sANi0BLGsNsc09dx9L/cgJ9+qbI9IIdJu8xoXy67UT0eUHMLemZQMGEceqyaTj/+KPCPVyqThhC+W9bd1hjc9ZximJ
C:\WINDOWS\tasks\d0b6d37f-ae50-41ea-abd9-6aea8ca04343-2.job - C:\Program Files\Torntv V9.0\d0b6d37f-ae50-41ea-abd9-6aea8ca04343-2.exe /PQPXSC /FhlATiZ='Torntv V9.0' /YBvfqcD=51390 /NtGZE='001602' /YsoJB='0' /XZBmYJtZ='0' /FpRzft=2193E077864E4AD7B1A3B2F3A06A58E6IE /RsCzSHPIj=7d0ae06250abf5ed9378be77fc01e126 /XvcAS=1_34_06_10 /JQMoJs=1404139221 /LpujMNl=http://stats.democlientnet.com /yrsve=http://errors.democlientnet.com /gdoHLU=11111111-1111-1111-1111-110511131190 /HuoRJHY=opera /rCmieM /VryOYXuD='http://update.democlientnet.com/ie_enab ... pdate.json' /BkEysK='task' /AMkAUj=''
C:\WINDOWS\tasks\d0b6d37f-ae50-41ea-abd9-6aea8ca04343-4.job - C:\Program Files\Torntv V9.0\d0b6d37f-ae50-41ea-abd9-6aea8ca04343-4.exe /EUtnYs /FhlATiZ='Torntv V9.0' /LLWGQlaq='C:\Program Files\Torntv V9.0\51390.xpi' /YBvfqcD=51390 /NtGZE='001602' /YsoJB='0' /XZBmYJtZ='0' /FpRzft=2193E077864E4AD7B1A3B2F3A06A58E6IE /RsCzSHPIj=7d0ae06250abf5ed9378be77fc01e126 /XvcAS=1_34_06_10 /XULNPzFkr=1.34.6.10 /JQMoJs=1404139221 /LpujMNl=http://stats.democlientnet.com /yrsve=http://errors.democlientnet.com /EujpiMex=300 /WWIeWuqHY=5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com /RvbIiAigO=0.94 /znkMkjOqK=a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390 /osBrP=https://w9u6a2p6.ssl.hwcdn.net/plugin/f ... /51390.rdf /zSojPXMk='Torntv V9.0' /kcKUysOe='The must-have App extensions for Television fans! Watch free TV channels, live sports and more' /kmwbtoBq='installdaddy' /HuoRJHY=opera /TSndPTjZ='{"asw":[0, 321, 0]}' /rCmieM /mWOuLerk /WudHDDlkX /VryOYXuD='http://update.democlientnet.com/ff_agen ... pdate.json' /BkEysK='task' /AMkAUj=''
C:\WINDOWS\tasks\d0b6d37f-ae50-41ea-abd9-6aea8ca04343-5.job - C:\Program Files\Torntv V9.0\d0b6d37f-ae50-41ea-abd9-6aea8ca04343-5.exe /rawdata=sf8tEjaaMuIs9lwmxxF0VmyhiozjKmEtplWzguPZBDduwifpP8qMqo9SxMTabfxTDwY9NxYejCginFjCoSVa3chkhMLGD7uMx9uV8x+u9ElKi21SmC2L9ZszV6nkItljBJ9fIAqlENmvZZmIufaaX7ewNqti5H0XM61x4Au4Dda13ZLgSl4Yx1p4dX24u7p69TLeTL/TUB+3Ik9hE86IeeQAKqlU/EZcNWG5kKgnOrbl7lOdObgWStGUHAuLdA2M/yEhyKGSsRYDmClodarOIuhOQR4ngsWHRXD7USOmzDj8996eDThWRw4qqQeKwBavRvqT4VD2+Y9VgXNnldjnMKISxpzhThWBEQxvhSaj8D3ZTNzW21AnSwPMtLmaEA6WbYK+Nx1mcnf+k4jE7MJ1kKWZlMC4Ombf5hQVH3t0zedKpdCaoT+9ahXKGDQ059Dzry20mXQDlWSm2qpDoSWI82wV7smcsUNv2pC4/vWbim+U6ZNNnJsxCxJ8CkN80UYqgUVKcwV+yVFFas7FTCfm+dm3wrw3uip/E0gHjwpi26jpqzbjbFvbQcON8Xq6+HKd7zGMfNxAOlKwQeS8k2a4oVHdfQCmDgHvn9CdZ0N8aEx3JudjEUMXd0k2/6pSGz+dR8FalrrzvbiDC3gYxoLGuF/xDhAU2D2w8UR3ZwKQ/y4x2w3lOgL9YjSEk0z/W7Kr/2n0WEi/Q5CXQbhSlr3qa4SY3g9pHkhUAoTCmw41qL/OIk0oiU5e4qmRcIvWlCrfRc4VFuQ9rpZzFy6LjYHvnXrNPIBWDfbL4OtPcKmGvYLF++zuKRRALYcF8H7mWyzXB3pVBIuct0fd6o1ekFG8Zg==
C:\WINDOWS\tasks\d0b6d37f-ae50-41ea-abd9-6aea8ca04343-6.job - C:\Program Files\Torntv V9.0\Torntv V9.0-nova.exe /rawdata=lHhGCpl0ev7FeDuZ7YaZPOLl/UQWcmcfpmsDXZQrsI1hFcDPCNqW6zZT8TlOvV0cgDsg/TYWPktShjbrswxLVMNPahs2t8fjEQq7yN+qcJga6QNnqeIRZksIrRDR1lz7vStZY4813gRb7CUCmniNH2DZ+F1Jvf5XxBYFDTgUkV5fSSouJy5bFzol3dsUNsFOZT2Nq7KR5N9h6dHTZcUywkn95xHicR/ebYu3E0aWhOZ5XaS5p1WieyQmRUSnp6K0YjjVusPIM0aLVf+GhxjRG8HRad2i0gDS/PmRNnYdpoURBSZLIVH1Spt/zEUZJ4E7dOCMLDTGGsPXrmmVeXQ5hrmZGTXg7/HjYaHUChuH/VgAcIU2JptTv8VspTDeAFAfA18gg6PUv+typHEcWKx4tZNV0ZOFfvEMFRLZL9zErTCVAc3fAMkcrHtBopTCoB2IWqjrq4JQbgufPhNpmWWV8P6Qc0yAQc8A8PAtm1uGPAWDGk31T7pmjMtOfKc0xlXaK7JZg7oGBnegJfsV2XkTfc4HW3Dl3OAI5fZ8tIrljVDyj2c3ngQE+V437vLOWeuIx5UUTtqG8h9PoQ1h7oorXAHBT4usQ7lfbcnDW4EMXF60nZo1e2pcY0tY/3tnBRTXMS+zyX/D2vzW59HkRRMaISxja68DNVrW/BhP9LNdBmBav6gFOMqv2GDbUJ/oTeteDOrAmUUiIr7vTPK403opNHUcaAXJPH8xGwwopWWwcRcrYFiwYpbtK8QslNRyMxXz2HSJHDg21YBihWKkhMbNC8c0Hly1CaVUY4KbxHnKlx4gcLKv2m7YhXu50F3ha9S3CNvsqhhZulpbC8PTucNcEy1tJvE/Rl/GAQxQqQof0MhL+v4NOMjYFOGOZxD3bUAY+nNkFUPtF6AxsOcCDBxoUCMMs9H22odQFGRDFxV4UGdaCj809t7pQqS9YSR1XZTAZD23n92BXd6FPON6xfeCV/1fL8dfrslYgIVlNnpTTUEGiqtOrVEdLPumw7QdFTm1fuwJRZyKqA8M9gpRKOIDhZo+EcbBLdQUjIfe8JgZYssqBSHONy74MJTD9JjdXPURafaFKddQ67bugO71mziqvb7jfObcVrHJInwMPnflIis6wMXrsLR7fg2ruGOIKvDasnnX/Q83vu2rBVUj8+CmmWloUWPbnpwU+XOE0IWlAMM=
C:\WINDOWS\tasks\d0b6d37f-ae50-41ea-abd9-6aea8ca04343-7.job - C:\Program Files\Torntv V9.0\Torntv V9.0-nova.exe /FhlATiZ='Torntv V9.0' /YBvfqcD=51390 /NtGZE='001602' /YsoJB='0' /XZBmYJtZ='0' /FpRzft=2193E077864E4AD7B1A3B2F3A06A58E6IE /RsCzSHPIj=7d0ae06250abf5ed9378be77fc01e126 /XvcAS=1_34_06_10 /XULNPzFkr=1.34.6.10 /JQMoJs=1404139221 /LpujMNl=http://stats.democlientnet.com /yrsve=http://errors.democlientnet.com /GzaKgsZ=http://cr.install-daddy.com /HuoRJHY=opera /sbHswmaUB /uGImq=Torntv V9.0 /pHSKS='nova' /OavAy=http://cr.install-daddy.com /TSndPTjZ='{"asw":[0, 321, 0]}' /VryOYXuD='http://update.democlientnet.com/novarun ... pdate.json' /BkEysK='task' /AMkAUj=''
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\helper_king_notification_service.job - C:\Documents and Settings\Store\Local Settings\Application Data\helper king\helper_king_notification_service.exe /url='http://cdn.selectbestopt.com/notf_sys/index.html' /crregname='helper king' /appid='73143' /srcid='2913' /bic='0aded6e7c1d3fab7f8abcd38717a6196' /verifier='9b3d034bfe3f1f787933b1d602462136' /installerversion='1.50.3.10' /statsdomain='http://stats.buildomserv.com/data.gif?' /errorsdomain='http://stats.buildomserv.com/data.gif?' /monetizationdomain='http://logs.buildomserv.com/monetization.gif?' /installationtime='1428331528' /runfrom='task' /brwtype='notbg' /postponedhours='6'
C:\WINDOWS\tasks\helper_king_updating_service.job - C:\Documents and Settings\Store\Local Settings\Application Data\helper king\helper_king_updating_service.exe /campid=2913 /verid=1 /url=http://cdn.buildomserv.com/txt/@CAMPID@/@VER@/file.txt /appid=73143 /taskname=helper_king_updating_service /funurl=http://stats.buildomserv.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511131190}]
Torntv V9.0 - C:\Program Files\Torntv V9.0\Torntv V9.0-bho.dll [2014-06-30 609664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
IETabPage Class - C:\Program Files\SupTab\SupTab.dll [2014-05-08 513648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
uTorrentControl_v2 Toolbar - C:\Documents and Settings\Store\Local Settings\Application Data\uTorrentControl_v2\prxtbuTo0.dll [2014-04-10 423744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-26 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c919d8b2-11e4-43c7-a2c2-9294fd2c4106}]
WebSpades 1.0.0.7 - C:\Program Files\WebSpades\WebSpadesBHO.dll [2015-02-07 269040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7473b6bd-4691-4744-a82b-7854eb3d70b6} - uTorrentControl_v2 Toolbar - C:\Documents and Settings\Store\Local Settings\Application Data\uTorrentControl_v2\prxtbuTo0.dll [2014-04-10 423744]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-26 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-07-20 18670592]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-08-21 141336]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-08-21 173592]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-08-21 142872]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"WrtMon.exe"=C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe [2007-07-18 20480]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2012-05-29 115032]
"Sweetpacks Communicator"=C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-08-15 231768]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2012-02-02 1987976]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-11-07 39408]
"DAEMON Tools Pro Agent"=C:\Program Files\DAEMON Tools Pro\DTAgent.exe [2012-10-23 3108480]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-04-19 18678376]
"TBHostSupport"=C:\Documents and Settings\Store\Local Settings\Application Data\TBHostSupport\TBHostSupport_0.dll [2013-12-23 480032]
"APISupport"=C:\Documents and Settings\Store\Local Settings\Application Data\TB\APISupport\APISupport.dll [2015-07-07 1045312]
"Yahoo! Search"=C:\Program Files\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe [2015-04-03 644352]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
AdFender.lnk - C:\Program Files\AdFender\AdFender.exe
PHOTOfunSTUDIO HD Edition.lnk - C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe

C:\Documents and Settings\Store\Start Menu\Programs\Startup
pripoj.lnk - C:\pripoj.bat

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\SupTab\SEARCH~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-08-14 206848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x91000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe"="C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\Program Files\FIFA 12\Game\fifa.exe"="C:\Program Files\FIFA 12\Game\fifa.exe:*:Disabled:FIFA 12"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\TornTV.com\TornTV Downloader.exe"="C:\Program Files\TornTV.com\TornTV Downloader.exe:*:Disabled:TorntvDownloader"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\PANDORA.TV\PanService\PandoraService.exe"="C:\Program Files\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2015-07-26 18:26:12 ----D---- C:\Program Files\trend micro
2015-07-26 18:26:11 ----D---- C:\rsit
2015-07-26 18:23:11 ----D---- C:\share
2015-07-26 17:53:18 ----D---- C:\Program Files\Speccy
2015-07-26 17:52:59 ----A---- C:\spsetup128.exe
2015-07-26 17:49:31 ----A---- C:\SysSpec.exe

======List of files/folders modified in the last 1 month======

2015-07-26 18:26:12 ----RD---- C:\Program Files
2015-07-26 18:19:53 ----D---- C:\WINDOWS\Temp
2015-07-26 18:19:05 ----D---- C:\WINDOWS\system32
2015-07-26 18:19:05 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-26 18:17:45 ----D---- C:\WINDOWS\system32\CatRoot2
2015-07-26 18:17:14 ----D---- C:\WINDOWS\system
2015-07-26 18:17:14 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-07-26 18:16:55 ----A---- C:\WINDOWS\win.ini
2015-07-26 18:16:54 ----D---- C:\Program Files\WebSpades
2015-07-26 18:16:43 ----SHD---- C:\WINDOWS\Installer
2015-07-26 18:16:39 ----D---- C:\WINDOWS\Prefetch
2015-07-26 18:15:25 ----D---- C:\Documents and Settings\Store\Application Data\Skype
2015-07-26 18:12:32 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-07-26 17:43:55 ----SD---- C:\WINDOWS\Tasks
2015-07-26 17:35:11 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-07-26 17:02:50 ----D---- C:\Documents and Settings\Store\Application Data\uTorrent
2015-07-26 17:00:24 ----D---- C:\ARCHIV
2015-07-26 17:00:24 ----AD---- C:\Tng_Backup
2015-07-26 16:57:29 ----D---- C:\Documents and Settings\Store\Application Data\PriceGong
2015-07-26 16:51:42 ----D---- C:\Program Files\Common Files
2015-07-26 16:49:55 ----D---- C:\Documents and Settings\All Users\Application Data\421e43cc-ed79-4e60-91b6-5efd8c307dd0
2015-07-12 21:50:58 ----D---- C:\Program Files\Opera
2015-07-12 21:50:50 ----D---- C:\Documents and Settings\Store\Application Data\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 {2635ac50-5488-40bf-9bfd-accb158f8f3f}t;{2635ac50-5488-40bf-9bfd-accb158f8f3f}t; C:\WINDOWS\system32\drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}t.sys [2014-06-26 55232]
R1 {491d7eff-4c48-4a10-82e4-166521125466}t;{491d7eff-4c48-4a10-82e4-166521125466}t; C:\WINDOWS\system32\drivers\{491d7eff-4c48-4a10-82e4-166521125466}t.sys [2014-11-30 55872]
R1 {ed7eb956-75ed-460d-8f69-29a93b07afd1}t;{ed7eb956-75ed-460d-8f69-29a93b07afd1}t; C:\WINDOWS\system32\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}t.sys [2014-07-14 55232]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-10-24 242240]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2012-10-24 25280]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-08-14 6317216]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-07-20 5795328]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-06-29 142592]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 dot4;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-14 206976]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-08-17 23808]
S3 FXDrv32;FXDrv32; \??\D:\FXDrv32.sys []
S3 HidBatt;HID UPS Battery Driver; C:\WINDOWS\system32\DRIVERS\HidBatt.sys [2008-04-14 20352]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\WINDOWS\system32\bgsvcgen.exe [2007-06-15 145504]
R2 IePluginServices;IePlugin Services; C:\Documents and Settings\All Users\Application Data\IePluginServices\PluginService.exe [2014-05-08 704112]
R2 MaintainerSvc3.62.8360938;MaintainerSvc3.62.8360938; C:\Documents and Settings\All Users\Application Data\421e43cc-ed79-4e60-91b6-5efd8c307dd0\maintainer.exe [2015-07-26 128240]
R2 MySql;MySql; c:\mysql\bin\mysqld-nt []
R2 PanService;PandoraService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2013-02-03 66872]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 Update WebSpades;Update WebSpades; C:\Program Files\WebSpades\updateWebSpades.exe [2015-07-26 474352]
R2 Util WebSpades;Util WebSpades; C:\Program Files\WebSpades\bin\utilWebSpades.exe [2015-07-26 474352]
R2 WindowsMangerProtect;WindowsMangerProtect Service; C:\Documents and Settings\All Users\Application Data\WindowsMangerProtect\ProtectWindowsManager.exe [2014-12-24 472064]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-06-30 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-02 107912]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2012-02-02 1373576]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-26 268976]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-06-30 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-02 107912]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-10-18 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

-----------------EOF-----------------

Re: Prosím o kontrolu - vyskakovacie okná a pod.

Napsal: 26 črc 2015 17:38
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Prosím o kontrolu - vyskakovacie okná a pod.

Napsal: 26 črc 2015 17:45
od roki
# AdwCleaner v4.208 - Logfile created 26/07/2015 at 18:41:59
# Updated 09/07/2015 by Xplode
# Database : 2015-07-26.2 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Store - PRIVIN001
# Running from : C:\Documents and Settings\Store\Desktop\adwcleaner_4.208.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
[#] Service Deleted : IePluginServices
[#] Service Deleted : PanService
[#] Service Deleted : WindowsMangerProtect
[#] Service Deleted : Update WebSpades
[#] Service Deleted : Util WebSpades
[#] Service Deleted : {2635ac50-5488-40bf-9bfd-accb158f8f3f}t
[#] Service Deleted : {491d7eff-4c48-4a10-82e4-166521125466}t
[#] Service Deleted : {ed7eb956-75ed-460d-8f69-29a93b07afd1}t
[#] Service Deleted : MaintainerSvc3.62.8360938

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\IBUpdaterService
Folder Deleted : C:\Documents and Settings\All Users\Application Data\IePluginServices
Folder Deleted : C:\Documents and Settings\All Users\Application Data\SweetIM
Folder Deleted : C:\Documents and Settings\All Users\Application Data\WindowsMangerProtect
Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\WinZipper
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Program Files\pay-by-ads
Folder Deleted : C:\Program Files\SupTab
Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\Program Files\Torntv V9.0
Folder Deleted : C:\Program Files\TornTV.com
Folder Deleted : C:\Program Files\WebSpades
Folder Deleted : C:\Program Files\WinZipper
Folder Deleted : C:\Program Files\PANDORA.TV
Folder Deleted : C:\Program Files\uTorrentControl_v2
Folder Deleted : C:\WINDOWS\Installer\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Folder Deleted : C:\WINDOWS\system32\WNLT
Folder Deleted : C:\DOCUME~1\Store\LOCALS~1\Temp\WebSpades
Folder Deleted : C:\DOCUME~1\Store\LOCALS~1\Temp\uTorrentControl_v2
Folder Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\globalUpdate
Folder Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\NativeMessaging
Folder Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\TBHostSupport
Folder Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Torntv V9.0
Folder Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\WhiteListing
Folder Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\TB\APISupport
Folder Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\helper king
Folder Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\uTorrentControl_v2
Folder Deleted : C:\Documents and Settings\Store\Application Data\pay-by-ads
Folder Deleted : C:\Documents and Settings\Store\Application Data\PerformerSoft
Folder Deleted : C:\Documents and Settings\Store\Application Data\PriceGong
Folder Deleted : C:\Documents and Settings\Store\Application Data\SupTab
Folder Deleted : C:\Documents and Settings\Store\Application Data\WinZipper
Folder Deleted : C:\Documents and Settings\Store\Start Menu\Programs\TornTV.com
[!] Folder Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
[!] Folder Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
[!] Folder Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
[!] Folder Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\becofaobcinoilkmebdbeojebncfepbl
[!] Folder Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh
[!] Folder Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx
[!] Folder Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\didlppefmhmoiaeemeffjchbieeghlan
Folder Deleted : C:\Documents and Settings\Store\Application Data\Opera Software\Opera Stable\Extensions\lmnbobhffedhdhfpcjkjphcfpeeiocdn
Folder Deleted : C:\Documents and Settings\Store\Application Data\Opera Software\Opera Stable\Extensions\becofaobcinoilkmebdbeojebncfepbl
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ejpbbhjlbipncjklfjjaedaieimbmdda_0.localstorage
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ejpbbhjlbipncjklfjjaedaieimbmdda_0.localstorage-journal
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\chrome-extension_ejpbbhjlbipncjklfjjaedaieimbmdda_0
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Extension Settings\ejpbbhjlbipncjklfjjaedaieimbmdda
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage-journal
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_becofaobcinoilkmebdbeojebncfepbl_0.localstorage
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_becofaobcinoilkmebdbeojebncfepbl_0.localstorage-journal
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Extension Settings\becofaobcinoilkmebdbeojebncfepbl
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_noajmlkipclmeolfcnflkjhijkigpfjh_0.localstorage
File Deleted : C:\WINDOWS\system32\roboot.exe
File Deleted : C:\WINDOWS\system32\drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}t.sys
File Deleted : C:\WINDOWS\system32\drivers\{491d7eff-4c48-4a10-82e4-166521125466}t.sys
File Deleted : C:\WINDOWS\system32\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}t.sys
File Deleted : C:\Documents and Settings\Store\Desktop\Search The Web.url
File Deleted : C:\Documents and Settings\Store\Desktop\sweetpcfix.url
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_isearch.omiga-plus.com_0.localstorage
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_isearch.omiga-plus.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.vaccint.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxps_facebook.conduitapps.com_0.localstorage
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxps_facebook.conduitapps.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxps_youtube.conduitapps.com_0.localstorage
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxps_youtube.conduitapps.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_adblock-plus-chrome.en.softonic.com_0.localstorage
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_adblock-plus-chrome.en.softonic.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_en.softonic.com_0.localstorage
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_en.softonic.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_opera.en.softonic.com_0.localstorage
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_opera.en.softonic.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_pricegong.conduitapps.com_0.localstorage
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_pricegong.conduitapps.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_q.search-simple.com_0.localstorage
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_q.search-simple.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_rts.dsrlte.com_0.localstorage
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_rts.dsrlte.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_searches.omiga-plus.com_0.localstorage
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_searches.omiga-plus.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_start.omiga-plus.com_0.localstorage
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_start.omiga-plus.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_www.babylon.com_0.localstorage
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_www.babylon.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_www.search.ask.com_0.localstorage
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_www.search.ask.com_0.localstorage-journal
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_youtube.conduitapps.com_0.localstorage
File Deleted : C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_youtube.conduitapps.com_0.localstorage-journal

***** [ Scheduled tasks ] *****

Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : helper_king_updating_service
Task Deleted : helper_king_notification_service
Task Deleted : d0b6d37f-ae50-41ea-abd9-6aea8ca04343-1
Task Deleted : d0b6d37f-ae50-41ea-abd9-6aea8ca04343-11
Task Deleted : d0b6d37f-ae50-41ea-abd9-6aea8ca04343-2
Task Deleted : d0b6d37f-ae50-41ea-abd9-6aea8ca04343-4
Task Deleted : d0b6d37f-ae50-41ea-abd9-6aea8ca04343-5
Task Deleted : d0b6d37f-ae50-41ea-abd9-6aea8ca04343-6
Task Deleted : d0b6d37f-ae50-41ea-abd9-6aea8ca04343-7

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Documents and Settings\Store\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Documents and Settings\Store\Start Menu\Programs\Accessories\System Tools\Internet Explorer (bez doplnkov).lnk
Shortcut Disinfected : C:\Documents and Settings\Store\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Documents and Settings\Store\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [APISupport]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [TBHostSupport]
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKCU\Software\Classes\keepmysearch
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update WebSpades
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util WebSpades
Key Deleted : HKLM\SOFTWARE\F60061BF-F02E-4433-9EEC-EF78DE3975DD
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051390.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051390.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051390.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051390.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511131190}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522132290}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{c919d8b2-11e4-43c7-a2c2-9294fd2c4106}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555135590}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566136690}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49E31EE4-051E-49D7-B77B-05462B1E91D3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544134490}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{43867d46-e907-46d4-94c0-b50abf479a59}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511131190}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c919d8b2-11e4-43c7-a2c2-9294fd2c4106}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511131190}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c919d8b2-11e4-43c7-a2c2-9294fd2c4106}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{c919d8b2-11e4-43c7-a2c2-9294fd2c4106}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110511131190}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F438E47B-9117-406D-A5B4-189BCD9B612A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2032D17F-7808-43C5-AAE0-B0837BF7C527}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{265af946-7157-4f6d-bd9a-3093a1f0296b}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33b51b04-93f2-41e6-a56a-9e9db1f8998f}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e2ea73de-f2d1-4918-a94a-cf9576398cb9}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EEE6C35D-6118-11DC-9C72-001320C79847}]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1562865E-D535-4CBE-8884-B538C5CC0BF9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DBF81336-8CFF-4D32-A944-D1D55DEED597}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe]
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\Crossrider
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\PriceGong
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\Tbccint_HKLM
Key Deleted : HKCU\Software\WebSpades
Key Deleted : HKCU\Software\uTorrentControl_v2
Key Deleted : HKCU\Software\Torntv V9.0
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\delta-homesSoftware
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\hdcode
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\omiga-plusSoftware
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\V9
Key Deleted : HKLM\SOFTWARE\WebSpades
Key Deleted : HKLM\SOFTWARE\Wpm
Key Deleted : HKLM\SOFTWARE\uTorrentControl_v2
Key Deleted : HKLM\SOFTWARE\Torntv V9.0
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c3e85ee9-5892-4142-b537-bceb3dac4c3d}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebSpades
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Torntv V9.0
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Yahoo! Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{c3e85ee9-5892-4142-b537-bceb3dac4c3d}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WebSpades
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\winzipper
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentControl_v2 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Torntv V9.0
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~1\SupTab\SEARCH~1.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\547B38670606DF14AA57B0BB83F3AE4D
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\547B38670606DF14AA57B0BB83F3AE4D
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\547B38670606DF14AA57B0BB83F3AE4D
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0

***** [ Web browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]

-\\ Google Chrome v44.0.2403.107

[C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1437927297&from=ild&uid=WDCXWD2500AAKS-61L9A0_WD-WCAV2M80018900189&q={searchTerms}
[C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences] - Deleted [Homepage] : hxxp://isearch.omiga-plus.com/?type=hppp&ts=1437927297&from=ild&uid=WDCXWD2500AAKS-61L9A0_WD-WCAV2M80018900189
[C:\Documents and Settings\Store\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences] - Deleted [Startup_URLs] : hxxp://isearch.omiga-plus.com/?type=hppp&ts=1437927297&from=ild&uid=WDCXWD2500AAKS-61L9A0_WD-WCAV2M80018900189

-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [49267 bytes] - [26/07/2015 18:40:59]
AdwCleaner[S0].txt - [46743 bytes] - [26/07/2015 18:41:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [46803 bytes] ##########

Re: Prosím o kontrolu - vyskakovacie okná a pod.

Napsal: 26 črc 2015 17:47
od Rudy
Dejte nový log RSIT.

Re: Prosím o kontrolu - vyskakovacie okná a pod.

Napsal: 26 črc 2015 17:52
od roki
Logfile of random's system information tool 1.10 (written by random/random)
Run by Store at 2015-07-26 18:52:17
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 92 GB (38%) free of 238 GB
Total RAM: 2013 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:52:32, on 26.07.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
C:\WINDOWS\system32\bgsvcgen.exe
c:\mysql\bin\mysqld-nt.exe
C:\WINDOWS\system32\PnkBstrA.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\share\FirefoxPortable\FirefoxPortable.exe
C:\share\FirefoxPortable\App\firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\share\RSIT.exe
C:\Program Files\trend micro\Store.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com/?fr=hp-ddc-bd&t ... syc_bd_com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Yahoo! Search] C:\Program Files\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: pripoj.lnk = C:\pripoj.bat
O4 - Global Startup: AdFender.lnk = C:\Program Files\AdFender\AdFender.exe
O4 - Global Startup: PHOTOfunSTUDIO HD Edition.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MySql - Unknown owner - c:\mysql\bin\mysqld-nt (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 5945 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Backup.job - C:\Tng_Backup\Backup.exe AUTO
C:\WINDOWS\tasks\CK_impMySQL.job - C:\Program Files\josal\CK_impMySQL\CK_impMySQL.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-26 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-26 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-07-20 18670592]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-08-21 141336]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-08-21 173592]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-08-21 142872]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"WrtMon.exe"=C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe [2007-07-18 20480]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2012-02-02 1987976]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-11-07 39408]
"DAEMON Tools Pro Agent"=C:\Program Files\DAEMON Tools Pro\DTAgent.exe [2012-10-23 3108480]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-04-19 18678376]
"Yahoo! Search"=C:\Program Files\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
AdFender.lnk - C:\Program Files\AdFender\AdFender.exe
PHOTOfunSTUDIO HD Edition.lnk - C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe

C:\Documents and Settings\Store\Start Menu\Programs\Startup
pripoj.lnk - C:\pripoj.bat

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-08-14 206848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x91000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\Program Files\FIFA 12\Game\fifa.exe"="C:\Program Files\FIFA 12\Game\fifa.exe:*:Disabled:FIFA 12"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\TornTV.com\TornTV Downloader.exe"="C:\Program Files\TornTV.com\TornTV Downloader.exe:*:Disabled:TorntvDownloader"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\PANDORA.TV\PanService\PandoraService.exe"="C:\Program Files\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2015-07-26 18:40:57 ----D---- C:\AdwCleaner
2015-07-26 18:26:12 ----D---- C:\Program Files\trend micro
2015-07-26 18:26:11 ----D---- C:\rsit
2015-07-26 18:23:11 ----D---- C:\share
2015-07-26 17:53:18 ----D---- C:\Program Files\Speccy
2015-07-26 17:52:59 ----A---- C:\spsetup128.exe
2015-07-26 17:49:31 ----A---- C:\SysSpec.exe

======List of files/folders modified in the last 1 month======

2015-07-26 18:48:32 ----D---- C:\WINDOWS\system32
2015-07-26 18:48:32 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-26 18:45:29 ----D---- C:\Documents and Settings\Store\Application Data\Skype
2015-07-26 18:44:52 ----SHD---- C:\WINDOWS\Installer
2015-07-26 18:44:52 ----D---- C:\WINDOWS\Temp
2015-07-26 18:44:24 ----D---- C:\Documents and Settings\Store\Application Data\Mozilla
2015-07-26 18:43:04 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-07-26 18:42:49 ----SD---- C:\WINDOWS\Tasks
2015-07-26 18:42:48 ----D---- C:\WINDOWS\system32\drivers
2015-07-26 18:42:24 ----RD---- C:\Program Files
2015-07-26 18:35:04 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-07-26 18:17:45 ----D---- C:\WINDOWS\system32\CatRoot2
2015-07-26 18:17:14 ----D---- C:\WINDOWS\system
2015-07-26 18:17:14 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-07-26 18:16:55 ----A---- C:\WINDOWS\win.ini
2015-07-26 18:16:39 ----D---- C:\WINDOWS\Prefetch
2015-07-26 17:02:50 ----D---- C:\Documents and Settings\Store\Application Data\uTorrent
2015-07-26 17:00:24 ----D---- C:\ARCHIV
2015-07-26 17:00:24 ----AD---- C:\Tng_Backup
2015-07-26 16:51:42 ----D---- C:\Program Files\Common Files
2015-07-26 16:49:55 ----D---- C:\Documents and Settings\All Users\Application Data\421e43cc-ed79-4e60-91b6-5efd8c307dd0
2015-07-12 21:50:58 ----D---- C:\Program Files\Opera
2015-07-12 21:50:50 ----D---- C:\Documents and Settings\Store\Application Data\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-10-24 242240]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2012-10-24 25280]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-08-14 6317216]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-07-20 5795328]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-06-29 142592]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 dot4;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-14 206976]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-08-17 23808]
S3 FXDrv32;FXDrv32; \??\D:\FXDrv32.sys []
S3 HidBatt;HID UPS Battery Driver; C:\WINDOWS\system32\DRIVERS\HidBatt.sys [2008-04-14 20352]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\WINDOWS\system32\bgsvcgen.exe [2007-06-15 145504]
R2 MySql;MySql; c:\mysql\bin\mysqld-nt []
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2013-02-03 66872]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-02 107912]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2012-02-02 1373576]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-26 268976]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-02 107912]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-10-18 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

-----------------EOF-----------------

Re: Prosím o kontrolu - vyskakovacie okná a pod.

Napsal: 26 črc 2015 19:14
od Rudy
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Program Files\Google\Google Toolbar
C:\Program Files\Google\GoogleToolbarNotifier
C:\Program Files\Pay-By-Ads
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=-
"Yahoo! Search"=-


:services
FXDrv32

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Re: Prosím o kontrolu - vyskakovacie okná a pod.

Napsal: 27 črc 2015 09:42
od roki
Logfile of random's system information tool 1.10 (written by random/random)
Run by Store at 2015-07-27 10:42:38
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 95 GB (40%) free of 238 GB
Total RAM: 2013 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:42:41, on 27.07.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
c:\mysql\bin\mysqld-nt.exe
C:\WINDOWS\system32\PnkBstrA.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Skype\Updater\Updater.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
C:\DOCUME~1\Store\LOCALS~1\Temp\ham6.tmp
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\share\FirefoxPortable\FirefoxPortable.exe
C:\share\FirefoxPortable\App\firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\share\RSIT.exe
C:\Program Files\trend micro\Store.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com/?fr=hp-ddc-bd&t ... syc_bd_com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: pripoj.lnk = C:\pripoj.bat
O4 - Global Startup: AdFender.lnk = C:\Program Files\AdFender\AdFender.exe
O4 - Global Startup: PHOTOfunSTUDIO HD Edition.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MySql - Unknown owner - c:\mysql\bin\mysqld-nt (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 5752 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Backup.job - C:\Tng_Backup\Backup.exe AUTO
C:\WINDOWS\tasks\CK_impMySQL.job - C:\Program Files\josal\CK_impMySQL\CK_impMySQL.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-07-20 18670592]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-08-21 141336]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-08-21 173592]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-08-21 142872]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"WrtMon.exe"=C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe [2007-07-18 20480]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2012-02-02 1987976]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Pro Agent"=C:\Program Files\DAEMON Tools Pro\DTAgent.exe [2012-10-23 3108480]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-04-19 18678376]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
AdFender.lnk - C:\Program Files\AdFender\AdFender.exe
PHOTOfunSTUDIO HD Edition.lnk - C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe

C:\Documents and Settings\Store\Start Menu\Programs\Startup
pripoj.lnk - C:\pripoj.bat

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-08-14 206848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x91000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\Program Files\FIFA 12\Game\fifa.exe"="C:\Program Files\FIFA 12\Game\fifa.exe:*:Disabled:FIFA 12"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\TornTV.com\TornTV Downloader.exe"="C:\Program Files\TornTV.com\TornTV Downloader.exe:*:Disabled:TorntvDownloader"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\PANDORA.TV\PanService\PandoraService.exe"="C:\Program Files\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2015-07-27 10:36:27 ----D---- C:\_OTM
2015-07-26 18:40:57 ----D---- C:\AdwCleaner
2015-07-26 18:26:12 ----D---- C:\Program Files\trend micro
2015-07-26 18:26:11 ----D---- C:\rsit
2015-07-26 18:23:11 ----D---- C:\share
2015-07-26 17:53:18 ----D---- C:\Program Files\Speccy
2015-07-26 17:52:59 ----A---- C:\spsetup128.exe
2015-07-26 17:49:31 ----A---- C:\SysSpec.exe

======List of files/folders modified in the last 1 month======

2015-07-27 10:41:59 ----D---- C:\Documents and Settings\Store\Application Data\Mozilla
2015-07-27 10:41:43 ----D---- C:\Documents and Settings\Store\Application Data\Skype
2015-07-27 10:41:17 ----SHD---- C:\WINDOWS\Installer
2015-07-27 10:41:17 ----D---- C:\WINDOWS\Temp
2015-07-27 10:39:55 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-07-27 10:39:38 ----D---- C:\WINDOWS\system32
2015-07-27 10:39:38 ----D---- C:\WINDOWS
2015-07-27 10:37:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-27 10:36:27 ----SD---- C:\WINDOWS\Tasks
2015-07-27 10:36:27 ----D---- C:\Program Files\Google
2015-07-27 10:33:41 ----D---- C:\WINDOWS\system32\CatRoot2
2015-07-26 18:42:48 ----D---- C:\WINDOWS\system32\drivers
2015-07-26 18:42:24 ----RD---- C:\Program Files
2015-07-26 18:35:04 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-07-26 18:17:14 ----D---- C:\WINDOWS\system
2015-07-26 18:17:14 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-07-26 18:16:55 ----A---- C:\WINDOWS\win.ini
2015-07-26 18:16:39 ----D---- C:\WINDOWS\Prefetch
2015-07-26 17:02:50 ----D---- C:\Documents and Settings\Store\Application Data\uTorrent
2015-07-26 17:00:24 ----D---- C:\ARCHIV
2015-07-26 17:00:24 ----AD---- C:\Tng_Backup
2015-07-26 16:51:42 ----D---- C:\Program Files\Common Files
2015-07-26 16:49:55 ----D---- C:\Documents and Settings\All Users\Application Data\421e43cc-ed79-4e60-91b6-5efd8c307dd0
2015-07-12 21:50:58 ----D---- C:\Program Files\Opera
2015-07-12 21:50:50 ----D---- C:\Documents and Settings\Store\Application Data\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-10-24 242240]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2012-10-24 25280]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-08-14 6317216]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-07-20 5795328]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-06-29 142592]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 dot4;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-14 206976]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-08-17 23808]
S3 HidBatt;HID UPS Battery Driver; C:\WINDOWS\system32\DRIVERS\HidBatt.sys [2008-04-14 20352]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\WINDOWS\system32\bgsvcgen.exe [2007-06-15 145504]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2012-02-02 1373576]
R2 MySql;MySql; c:\mysql\bin\mysqld-nt []
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2013-02-03 66872]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-02 107912]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-26 268976]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-02 107912]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-10-18 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

-----------------EOF-----------------

Re: Prosím o kontrolu - vyskakovacie okná a pod.

Napsal: 27 črc 2015 16:00
od Rudy
Dvouklikem na soubor C:\Program Files\trend micro\Store.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

Re: Prosím o kontrolu - vyskakovacie okná a pod.

Napsal: 27 črc 2015 17:19
od roki
All done captain
Ešte niečo? Vyskakovacie okná zmizli a iné problémy uź nevidím. Vyzerá to byť OK. :)

Mimochodom, pri štarte sa spúšta bat s nasledovným obsahom:

if exist c:\windows\system32\mprintui.dll copy c:\windows\system32\_print\printui.dll c:\windows\system32\printui.dll
if exist c:\windows\system32\mprintui.dll del c:\windows\system32\mprintui.dll
if not exist r:\pcr\ini.pcr net use r: \\pcr_ft_2132\c-drive
rem if not exist s:\pcr\ini.pcr net use s: \\pcr_ft_2131\c-drive

Je to tam ocividne od roku 2011 ale fakt neviem aký je účel toho.. a či to moze byt este relevantné.

Re: Prosím o kontrolu - vyskakovacie okná a pod.

Napsal: 27 črc 2015 17:24
od Rudy
Já nyslím, že ne. Zkuste tomu baťáku změnit příponu a vyzkoušejte, zda PC bude normálně fungovat. Pokud ano, smažte ho.

Re: Prosím o kontrolu - vyskakovacie okná a pod.

Napsal: 27 črc 2015 17:28
od roki
OK, díky moc za pomoc :thumbsup:
Máte odo mňa príspevok.

Re: Prosím o kontrolu - vyskakovacie okná a pod.

Napsal: 27 črc 2015 17:29
od Rudy
Za podporu děkujeme a nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz