Spomalený pc

[Timur]

Ahoj, moj problem je 99% vyuzitie cpu a tym padom pc seka atd. Za pomoc vopred dakujem tu je RSIT log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Vlado at 2015-07-31 10:12:47
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 9 GB (13%) free of 70 GB
Total RAM: 3071 MB (81% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:13:07, on 31. 7. 2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Vlado.VLADO\Dokumenty\Preberanie\RSIT.exe
C:\Program Files\trend micro\Vlado.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.shmu.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=;ftp=;https=;
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SmartRAM] "C:\Program Files\IObit\Advanced SystemCare 8\Suo10_SmartRAM.exe" /m
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\NLSSRV32.EXE
O23 - Service: NVIDIA Driver Helper Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 4456 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Vlado.VLADO\Data aplikací\Mozilla\Firefox\Profiles\ytcfc5de.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "shmu.sk"
prefs.js - "keyword.URL" - "https://search.yahoo.com/search?fr=gree ... =971163&p="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll

C:\Program Files\Mozilla Firefox\extensions\
{C8431CD2-C25A-45F3-BEA9-A9103C31409A}

C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npyaxmpb.dll
QuickTimePlugin.class

C:\Documents and Settings\Vlado.VLADO\Data aplikací\Mozilla\Firefox\Profiles\ytcfc5de.default\extensions\
iobitascsurfingprotection@iobit.com
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
{84bbe6bf-fea5-418f-9bed-2ee0d6f1fba0}

C:\Documents and Settings\Vlado.VLADO\Data aplikací\Mozilla\Firefox\Profiles\ytcfc5de.default\searchplugins\
askcom.xml
spamfreesearch.xml
yahoo_ff.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2015-07-08 5089480]
"nwiz"=nwiz.exe /install []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SmartRAM"=C:\Program Files\IObit\Advanced SystemCare 8\Suo10_SmartRAM.exe [2014-09-02 535840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Optimizer Pro]
[]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="wbsys.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WBSrv]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfetdi2k]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfetdi2k.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Call of Duty\CoDUOMP.exe"="C:\Program Files\Call of Duty\CoDUOMP.exe:*:Enabled:CoDUOMP"
"C:\Documents and Settings\Vlado\Local Settings\Data aplikací\AntikVirtualSTB\AntikVirtualSTB.exe"="C:\Documents and Settings\Vlado\Local Settings\Data aplikací\AntikVirtualSTB\AntikVirtualSTB.exe:*:Enabled:AntikVirtualSTB"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Call of Duty\CoDMP.exe"="C:\Program Files\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"C:\Documents and Settings\Vlado\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\Vlado\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\Real\RealUpgrade\realupgrade.exe"="C:\Program Files\Real\RealUpgrade\realupgrade.exe:*:Disabled:RealUpgrade Launcher "
"C:\Program Files\Weather Watcher\GetFile.exe"="C:\Program Files\Weather Watcher\GetFile.exe:*:Enabled:Weather Watcher Downloader"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Documents and Settings\Vlado.VLADO\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\Vlado.VLADO\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Documents and Settings\Vlado.VLADO\Local Settings\Data aplikací\AntikVirtualSTB\AntikVirtualSTB.exe"="C:\Documents and Settings\Vlado.VLADO\Local Settings\Data aplikací\AntikVirtualSTB\AntikVirtualSTB.exe:*:Enabled:AntikVirtualSTB"
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\ApexDC++\ApexDC.exe"="C:\Program Files\ApexDC++\ApexDC.exe:*:Enabled:ApexDC"
"C:\Documents and Settings\Vlado.VLADO\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe"="C:\Documents and Settings\Vlado.VLADO\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\7za.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aapt.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ActionCenterDownloader.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\adb.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AUpdate.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BEHelper.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\blindman.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BlueBirdInit.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Boost.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ChangeIcon.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DelMelTaskAndPower.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dl.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dpinst.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DriverBooster.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GameBooster.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gbtray.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GetFile.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Homepage.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IMF.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IMFBigUpgrade.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IMFsrv.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IMFTips.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IMF_ActionCenterDownloader.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\InstStat.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IObitCommunities.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IObitDownloader.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IWsIMF.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\LocalLang.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\maintenanceservice.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MakeSFX.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ManageMyMobile.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Promote.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ReProcess.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Scheduler.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDBootCD.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDCleaner.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDDelFile.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDDisableProxy.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDFiles.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDFileScanHelper.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDFSSvc.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDHelp.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDHookHelper.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDHookInst32.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDImmunize.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDInit.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDLogReport.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDOnAccess.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDPESetup.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDPEStart.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDPhoneScan.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDPRE.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDPrepPos.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDQuarantine.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDRootAlyzer.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDSBIEdit.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDScan.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDScript.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDSettings.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDShell.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDShred.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDSysRepair.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDTools.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDTray.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDUpdate.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDUpdSvc.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDWelcome.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDWSCSvc.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SendBugReport.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SendBugReportNew.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SetupHlp.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SetupSystemStart.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SmartDefrag.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SPSetup.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spybotsd2-install-bdcore-update.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spybotsd2-translation-esx.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spybotsd2-translation-frx.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spybotsd2-translation-hux2.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spybotsd2-translation-nlx2.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spybotsd2-translation-ukx.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TaskSchedule.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ww.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WWInstaller.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xcacls.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.XFR1"=xfcodec.dll
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2015-07-31 10:12:47 ----D---- C:\rsit
2015-07-31 10:12:47 ----D---- C:\Program Files\trend micro
2015-07-30 14:19:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2015-07-29 15:00:05 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2015-07-29 15:00:04 ----D---- C:\WINDOWS\system32\winrm
2015-07-29 15:00:04 ----D---- C:\WINDOWS\system32\GroupPolicy
2015-07-29 14:59:10 ----HDC---- C:\WINDOWS\$968930Uinstall_KB968930$
2015-07-29 14:59:06 ----D---- C:\WINDOWS\$NtUninstallKB968930$
2015-07-29 14:58:22 ----A---- C:\WINDOWS\imsins.BAK
2015-07-29 14:56:34 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
2015-07-29 13:35:42 ----D---- C:\Program Files\RAMRush
2015-07-14 15:29:08 ----A---- C:\WINDOWS\system32\drivers\epfwtdir.sys
2015-07-14 15:29:08 ----A---- C:\WINDOWS\system32\drivers\ehdrv.sys
2015-07-14 15:29:08 ----A---- C:\WINDOWS\system32\drivers\eamonm.sys

======List of files/folders modified in the last 1 month======

2015-07-31 10:12:47 ----RD---- C:\Program Files
2015-07-31 10:00:53 ----D---- C:\Program Files\Call of Duty
2015-07-31 09:42:05 ----D---- C:\WINDOWS\Temp
2015-07-31 09:41:36 ----AD---- C:\WINDOWS
2015-07-31 09:40:22 ----D---- C:\WINDOWS\system32\CatRoot2
2015-07-30 14:55:56 ----SHD---- C:\WINDOWS\Installer
2015-07-30 14:55:05 ----D---- C:\Documents and Settings
2015-07-30 14:53:43 ----D---- C:\WINDOWS\system32\drivers
2015-07-30 14:52:31 ----SD---- C:\WINDOWS\Downloaded Program Files
2015-07-30 14:20:19 ----HD---- C:\WINDOWS\inf
2015-07-30 14:19:08 ----D---- C:\Program Files\ESET
2015-07-30 11:05:59 ----D---- C:\Program Files\Folder Lock
2015-07-30 11:05:48 ----D---- C:\Documents and Settings\Vlado.VLADO\Data aplikací\vlc
2015-07-30 09:31:26 ----D---- C:\WINDOWS\SoftwareDistribution
2015-07-30 09:30:30 ----D---- C:\WINDOWS\system32\config
2015-07-30 09:30:29 ----D---- C:\WINDOWS\Debug
2015-07-29 15:31:47 ----D---- C:\WINDOWS\security
2015-07-29 15:24:48 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-07-29 15:24:46 ----D---- C:\WINDOWS\system32\Macromed
2015-07-29 15:17:40 ----SD---- C:\WINDOWS\Tasks
2015-07-29 15:04:38 ----D---- C:\WINDOWS\Microsoft.NET
2015-07-29 15:04:37 ----RSD---- C:\WINDOWS\assembly
2015-07-29 15:00:36 ----D---- C:\WINDOWS\Help
2015-07-29 15:00:34 ----D---- C:\WINDOWS\system32
2015-07-29 15:00:04 ----D---- C:\WINDOWS\system32\wbem
2015-07-29 14:42:02 ----D---- C:\Program Files\Alwil Software
2015-07-29 14:14:33 ----D---- C:\Documents and Settings\Vlado.VLADO\Data aplikací\ApexDC++
2015-07-29 14:08:02 ----A---- C:\WINDOWS\NeroDigital.ini
2015-07-29 13:49:50 ----SD---- C:\WINDOWS\system32\Microsoft
2015-07-29 13:05:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\ProductData
2015-07-29 13:02:41 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 a347bus;a347bus; C:\WINDOWS\system32\DRIVERS\a347bus.sys [2004-04-30 160640]
R0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [2004-04-30 5248]
R0 imagedrv;imagedrv; C:\WINDOWS\System32\Drivers\imagedrv.sys [2008-06-08 11304]
R0 imagesrv;imagesrv; C:\WINDOWS\system32\DRIVERS\imagesrv.sys [2008-06-08 132904]
R0 m5288;m5288; C:\WINDOWS\system32\DRIVERS\m5288.sys [2015-04-18 210304]
R0 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2015-04-23 648552]
R0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2014-06-04 15808]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2012-07-07 477240]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2014-12-24 36864]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2015-07-14 202704]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2015-07-14 144536]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2015-07-14 129544]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\system32\drivers\HWiNFO32.SYS []
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R2 windrvNT;windrvNT; \??\C:\WINDOWS\system32\windrvNT.sys []
R3 CamSuiteVAC;CamSuite Virtual Audio; C:\WINDOWS\system32\DRIVERS\CamSuiteVAC.sys [2008-09-20 37560]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-04-06 5912096]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2014-12-24 11059872]
R3 ULI5261XP;ULi M526X Ethernet NT Driver; C:\WINDOWS\system32\DRIVERS\ULILAN51.SYS [2005-03-22 28672]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys []
S0 reparse;Reparse; C:\WINDOWS\system32\DRIVERS\cbreparse.sys []
S1 SASKUTIL;SASKUTIL; C:\WINDOWS\system32\drivers\SASKUTIL.sys []
S2 CoachCap;FUJIFILM EX-10/EX-20 PC V1.00; C:\WINDOWS\system32\drivers\CoachCap.sys []
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; C:\WINDOWS\system32\drivers\Ad-Watch Connect Filter.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 CoachUsb;Coach Digital Camera on USB; C:\WINDOWS\system32\DRIVERS\CoachUsb.sys [2009-04-06 51392]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys [2011-07-26 20032]
S3 eapihdrv;eapihdrv; \??\C:\DOCUME~1\Vlado.VLADO\Local Settings\Temp\ehdrv.sys []
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-09-11 25280]
S3 mferkdet;McAfee Inc. mferkdet; C:\WINDOWS\system32\drivers\mferkdet.sys [2015-04-23 91840]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 PAC7302;Eye 312; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-06-27 19072]
S3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2009-11-11 27744]
S3 RegFilter;RegFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys []
S3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 UrlFilter;UrlFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys []
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2013-08-29 26240]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WinUSB;Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 FileMonitor;FileMonitor; \??\C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService8;Advanced SystemCare Service 8; C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe [2015-04-03 814880]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2015-07-08 1353720]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2015-07-30 2909472]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-12-22 217088]
S3 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-10 107912]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-10 107912]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 mfevtp;McAfee Validation Trust Protection Service; C:\WINDOWS\system32\mfevtps.exe [2015-04-23 238288]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 nlsX86cc;Nalpeiron Licensing Service; C:\WINDOWS\system32\NLSSRV32.EXE [2011-11-02 68896]
S3 nvsvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2011-08-03 146024]
S3 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
S3 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2015-06-13 66872]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 756392]
S4 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2005-09-30 96341]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2015-04-02 878912]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-05 148080]
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-12-02 877864]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-12-12 537896]
S4 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
S4 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
S4 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-08-01 724888]
S4 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Dáole doporučuji odinstalovat IOBit. Důvod: viewtopic.php?f=14&t=127320&hilit=iobit .

[Timur]

Iobit odstránený, cleaner naistalovany, spusteny, tu je log:
# AdwCleaner v4.208 - Log vytvořen 01/08/2015 v 15:59:25
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-26.2 [Server]
# Operační system : Microsoft Windows XP Service Pack 3 (x86)
# Uživatelské jméno : Vlado - VLADO
# Spuštěno z : C:\Documents and Settings\Vlado.VLADO\Plocha\adwcleaner_4.208.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\Documents and Settings\All Users\Data aplikací\ResultUrl
Složka Smazáno : C:\Documents and Settings\All Users\Data aplikací\SecTaskMan
Složka Smazáno : C:\Program Files\Application Updater
Složka Smazáno : C:\Program Files\pdfforge Toolbar
Složka Smazáno : C:\Program Files\ResultUrl
Složka Smazáno : C:\Program Files\Common Files\Spigot
Složka Smazáno : C:\WINDOWS\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook
Klíč Smazáno : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\spamfreesearch.Hlpr
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Klíč Smazáno : HKLM\SOFTWARE\microsoft\shared tools\msconfig\startupreg\Optimizer Pro
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Browser Extensions]
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{1005247F-A178-490A-8DC3-6BAF09EA427B}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{539F76FD-084E-4858-86D5-62F02F54AE86}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BAE35237-8D73-44D0-905C-8A95EA1E7E69}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EECF410C-006C-4A05-AD13-6741A0814DBF}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BAE35237-8D73-44D0-905C-8A95EA1E7E69}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EECF410C-006C-4A05-AD13-6741A0814DBF}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Hodnota Smazáno : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
Klíč Smazáno : HKCU\Software\pdfforge
Klíč Smazáno : HKCU\Software\Search Settings
Klíč Smazáno : HKCU\Software\Softonic
Klíč Smazáno : HKCU\Software\AppDataLow\Software\pdfforge
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Search Settings
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Browser Extensions
Klíč Smazáno : HKLM\SOFTWARE\Application Updater
Klíč Smazáno : HKLM\SOFTWARE\Driver-Soft
Klíč Smazáno : HKLM\SOFTWARE\Minibar
Klíč Smazáno : HKLM\SOFTWARE\pdfforge
Klíč Smazáno : HKLM\SOFTWARE\Search Settings
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=;ftp=;hxxps=;

***** [ Prohlížeče ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v37.0.2 (x86 sk)


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [6646 bytů] - [01/08/2015 15:57:19]
AdwCleaner[S0].txt - [6291 bytů] - [01/08/2015 15:59:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6349 bytů] ##########

[Rudy]

Dejte nový log RSIT.

[Timur]

tu je :
Logfile of random's system information tool 1.10 (written by random/random)
Run by Vlado at 2015-08-01 17:21:50
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 9 GB (13%) free of 70 GB
Total RAM: 3071 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:22:41, on 1. 8. 2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Documents and Settings\Vlado.VLADO\Dokumenty\Preberanie\RSIT.exe
C:\Program Files\trend micro\Vlado.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.shmu.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WeatherWatcher] "C:\Program Files\Weather Watcher\ww.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SmartRAM] "C:\Program Files\IObit\Advanced SystemCare 8\Suo10_SmartRAM.exe" /m
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\NLSSRV32.EXE
O23 - Service: NVIDIA Driver Helper Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 5244 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job - C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe /autoupdate /silent /autoclose /background
C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job - C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe /AUTORUN
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ce7f26e46ee722.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cffcc7c14ca1b0.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0001ccef9e5f4.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d043b08ce6119c.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job - C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe /immunize /silent /autoclose
C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job - C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe /scan /cleanclose
C:\WINDOWS\tasks\SmartDefrag4_Startup.job - C:\Program Files\IObit\Smart Defrag 4\SmartDefrag.exe /startup
C:\WINDOWS\tasks\SmartDefrag4_Update.job - C:\Program Files\IObit\Smart Defrag 4\AutoUpdate.exe /autorun

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Vlado.VLADO\Data aplikací\Mozilla\Firefox\Profiles\ytcfc5de.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "shmu.sk"
prefs.js - "keyword.URL" - "https://search.yahoo.com/search?fr=gree ... =971163&p="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll

C:\Program Files\Mozilla Firefox\extensions\
{C8431CD2-C25A-45F3-BEA9-A9103C31409A}

C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npyaxmpb.dll
QuickTimePlugin.class

C:\Documents and Settings\Vlado.VLADO\Data aplikací\Mozilla\Firefox\Profiles\ytcfc5de.default\extensions\
iobitascsurfingprotection@iobit.com
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
{84bbe6bf-fea5-418f-9bed-2ee0d6f1fba0}

C:\Documents and Settings\Vlado.VLADO\Data aplikací\Mozilla\Firefox\Profiles\ytcfc5de.default\searchplugins\
askcom.xml
spamfreesearch.xml
yahoo_ff.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2015-07-08 5089480]
"nwiz"=nwiz.exe /install []
"WeatherWatcher"=C:\Program Files\Weather Watcher\ww.exe [2008-11-09 1077248]
"SDTray"=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-11-29 421888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SmartRAM"=C:\Program Files\IObit\Advanced SystemCare 8\Suo10_SmartRAM.exe /m []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="wbsys.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WBSrv]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfetdi2k]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfetdi2k.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Call of Duty\CoDUOMP.exe"="C:\Program Files\Call of Duty\CoDUOMP.exe:*:Enabled:CoDUOMP"
"C:\Documents and Settings\Vlado\Local Settings\Data aplikací\AntikVirtualSTB\AntikVirtualSTB.exe"="C:\Documents and Settings\Vlado\Local Settings\Data aplikací\AntikVirtualSTB\AntikVirtualSTB.exe:*:Enabled:AntikVirtualSTB"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Call of Duty\CoDMP.exe"="C:\Program Files\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"C:\Documents and Settings\Vlado\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\Vlado\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\Real\RealUpgrade\realupgrade.exe"="C:\Program Files\Real\RealUpgrade\realupgrade.exe:*:Disabled:RealUpgrade Launcher "
"C:\Program Files\Weather Watcher\GetFile.exe"="C:\Program Files\Weather Watcher\GetFile.exe:*:Enabled:Weather Watcher Downloader"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Documents and Settings\Vlado.VLADO\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\Vlado.VLADO\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Documents and Settings\Vlado.VLADO\Local Settings\Data aplikací\AntikVirtualSTB\AntikVirtualSTB.exe"="C:\Documents and Settings\Vlado.VLADO\Local Settings\Data aplikací\AntikVirtualSTB\AntikVirtualSTB.exe:*:Enabled:AntikVirtualSTB"
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\ApexDC++\ApexDC.exe"="C:\Program Files\ApexDC++\ApexDC.exe:*:Enabled:ApexDC"
"C:\Documents and Settings\Vlado.VLADO\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe"="C:\Documents and Settings\Vlado.VLADO\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IMFTips.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\InstStat.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\LocalLang.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ReProcess.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SPSetup.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.XFR1"=xfcodec.dll
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2015-08-01 15:57:07 ----D---- C:\AdwCleaner
2015-07-31 10:12:47 ----D---- C:\rsit
2015-07-31 10:12:47 ----D---- C:\Program Files\trend micro
2015-07-30 14:19:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2015-07-29 15:00:05 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2015-07-29 15:00:04 ----D---- C:\WINDOWS\system32\winrm
2015-07-29 15:00:04 ----D---- C:\WINDOWS\system32\GroupPolicy
2015-07-29 14:59:10 ----HDC---- C:\WINDOWS\$968930Uinstall_KB968930$
2015-07-29 14:59:06 ----D---- C:\WINDOWS\$NtUninstallKB968930$
2015-07-29 14:58:22 ----A---- C:\WINDOWS\imsins.BAK
2015-07-29 14:56:34 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
2015-07-29 13:35:42 ----D---- C:\Program Files\RAMRush
2015-07-14 15:29:08 ----A---- C:\WINDOWS\system32\drivers\epfwtdir.sys
2015-07-14 15:29:08 ----A---- C:\WINDOWS\system32\drivers\ehdrv.sys
2015-07-14 15:29:08 ----A---- C:\WINDOWS\system32\drivers\eamonm.sys

======List of files/folders modified in the last 1 month======

2015-08-01 16:59:34 ----D---- C:\WINDOWS\Temp
2015-08-01 16:54:33 ----D---- C:\WINDOWS\system32\CatRoot2
2015-08-01 16:53:53 ----D---- C:\Documents and Settings\Vlado.VLADO\Data aplikací\WeatherWatcher
2015-08-01 15:59:32 ----RD---- C:\Program Files
2015-08-01 15:56:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\IObit
2015-08-01 15:56:40 ----D---- C:\Program Files\IObit
2015-08-01 15:45:39 ----SD---- C:\WINDOWS\Tasks
2015-07-31 15:29:03 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-07-31 13:04:30 ----D---- C:\Program Files\Folder Lock
2015-07-31 10:00:53 ----D---- C:\Program Files\Call of Duty
2015-07-31 09:41:36 ----AD---- C:\WINDOWS
2015-07-30 14:55:56 ----SHD---- C:\WINDOWS\Installer
2015-07-30 14:55:05 ----D---- C:\Documents and Settings
2015-07-30 14:53:43 ----D---- C:\WINDOWS\system32\drivers
2015-07-30 14:52:31 ----SD---- C:\WINDOWS\Downloaded Program Files
2015-07-30 14:20:19 ----HD---- C:\WINDOWS\inf
2015-07-30 14:19:08 ----D---- C:\Program Files\ESET
2015-07-30 11:05:48 ----D---- C:\Documents and Settings\Vlado.VLADO\Data aplikací\vlc
2015-07-30 09:31:26 ----D---- C:\WINDOWS\SoftwareDistribution
2015-07-30 09:30:30 ----D---- C:\WINDOWS\system32\config
2015-07-30 09:30:29 ----D---- C:\WINDOWS\Debug
2015-07-29 15:31:47 ----D---- C:\WINDOWS\security
2015-07-29 15:24:46 ----D---- C:\WINDOWS\system32\Macromed
2015-07-29 15:04:38 ----D---- C:\WINDOWS\Microsoft.NET
2015-07-29 15:04:37 ----RSD---- C:\WINDOWS\assembly
2015-07-29 15:00:36 ----D---- C:\WINDOWS\Help
2015-07-29 15:00:34 ----D---- C:\WINDOWS\system32
2015-07-29 15:00:04 ----D---- C:\WINDOWS\system32\wbem
2015-07-29 14:42:02 ----D---- C:\Program Files\Alwil Software
2015-07-29 14:14:33 ----D---- C:\Documents and Settings\Vlado.VLADO\Data aplikací\ApexDC++
2015-07-29 14:08:02 ----A---- C:\WINDOWS\NeroDigital.ini
2015-07-29 13:49:50 ----SD---- C:\WINDOWS\system32\Microsoft
2015-07-29 13:05:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\ProductData
2015-07-29 13:02:41 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 a347bus;a347bus; C:\WINDOWS\system32\DRIVERS\a347bus.sys [2004-04-30 160640]
R0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [2004-04-30 5248]
R0 imagedrv;imagedrv; C:\WINDOWS\System32\Drivers\imagedrv.sys [2008-06-08 11304]
R0 imagesrv;imagesrv; C:\WINDOWS\system32\DRIVERS\imagesrv.sys [2008-06-08 132904]
R0 m5288;m5288; C:\WINDOWS\system32\DRIVERS\m5288.sys [2015-04-18 210304]
R0 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2015-04-23 648552]
R0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2014-06-04 15808]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2012-07-07 477240]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2014-12-24 36864]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2015-07-14 202704]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2015-07-14 144536]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2015-07-14 129544]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\system32\drivers\HWiNFO32.SYS []
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R2 windrvNT;windrvNT; \??\C:\WINDOWS\system32\windrvNT.sys []
R3 CamSuiteVAC;CamSuite Virtual Audio; C:\WINDOWS\system32\DRIVERS\CamSuiteVAC.sys [2008-09-20 37560]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-04-06 5912096]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2014-12-24 11059872]
R3 ULI5261XP;ULi M526X Ethernet NT Driver; C:\WINDOWS\system32\DRIVERS\ULILAN51.SYS [2005-03-22 28672]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys []
S0 reparse;Reparse; C:\WINDOWS\system32\DRIVERS\cbreparse.sys []
S1 SASKUTIL;SASKUTIL; C:\WINDOWS\system32\drivers\SASKUTIL.sys []
S2 CoachCap;FUJIFILM EX-10/EX-20 PC V1.00; C:\WINDOWS\system32\drivers\CoachCap.sys []
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; C:\WINDOWS\system32\drivers\Ad-Watch Connect Filter.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 CoachUsb;Coach Digital Camera on USB; C:\WINDOWS\system32\DRIVERS\CoachUsb.sys [2009-04-06 51392]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys [2011-07-26 20032]
S3 eapihdrv;eapihdrv; \??\C:\DOCUME~1\Vlado.VLADO\Local Settings\Temp\ehdrv.sys []
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-09-11 25280]
S3 mferkdet;McAfee Inc. mferkdet; C:\WINDOWS\system32\drivers\mferkdet.sys [2015-04-23 91840]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 PAC7302;Eye 312; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-06-27 19072]
S3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2009-11-11 27744]
S3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2013-08-29 26240]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WinUSB;Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2005-09-30 96341]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2015-07-08 1353720]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2015-07-30 2909472]
S2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
S2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-12-22 217088]
S3 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-10 107912]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-10 107912]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 mfevtp;McAfee Validation Trust Protection Service; C:\WINDOWS\system32\mfevtps.exe [2015-04-23 238288]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-05 148080]
S3 nlsX86cc;Nalpeiron Licensing Service; C:\WINDOWS\system32\NLSSRV32.EXE [2011-11-02 68896]
S3 nvsvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2011-08-03 146024]
S3 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
S3 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2015-06-13 66872]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-08-01 724888]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 756392]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-12-02 877864]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-12-12 537896]
S4 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ce7f26e46ee722.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cffcc7c14ca1b0.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0001ccef9e5f4.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d043b08ce6119c.job
C:\Documents and Settings\Vlado.VLADO\Data aplikací\Mozilla\Firefox\Profiles\ytcfc5de.default\searchplugins\askcom.xml

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

[Timur]

RSIT log :
Logfile of random's system information tool 1.10 (written by random/random)
Run by Vlado at 2015-08-01 19:41:05
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 10 GB (15%) free of 70 GB
Total RAM: 3071 MB (82% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:41:30, on 1. 8. 2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\trend micro\Vlado.exe
C:\Documents and Settings\Vlado.VLADO\Dokumenty\Preberanie\RSIT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.shmu.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WeatherWatcher] "C:\Program Files\Weather Watcher\ww.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SmartRAM] "C:\Program Files\IObit\Advanced SystemCare 8\Suo10_SmartRAM.exe" /m
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\NLSSRV32.EXE
O23 - Service: NVIDIA Driver Helper Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 5231 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job - C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe /autoupdate /silent /autoclose /background
C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job - C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe /AUTORUN
C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job - C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe /immunize /silent /autoclose
C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job - C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe /scan /cleanclose

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Vlado.VLADO\Data aplikací\Mozilla\Firefox\Profiles\ytcfc5de.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "shmu.sk"
prefs.js - "keyword.URL" - "https://search.yahoo.com/search?fr=gree ... =971163&p="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll

C:\Program Files\Mozilla Firefox\extensions\
{C8431CD2-C25A-45F3-BEA9-A9103C31409A}

C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npyaxmpb.dll
QuickTimePlugin.class

C:\Documents and Settings\Vlado.VLADO\Data aplikací\Mozilla\Firefox\Profiles\ytcfc5de.default\extensions\
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
{84bbe6bf-fea5-418f-9bed-2ee0d6f1fba0}

C:\Documents and Settings\Vlado.VLADO\Data aplikací\Mozilla\Firefox\Profiles\ytcfc5de.default\searchplugins\
spamfreesearch.xml
yahoo_ff.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2015-07-08 5089480]
"nwiz"=nwiz.exe /install []
"WeatherWatcher"=C:\Program Files\Weather Watcher\ww.exe []
"SDTray"=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-11-29 421888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SmartRAM"=C:\Program Files\IObit\Advanced SystemCare 8\Suo10_SmartRAM.exe /m []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="wbsys.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WBSrv]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfetdi2k]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfetdi2k.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Call of Duty\CoDUOMP.exe"="C:\Program Files\Call of Duty\CoDUOMP.exe:*:Enabled:CoDUOMP"
"C:\Documents and Settings\Vlado\Local Settings\Data aplikací\AntikVirtualSTB\AntikVirtualSTB.exe"="C:\Documents and Settings\Vlado\Local Settings\Data aplikací\AntikVirtualSTB\AntikVirtualSTB.exe:*:Enabled:AntikVirtualSTB"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Call of Duty\CoDMP.exe"="C:\Program Files\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"C:\Documents and Settings\Vlado\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\Vlado\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\Real\RealUpgrade\realupgrade.exe"="C:\Program Files\Real\RealUpgrade\realupgrade.exe:*:Disabled:RealUpgrade Launcher "
"C:\Program Files\Weather Watcher\GetFile.exe"="C:\Program Files\Weather Watcher\GetFile.exe:*:Enabled:Weather Watcher Downloader"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Documents and Settings\Vlado.VLADO\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\Vlado.VLADO\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Documents and Settings\Vlado.VLADO\Local Settings\Data aplikací\AntikVirtualSTB\AntikVirtualSTB.exe"="C:\Documents and Settings\Vlado.VLADO\Local Settings\Data aplikací\AntikVirtualSTB\AntikVirtualSTB.exe:*:Enabled:AntikVirtualSTB"
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\ApexDC++\ApexDC.exe"="C:\Program Files\ApexDC++\ApexDC.exe:*:Enabled:ApexDC"
"C:\Documents and Settings\Vlado.VLADO\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe"="C:\Documents and Settings\Vlado.VLADO\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IMFTips.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\InstStat.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\LocalLang.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ReProcess.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SPSetup.exe]
"Debugger="C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.XFR1"=xfcodec.dll
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2015-08-01 19:17:20 ----D---- C:\_OTM
2015-08-01 15:57:07 ----D---- C:\AdwCleaner
2015-07-31 10:12:47 ----D---- C:\rsit
2015-07-31 10:12:47 ----D---- C:\Program Files\trend micro
2015-07-30 14:19:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2015-07-29 15:00:05 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2015-07-29 15:00:04 ----D---- C:\WINDOWS\system32\winrm
2015-07-29 15:00:04 ----D---- C:\WINDOWS\system32\GroupPolicy
2015-07-29 14:59:10 ----HDC---- C:\WINDOWS\$968930Uinstall_KB968930$
2015-07-29 14:59:06 ----D---- C:\WINDOWS\$NtUninstallKB968930$
2015-07-29 14:58:22 ----A---- C:\WINDOWS\imsins.BAK
2015-07-29 14:56:34 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
2015-07-29 13:35:42 ----D---- C:\Program Files\RAMRush
2015-07-14 15:29:08 ----A---- C:\WINDOWS\system32\drivers\epfwtdir.sys
2015-07-14 15:29:08 ----A---- C:\WINDOWS\system32\drivers\ehdrv.sys
2015-07-14 15:29:08 ----A---- C:\WINDOWS\system32\drivers\eamonm.sys

======List of files/folders modified in the last 1 month======

2015-08-01 19:32:13 ----D---- C:\WINDOWS\system32\CatRoot2
2015-08-01 19:30:45 ----D---- C:\WINDOWS\Temp
2015-08-01 19:17:27 ----SD---- C:\WINDOWS\Tasks
2015-08-01 18:41:14 ----D---- C:\Program Files\Call of Duty
2015-08-01 18:35:26 ----D---- C:\Documents and Settings\Vlado.VLADO\Data aplikací\vlc
2015-08-01 18:31:28 ----D---- C:\WINDOWS\system32
2015-08-01 18:26:04 ----RD---- C:\Program Files
2015-08-01 18:25:49 ----SHD---- C:\WINDOWS\Installer
2015-08-01 18:24:00 ----D---- C:\Program Files\Wondershare
2015-08-01 18:21:56 ----D---- C:\Program Files\IObit
2015-08-01 18:21:48 ----D---- C:\WINDOWS\system32\drivers
2015-08-01 18:20:01 ----D---- C:\Documents and Settings\Vlado.VLADO\Data aplikací\WeatherWatcher
2015-08-01 18:05:05 ----RSH---- C:\boot.ini
2015-08-01 17:52:40 ----D---- C:\Documents and Settings\Vlado.VLADO\Data aplikací\ApexDC++
2015-08-01 17:29:13 ----D---- C:\Program Files\PDFCreator
2015-08-01 17:27:27 ----D---- C:\Program Files\Common Files
2015-08-01 15:56:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\IObit
2015-07-31 15:29:03 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-07-31 13:04:30 ----D---- C:\Program Files\Folder Lock
2015-07-31 09:41:36 ----AD---- C:\WINDOWS
2015-07-30 14:55:05 ----D---- C:\Documents and Settings
2015-07-30 14:52:31 ----SD---- C:\WINDOWS\Downloaded Program Files
2015-07-30 14:20:19 ----HD---- C:\WINDOWS\inf
2015-07-30 14:19:08 ----D---- C:\Program Files\ESET
2015-07-30 09:31:26 ----D---- C:\WINDOWS\SoftwareDistribution
2015-07-30 09:30:30 ----D---- C:\WINDOWS\system32\config
2015-07-30 09:30:29 ----D---- C:\WINDOWS\Debug
2015-07-29 15:31:47 ----D---- C:\WINDOWS\security
2015-07-29 15:24:46 ----D---- C:\WINDOWS\system32\Macromed
2015-07-29 15:04:38 ----D---- C:\WINDOWS\Microsoft.NET
2015-07-29 15:04:37 ----RSD---- C:\WINDOWS\assembly
2015-07-29 15:00:36 ----D---- C:\WINDOWS\Help
2015-07-29 15:00:04 ----D---- C:\WINDOWS\system32\wbem
2015-07-29 14:42:02 ----D---- C:\Program Files\Alwil Software
2015-07-29 14:08:02 ----A---- C:\WINDOWS\NeroDigital.ini
2015-07-29 13:49:50 ----SD---- C:\WINDOWS\system32\Microsoft
2015-07-29 13:05:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\ProductData
2015-07-29 13:02:41 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 a347bus;a347bus; C:\WINDOWS\system32\DRIVERS\a347bus.sys [2004-04-30 160640]
R0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [2004-04-30 5248]
R0 imagedrv;imagedrv; C:\WINDOWS\System32\Drivers\imagedrv.sys [2008-06-08 11304]
R0 imagesrv;imagesrv; C:\WINDOWS\system32\DRIVERS\imagesrv.sys [2008-06-08 132904]
R0 m5288;m5288; C:\WINDOWS\system32\DRIVERS\m5288.sys [2015-04-18 210304]
R0 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2015-04-23 648552]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2012-07-07 477240]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2014-12-24 36864]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2015-07-14 202704]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2015-07-14 144536]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2015-07-14 129544]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\system32\drivers\HWiNFO32.SYS []
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R2 windrvNT;windrvNT; \??\C:\WINDOWS\system32\windrvNT.sys []
R3 CamSuiteVAC;CamSuite Virtual Audio; C:\WINDOWS\system32\DRIVERS\CamSuiteVAC.sys [2008-09-20 37560]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-04-06 5912096]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2014-12-24 11059872]
R3 ULI5261XP;ULi M526X Ethernet NT Driver; C:\WINDOWS\system32\DRIVERS\ULILAN51.SYS [2005-03-22 28672]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys []
S0 reparse;Reparse; C:\WINDOWS\system32\DRIVERS\cbreparse.sys []
S1 SASKUTIL;SASKUTIL; C:\WINDOWS\system32\drivers\SASKUTIL.sys []
S2 CoachCap;FUJIFILM EX-10/EX-20 PC V1.00; C:\WINDOWS\system32\drivers\CoachCap.sys []
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; C:\WINDOWS\system32\drivers\Ad-Watch Connect Filter.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 CoachUsb;Coach Digital Camera on USB; C:\WINDOWS\system32\DRIVERS\CoachUsb.sys [2009-04-06 51392]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys [2011-07-26 20032]
S3 eapihdrv;eapihdrv; \??\C:\DOCUME~1\Vlado.VLADO\Local Settings\Temp\ehdrv.sys []
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-09-11 25280]
S3 mferkdet;McAfee Inc. mferkdet; C:\WINDOWS\system32\drivers\mferkdet.sys [2015-04-23 91840]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 PAC7302;Eye 312; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-06-27 19072]
S3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2009-11-11 27744]
S3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2013-08-29 26240]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WinUSB;Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2005-09-30 96341]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2015-07-08 1353720]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2015-07-30 2909472]
S2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
S2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-12-22 217088]
S3 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-10 107912]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-10 107912]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 mfevtp;McAfee Validation Trust Protection Service; C:\WINDOWS\system32\mfevtps.exe [2015-04-23 238288]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-05 148080]
S3 nlsX86cc;Nalpeiron Licensing Service; C:\WINDOWS\system32\NLSSRV32.EXE [2011-11-02 68896]
S3 nvsvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2011-08-03 146024]
S3 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
S3 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2015-06-13 66872]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-08-01 724888]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 756392]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-12-02 877864]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-12-12 537896]
S4 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

-----------------EOF-----------------

[Rudy]

Dvouklikem na soubor C:\Program Files\trend micro\Vlado.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

[Timur]

Jupiiiii, veeeeeelmi pekne Vám dakujem za Vas cas a um
Idem Vam poslat nejake €

[Rudy]

Nemáte zač! Za příspěvek vám děkujeme.