Posim o kontrolu

Zpráva

ANGILO · #1 Příspěvek od **ANGILO** » 21 črc 2013 12:51

Srdecne pozdravujem, poprsim o spolupracu ...

Logfile of random's system information tool 1.06 (written by random/random)
Run by norbi at 2013-07-21 13:22:41
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 2 GB (9%) free of 27 GB
Total RAM: 446 MB (22% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MpIdleTask.job
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-05-15 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}]
Lexmark Panel nástrojů - C:\Program Files\Lexmark Toolbar\toolband.dll [2006-01-25 184320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-06-24 192592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll [2013-01-12 1000984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - Lexmark Panel nástrojů - C:\Program Files\Lexmark Toolbar\toolband.dll [2006-01-25 184320]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-06-24 192592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"=Alaunch []
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-10-07 98394]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-10-07 688218]
"SiSPower"=SiSPower.dll,ModeAgent []
"SiS Windows KeyHook"=C:\WINDOWS\system32\keyhook.exe [2005-03-04 32768]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"LManager"=C:\Program Files\Launch Manager\QtZgAcer.EXE [2005-10-12 315392]
"lxcrmon.exe"=C:\Program Files\Lexmark 2400 Series\lxcrmon.exe [2006-01-22 286720]
"MobilityManager"=C:\Program Files\Mobility Manager\MobilityManager []
"Trust Gaming mouse"=C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe [2006-12-28 1232896]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-02-23 77824]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 931200]
"LXCRCATS"=rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16 []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
C:\WINDOWS\AGRSMMSG.exe [2004-10-07 88363]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
C:\Program Files\Lexmark 2400 Series\ezprint.exe [2006-02-07 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
C:\Program Files\Lexmark Fax Solutions\fm3032.exe [2006-02-02 290816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-09-11 68856]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Utility Tray.lnk - C:\WINDOWS\system32\sistray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe"="C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe:*:Enabled:Sunbelt Kerio Firewall GUI"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\groove.exe"="C:\Program Files\Microsoft Office\Office12\groove.exe:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4a55d698-b49a-11dc-8853-00163620c72b}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - Recycled\ctfmon.exe

======List of files/folders created in the last 1 months======

2013-07-21 13:22:41 ----D---- C:\rsit
2013-07-21 13:22:41 ----D---- C:\Program Files\trend micro
2013-07-19 19:15:04 ----SHD---- C:\Recycled
2013-07-19 16:27:54 ----SHD---- C:\FOUND.001
2013-07-19 14:29:14 ----SHD---- C:\FOUND.000
2013-07-19 11:53:03 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2013-07-19 11:47:20 ----D---- C:\WINDOWS\system32\CatRoot_bak
2013-07-19 10:51:28 ----D---- C:\Program Files\Microsoft Security Client
2013-07-19 10:51:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2013-07-19 10:48:21 ----D---- C:\WINDOWS\Prefetch
2013-07-19 10:03:04 ----N---- C:\WINDOWS\system32\msxml6r.dll
2013-07-19 10:03:03 ----N---- C:\WINDOWS\system32\msxml6.dll
2013-07-19 10:02:29 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2013-07-19 10:02:29 ----N---- C:\WINDOWS\system32\aaclient.dll
2013-07-19 10:02:28 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2013-07-19 10:02:28 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2013-07-19 10:02:28 ----N---- C:\WINDOWS\system32\ati3duag.dll
2013-07-19 10:02:28 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2013-07-19 10:02:28 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2013-07-19 10:02:28 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2013-07-19 10:02:27 ----N---- C:\WINDOWS\system32\dimsroam.dll
2013-07-19 10:02:27 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2013-07-19 10:02:27 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2013-07-19 10:02:27 ----N---- C:\WINDOWS\system32\credssp.dll
2013-07-19 10:02:27 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2013-07-19 10:02:27 ----N---- C:\WINDOWS\system32\azroles.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\eappgnui.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\eappcfg.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\eapolqec.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3ui.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3svc.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3msm.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3api.dll
2013-07-19 10:02:25 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2013-07-19 10:02:25 ----N---- C:\WINDOWS\system32\eapsvc.dll
2013-07-19 10:02:25 ----N---- C:\WINDOWS\system32\eapqec.dll
2013-07-19 10:02:25 ----N---- C:\WINDOWS\system32\eappprxy.dll
2013-07-19 10:02:25 ----N---- C:\WINDOWS\system32\eapphost.dll
2013-07-19 10:02:24 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2013-07-19 10:02:24 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2013-07-19 10:02:24 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2013-07-19 10:02:23 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2013-07-19 10:02:23 ----N---- C:\WINDOWS\system32\kmsvc.dll
2013-07-19 10:02:23 ----N---- C:\WINDOWS\system32\kbdpash.dll
2013-07-19 10:02:22 ----N---- C:\WINDOWS\system32\mmcperf.exe
2013-07-19 10:02:22 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2013-07-19 10:02:22 ----N---- C:\WINDOWS\system32\mmcex.dll
2013-07-19 10:02:22 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2013-07-19 10:02:21 ----N---- C:\WINDOWS\system32\napstat.exe
2013-07-19 10:02:21 ----N---- C:\WINDOWS\system32\napmontr.dll
2013-07-19 10:02:21 ----N---- C:\WINDOWS\system32\napipsec.dll
2013-07-19 10:02:21 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2013-07-19 10:02:21 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2013-07-19 10:02:21 ----N---- C:\WINDOWS\system32\mssha.dll
2013-07-19 10:02:20 ----N---- C:\WINDOWS\system32\onex.dll
2013-07-19 10:02:20 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2013-07-19 10:02:19 ----N---- C:\WINDOWS\system32\rasqec.dll
2013-07-19 10:02:19 ----N---- C:\WINDOWS\system32\qutil.dll
2013-07-19 10:02:19 ----N---- C:\WINDOWS\system32\qcliprov.dll
2013-07-19 10:02:19 ----N---- C:\WINDOWS\system32\qagentrt.dll
2013-07-19 10:02:19 ----N---- C:\WINDOWS\system32\qagent.dll
2013-07-19 10:02:19 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\slrundll.exe
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\slgen.dll
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\slextspk.dll
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\slcoinst.dll
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\setupn.exe
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\s3gnb.dll
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2013-07-19 10:02:17 ----N---- C:\WINDOWS\system32\slserv.exe
2013-07-19 10:02:15 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2013-07-19 10:02:15 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2013-07-19 10:02:15 ----N---- C:\WINDOWS\system32\tspkg.dll
2013-07-19 10:02:15 ----N---- C:\WINDOWS\system32\tsgqec.dll
2013-07-19 10:02:14 ----N---- C:\WINDOWS\system32\wmphoto.dll
2013-07-19 10:02:14 ----N---- C:\WINDOWS\system32\wlanapi.dll
2013-07-19 10:02:13 ----N---- C:\WINDOWS\system32\xmllite.dll
2013-07-19 10:02:13 ----N---- C:\WINDOWS\slrundll.exe
2013-07-19 10:02:12 ----D---- C:\WINDOWS\system32\cs-cz
2013-07-19 10:02:11 ----D---- C:\WINDOWS\system32\cs
2013-07-19 10:02:11 ----D---- C:\WINDOWS\system32\bits
2013-07-19 10:02:11 ----D---- C:\WINDOWS\l2schemas
2013-07-19 09:55:54 ----D---- C:\WINDOWS\network diagnostic
2013-07-19 09:49:57 ----HD---- C:\WINDOWS\$NtServicePackUninstall$
2013-07-19 09:49:51 ----D---- C:\WINDOWS\EHome
2013-07-13 16:14:55 ----D---- C:\Program Files\Yamicsoft
2013-07-13 16:12:12 ----RSD---- C:\WINDOWS\assembly
2013-07-13 16:10:44 ----D---- C:\WINDOWS\Microsoft.NET
2013-07-12 22:46:51 ----A---- C:\WINDOWS\system32\ksuser.dll
2013-07-12 22:46:14 ----A---- C:\WINDOWS\Alcrmv.exe
2013-07-12 22:46:12 ----A---- C:\WINDOWS\system32\RTLCPAPI.dll
2013-07-12 22:46:10 ----A---- C:\WINDOWS\system32\RTLCPL.EXE
2013-07-12 22:45:59 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2013-07-12 22:44:14 ----RA---- C:\WINDOWS\system32\mdmxsdk.dll
2013-07-12 22:44:14 ----RA---- C:\WINDOWS\system32\hsfci012.dll
2013-07-12 22:44:14 ----D---- C:\Program Files\CONEXANT
2013-07-12 22:43:41 ----A---- C:\WINDOWS\difxapi.dll
2013-07-12 22:43:36 ----A---- C:\WINDOWS\system32\SiSParse.dll
2013-07-12 22:43:36 ----A---- C:\WINDOWS\system32\SiSInst.dll
2013-07-12 22:43:36 ----A---- C:\WINDOWS\system32\sisgrv.dll
2013-07-12 22:43:36 ----A---- C:\WINDOWS\system32\sisgl.dll
2013-07-12 22:43:36 ----A---- C:\WINDOWS\system32\SiSBase.dll
2013-07-12 22:43:22 ----A---- C:\WINDOWS\system32\SiSPIns2.dll
2013-07-12 22:40:38 ----D---- C:\Documents and Settings\norbi\Data aplikací\DRPSu
2013-07-12 20:54:01 ----A---- C:\WINDOWS\system32\MRT.exe
2013-07-12 17:02:57 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-06-25 19:28:03 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 months======

2013-07-21 13:10:38 ----A---- C:\WINDOWS\system32\eRLog.ini
2013-07-21 13:10:22 ----A---- C:\WINDOWS\ModemLog_Agere Systems AC'97 Modem.txt
2013-07-19 12:13:02 ----A---- C:\WINDOWS\wincmd.ini
2013-07-19 10:13:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-08-11 39424]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2007-02-20 302000]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2007-02-20 71088]
R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2005-02-25 13312]
R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-09-28 278728]
R2 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-09-28 25416]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-10-07 1270540]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-02-24 2311680]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2004-12-08 16896]
R3 GMFilter Filter;GMFilter Filter; C:\WINDOWS\System32\Drivers\GMFilter.sys [2006-12-29 27648]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-12-11 6144]
R3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2005-03-02 240640]
R3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51; C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [2004-11-05 32768]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-10-07 185824]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 BCM43XX;Broadcom 802.11 ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2004-12-21 369024]
S3 BthEnum;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-04-14 272896]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 ft1000;Flarion Flash OFDM wireless service; C:\WINDOWS\system32\DRIVERS\ft1000.sys [2007-07-09 62208]
S3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2004-08-16 1287168]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 FMMService;FMMService; C:\PROGRA~1\MOBILI~1\FMMSER~1.EXE [2007-12-06 40960]
R2 KPF4;Sunbelt Kerio Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [2007-02-20 1222192]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 11552]
R3 lxcr_device;lxcr_device; C:\WINDOWS\system32\lxcrcoms.exe [2006-02-03 495616]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-04 135664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-04 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-15 194032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-06-25 117144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 21 črc 2013 12:59

Zdravim

To bude nejaky muzejni kousek, ne?

Ta RAMka je docela zalostna na dnesni dobu.

Chtelo by to Service Pack 3

Aktualizujem skenery
Smazte RSIT a slozku C:\Program Files\trend micro , pokud ji najdete.
Pak stahnete nove RSIT http://forum.viry.cz/viewtopic.php?f=13&t=105895 a dejte log z nej.

Je s tim nejaky konkretni problem?

ANGILO · #3 Příspěvek od **ANGILO** » 21 črc 2013 13:31

SP 3 tam samozrejme je ....
..ten odkaz je nefunkcni ... - viewtopic.php?f=24&t=130784 odtialto som stiahol, ale v 2/3 sa zasekne
- strasne pomale reakcie - zamrzanie

#4 Příspěvek od **Márty84** » 21 črc 2013 13:43

Mate pravdu, uz blbe vidim. To je znameni, ze uz bych mel od pc vypadnout

Zkuste spustit RSIT v nouzovem rezimu. Pripadne mrknete do slozky C:\rsit . Mozna se tam log uz vytvoril, i kdyz to vypada, ze program jeste neskoncil.

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte ho. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

ANGILO · #5 Příspěvek od **ANGILO** » 21 črc 2013 14:11

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2013/07/21 15:08:46

-- Controller Map ----------------------------------------------------------
+ Řadič SiS rozhraní IDE ke sběrnici PCI [ATA]
+ Primární kanál IDE (0)
- ST960821A
+ Sekundární kanál IDE (1)
- MATSHITA UJ-840D

-- Disk List ---------------------------------------------------------------
(1) ST960821A : 60,0 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST960821A
----------------------------------------------------------------------------
Model : ST960821A
Firmware : 3.01
Serial Number : 5LF045AY
Disk Size : 60,0 GB (8,4/60,0/60,0)
Buffer Size : 8192 KB
Queue Depth : 1
# of Sectors : 117210240
Rotation Rate : Unknown
Interface : Parallel ATA
Major Version : ATA/ATAPI-6
Minor Version : ATA/ATAPI-6 T13 1410D version 2
Transfer Mode : Ultra DMA/100
Power On Hours : 8796 hours
Power On Count : 4708 count
Temparature : 45 C (113 F)
Health Status : Good
Features : S.M.A.R.T., APM, 48bit LBA
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 _64 _63 _34 00000B35AEF6 Read Error Rate
03 _96 _95 __0 000000000000 Spin-Up Time
04 _96 _96 _20 00000000124D Start/Stop Count
05 100 100 _36 000000000000 Reallocated Sectors Count
07 _82 _60 _30 00000BED2D04 Seek Error Rate
09 _90 _90 __0 00000000225C Power-On Hours
0A 100 100 _34 000000000000 Spin Retry Count
0C _96 _96 _20 000000001264 Power Cycle Count
C0 _98 _98 __0 000000001264 Power-off Retract Count
C1 _91 _91 __0 000000004D9D Load/Unload Cycle Count
C2 _45 _50 __0 00100000002D Temperature
C3 _64 _63 __0 00000B35AEF6 Hardware ECC recovered
C5 100 100 __0 000000000000 Current Pending Sector Count
C6 100 100 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
C8 100 253 __0 000000000000 Write Error Rate
CA 100 253 __0 000000000000 Data Address Mark Error

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 354C 354C 4630 3435 4159
020: 0000 4000 0004 332E 3031 2020 2020 5354 3936 3038
030: 3231 4120 2020 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: 7C80 06FC 0000 0007 0003 0078 0078 00F0 0078 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 007E 001B 346B 7D09 4003 3C09 3C09 4003 203F 0000
090: 0000 8080 FFFE 604D FE00 0000 0000 0000 0000 0000
100: 7C80 06FC 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 7C80
130: 06FC 7C80 06FC 2020 0002 0000 0000 008A 3C06 3C06
140: FFFF 07C6 0100 0800 0F78 0002 0002 0080 0000 0000
150: 40A0 0000 0000 0000 0000 0000 0000 0000 0800 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 78A5

Logfile of random's system information tool 1.09 (written by random/random)
Run by norbi at 2013-07-21 14:42:35
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 2 GB (9%) free of 27 GB
Total RAM: 446 MB (21% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:43:04, on 21. 7. 2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\Mobility Manager\MobilityManager.exe
C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Mobility Manager\jre\bin\javaw.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\sistray.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\MOBILI~1\FMMSER~1.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Documents and Settings\norbi\Plocha\RSIT.exe
C:\Program Files\trend micro\norbi.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Panel nástrojů - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O3 - Toolbar: Lexmark Panel nástrojů - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [MobilityManager] C:\Program Files\Mobility Manager\MobilityManager
O4 - HKLM\..\Run: [Trust Gaming mouse] "C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: FMMService - Flarion Technologies, Inc. - C:\PROGRA~1\MOBILI~1\FMMSER~1.EXE
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

--
End of file - 7145 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MpIdleTask.job
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\norbi\Data aplikací\Mozilla\Firefox\Profiles\yyzx923l.default

prefs.js - "extensions.enabledItems" - "{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.11"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-05-15 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}]
Lexmark Panel nástrojů - C:\Program Files\Lexmark Toolbar\toolband.dll [2006-01-25 184320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-06-24 192592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll [2013-01-12 1000984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - Lexmark Panel nástrojů - C:\Program Files\Lexmark Toolbar\toolband.dll [2006-01-25 184320]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-06-24 192592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"=Alaunch []
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-10-07 98394]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-10-07 688218]
"SiSPower"=SiSPower.dll,ModeAgent []
"SiS Windows KeyHook"=C:\WINDOWS\system32\keyhook.exe [2005-03-04 32768]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"LManager"=C:\Program Files\Launch Manager\QtZgAcer.EXE [2005-10-12 315392]
"lxcrmon.exe"=C:\Program Files\Lexmark 2400 Series\lxcrmon.exe [2006-01-22 286720]
"MobilityManager"=C:\Program Files\Mobility Manager\MobilityManager []
"Trust Gaming mouse"=C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe [2006-12-28 1232896]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-02-23 77824]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 931200]
"LXCRCATS"=rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16 []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
C:\WINDOWS\AGRSMMSG.exe [2004-10-07 88363]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
C:\Program Files\Lexmark 2400 Series\ezprint.exe [2006-02-07 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
C:\Program Files\Lexmark Fax Solutions\fm3032.exe [2006-02-02 290816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-09-11 68856]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Utility Tray.lnk - C:\WINDOWS\system32\sistray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe"="C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe:*:Enabled:Sunbelt Kerio Firewall GUI"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\groove.exe"="C:\Program Files\Microsoft Office\Office12\groove.exe:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-07-21 14:16:12 ----D---- C:\Program Files\trend micro
2013-07-21 14:16:07 ----D---- C:\rsit
2013-07-21 13:40:25 ----A---- C:\WINDOWS\system32\muweb.dll
2013-07-21 13:40:25 ----A---- C:\WINDOWS\system32\mucltui.dll
2013-07-20 14:41:05 ----ASH---- C:\hiberfil.sys
2013-07-19 19:15:04 ----SHD---- C:\Recycled
2013-07-19 16:27:54 ----SHD---- C:\FOUND.001
2013-07-19 14:29:14 ----SHD---- C:\FOUND.000
2013-07-19 11:53:03 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2013-07-19 11:47:20 ----D---- C:\WINDOWS\system32\CatRoot_bak
2013-07-19 10:51:28 ----D---- C:\Program Files\Microsoft Security Client
2013-07-19 10:51:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2013-07-19 10:48:21 ----D---- C:\WINDOWS\Prefetch
2013-07-19 10:03:04 ----N---- C:\WINDOWS\system32\msxml6r.dll
2013-07-19 10:03:03 ----N---- C:\WINDOWS\system32\msxml6.dll
2013-07-19 10:02:29 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2013-07-19 10:02:29 ----N---- C:\WINDOWS\system32\aaclient.dll
2013-07-19 10:02:28 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2013-07-19 10:02:28 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2013-07-19 10:02:28 ----N---- C:\WINDOWS\system32\ati3duag.dll
2013-07-19 10:02:28 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2013-07-19 10:02:28 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2013-07-19 10:02:28 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2013-07-19 10:02:27 ----N---- C:\WINDOWS\system32\dimsroam.dll
2013-07-19 10:02:27 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2013-07-19 10:02:27 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2013-07-19 10:02:27 ----N---- C:\WINDOWS\system32\credssp.dll
2013-07-19 10:02:27 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2013-07-19 10:02:27 ----N---- C:\WINDOWS\system32\azroles.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\eappgnui.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\eappcfg.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\eapolqec.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3ui.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3svc.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3msm.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3api.dll
2013-07-19 10:02:25 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2013-07-19 10:02:25 ----N---- C:\WINDOWS\system32\eapsvc.dll
2013-07-19 10:02:25 ----N---- C:\WINDOWS\system32\eapqec.dll
2013-07-19 10:02:25 ----N---- C:\WINDOWS\system32\eappprxy.dll
2013-07-19 10:02:25 ----N---- C:\WINDOWS\system32\eapphost.dll
2013-07-19 10:02:24 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2013-07-19 10:02:24 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2013-07-19 10:02:24 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2013-07-19 10:02:23 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2013-07-19 10:02:23 ----N---- C:\WINDOWS\system32\kmsvc.dll
2013-07-19 10:02:23 ----N---- C:\WINDOWS\system32\kbdpash.dll
2013-07-19 10:02:22 ----N---- C:\WINDOWS\system32\mmcperf.exe
2013-07-19 10:02:22 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2013-07-19 10:02:22 ----N---- C:\WINDOWS\system32\mmcex.dll
2013-07-19 10:02:22 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2013-07-19 10:02:21 ----N---- C:\WINDOWS\system32\napstat.exe
2013-07-19 10:02:21 ----N---- C:\WINDOWS\system32\napmontr.dll
2013-07-19 10:02:21 ----N---- C:\WINDOWS\system32\napipsec.dll
2013-07-19 10:02:21 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2013-07-19 10:02:21 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2013-07-19 10:02:21 ----N---- C:\WINDOWS\system32\mssha.dll
2013-07-19 10:02:20 ----N---- C:\WINDOWS\system32\onex.dll
2013-07-19 10:02:20 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2013-07-19 10:02:19 ----N---- C:\WINDOWS\system32\rasqec.dll
2013-07-19 10:02:19 ----N---- C:\WINDOWS\system32\qutil.dll
2013-07-19 10:02:19 ----N---- C:\WINDOWS\system32\qcliprov.dll
2013-07-19 10:02:19 ----N---- C:\WINDOWS\system32\qagentrt.dll
2013-07-19 10:02:19 ----N---- C:\WINDOWS\system32\qagent.dll
2013-07-19 10:02:19 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\slrundll.exe
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\slgen.dll
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\slextspk.dll
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\slcoinst.dll
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\setupn.exe
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\s3gnb.dll
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2013-07-19 10:02:17 ----N---- C:\WINDOWS\system32\slserv.exe
2013-07-19 10:02:15 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2013-07-19 10:02:15 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2013-07-19 10:02:15 ----N---- C:\WINDOWS\system32\tspkg.dll
2013-07-19 10:02:15 ----N---- C:\WINDOWS\system32\tsgqec.dll
2013-07-19 10:02:14 ----N---- C:\WINDOWS\system32\wmphoto.dll
2013-07-19 10:02:14 ----N---- C:\WINDOWS\system32\wlanapi.dll
2013-07-19 10:02:13 ----N---- C:\WINDOWS\system32\xmllite.dll
2013-07-19 10:02:13 ----N---- C:\WINDOWS\slrundll.exe
2013-07-19 10:02:12 ----D---- C:\WINDOWS\system32\cs-cz
2013-07-19 10:02:11 ----D---- C:\WINDOWS\system32\cs
2013-07-19 10:02:11 ----D---- C:\WINDOWS\system32\bits
2013-07-19 10:02:11 ----D---- C:\WINDOWS\l2schemas
2013-07-19 09:55:54 ----D---- C:\WINDOWS\network diagnostic
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2013-07-19 09:55:51 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2013-07-19 09:55:51 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2013-07-19 09:55:50 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2013-07-19 09:55:50 ----N---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2013-07-19 09:55:50 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2013-07-19 09:55:50 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2013-07-19 09:55:50 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2013-07-19 09:55:50 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2013-07-19 09:55:50 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2013-07-19 09:55:48 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2013-07-19 09:55:48 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2013-07-19 09:55:48 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2013-07-19 09:55:48 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2013-07-19 09:55:48 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2013-07-19 09:55:48 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2013-07-19 09:55:48 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2013-07-19 09:49:57 ----HD---- C:\WINDOWS\$NtServicePackUninstall$
2013-07-19 09:49:51 ----D---- C:\WINDOWS\EHome
2013-07-13 16:14:55 ----D---- C:\Program Files\Yamicsoft
2013-07-13 16:12:12 ----RSD---- C:\WINDOWS\assembly
2013-07-13 16:10:44 ----D---- C:\WINDOWS\Microsoft.NET
2013-07-12 22:46:55 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2013-07-12 22:46:52 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2013-07-12 22:46:51 ----A---- C:\WINDOWS\system32\ksuser.dll
2013-07-12 22:46:50 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2013-07-12 22:46:49 ----A---- C:\WINDOWS\system32\drivers\stream.sys
2013-07-12 22:46:14 ----A---- C:\WINDOWS\Alcrmv.exe
2013-07-12 22:46:12 ----A---- C:\WINDOWS\system32\RTLCPAPI.dll
2013-07-12 22:46:10 ----A---- C:\WINDOWS\system32\RTLCPL.EXE
2013-07-12 22:45:59 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2013-07-12 22:45:58 ----A---- C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2013-07-12 22:44:14 ----RA---- C:\WINDOWS\system32\mdmxsdk.dll
2013-07-12 22:44:14 ----RA---- C:\WINDOWS\system32\hsfci012.dll
2013-07-12 22:44:14 ----RA---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2013-07-12 22:44:14 ----RA---- C:\WINDOWS\system32\drivers\HSFHWSIS.sys
2013-07-12 22:44:14 ----RA---- C:\WINDOWS\system32\drivers\HSF_DP.sys
2013-07-12 22:44:14 ----RA---- C:\WINDOWS\system32\drivers\HSF_CNXT.sys
2013-07-12 22:44:14 ----D---- C:\Program Files\CONEXANT
2013-07-12 22:43:55 ----A---- C:\WINDOWS\system32\drivers\siside.sys
2013-07-12 22:43:49 ----A---- C:\WINDOWS\system32\drivers\sisnicxp.sys
2013-07-12 22:43:41 ----A---- C:\WINDOWS\difxapi.dll
2013-07-12 22:43:36 ----A---- C:\WINDOWS\system32\SiSParse.dll
2013-07-12 22:43:36 ----A---- C:\WINDOWS\system32\SiSInst.dll
2013-07-12 22:43:36 ----A---- C:\WINDOWS\system32\sisgrv.dll
2013-07-12 22:43:36 ----A---- C:\WINDOWS\system32\sisgl.dll
2013-07-12 22:43:36 ----A---- C:\WINDOWS\system32\SiSBase.dll
2013-07-12 22:43:36 ----A---- C:\WINDOWS\system32\drivers\srvkp.sys
2013-07-12 22:43:36 ----A---- C:\WINDOWS\system32\drivers\sisgrp.sys
2013-07-12 22:43:31 ----A---- C:\WINDOWS\system32\drivers\SISAGPX.SYS
2013-07-12 22:43:22 ----A---- C:\WINDOWS\system32\SiSPIns2.dll
2013-07-12 22:42:38 ----A---- C:\WINDOWS\system32\drivers\AmdK8.sys
2013-07-12 22:40:38 ----D---- C:\Documents and Settings\norbi\Data aplikací\DRPSu
2013-07-12 20:54:01 ----A---- C:\WINDOWS\system32\MRT.exe
2013-07-12 17:02:57 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-06-25 19:28:03 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2013-07-21 14:41:44 ----A---- C:\WINDOWS\system32\eRLog.ini
2013-07-21 14:40:56 ----A---- C:\WINDOWS\ModemLog_Agere Systems AC'97 Modem.txt
2013-07-19 12:13:02 ----A---- C:\WINDOWS\wincmd.ini
2013-07-19 10:13:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-14 46464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2012-03-20 171064]
R0 SISAGP;SiS AGP Filter; C:\WINDOWS\system32\DRIVERS\SISAGPX.sys [2003-07-18 36992]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-08-11 39424]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2007-02-20 302000]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2007-02-20 71088]
R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2005-02-25 13312]
R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-09-28 278728]
R2 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-09-28 25416]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-10-07 1270540]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-02-24 2311680]
R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2004-12-08 16896]
R3 GMFilter Filter;GMFilter Filter; C:\WINDOWS\System32\Drivers\GMFilter.sys [2006-12-29 27648]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-12-11 6144]
R3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2005-03-02 240640]
R3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51; C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [2004-11-05 32768]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-10-07 185824]
S3 BCM43XX;Broadcom 802.11 ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2004-12-21 369024]
S3 BthEnum;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-04-14 272896]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 ft1000;Flarion Flash OFDM wireless service; C:\WINDOWS\system32\DRIVERS\ft1000.sys [2007-07-09 62208]
S3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2004-08-16 1287168]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 FMMService;FMMService; C:\PROGRA~1\MOBILI~1\FMMSER~1.EXE [2007-12-06 40960]
R2 KPF4;Sunbelt Kerio Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [2007-02-20 1222192]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 11552]
R3 lxcr_device;lxcr_device; C:\WINDOWS\system32\lxcrcoms.exe [2006-02-03 495616]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-04 135664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-04 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-15 194032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-06-25 117144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

#6 Příspěvek od **Márty84** » 21 črc 2013 14:38

Disk ukazuje velke mnozstvi chyb, muze to byt pricina problemu.

01 _64 _63 _34 00000B35AEF6 Read Error Rate
07 _82 _60 _30 00000BED2D04 Seek Error Rate

Odinstalujte Google Toolbar

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

ANGILO · #7 Příspěvek od **ANGILO** » 21 črc 2013 17:04

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.07.21.03

Windows XP Service Pack 3 x86 FAT32
Internet Explorer 6.0.2900.5512
norbi :: ACER [administrátor]

21. 7. 2013 16:09:30
MBAM-log-2013-07-21 (17-59-56).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 311827
Uplynulý čas: 1 hodin, 27 minut, 26 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 1
C:\WINDOWS\system32\Hook.dll (Spyware.OnlineGames) -> Nebyla provedena žádná instrukce.

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL|CheckedValue (PUM.Hijack.System.Hidden) -> Špatný: (0) Dobrý: (1) -> Nebyla provedena žádná instrukce.

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 3
C:\WINDOWS\system32\Hook.dll (Spyware.OnlineGames) -> Nebyla provedena žádná instrukce.
C:\Program Files\EA SPORTS\NHL 2003\yapkea.zip (Malware.Packer.Krunchy) -> Nebyla provedena žádná instrukce.
D:\WinXP.Manager.v8.0.0.Incl.Keygen\Lz0\keygen.exe (Riskware.Tool.CK) -> Nebyla provedena žádná instrukce.

(konec)

#8 Příspěvek od **Márty84** » 21 črc 2013 17:15

Nalezy nechte odstranit, pak MBAM odinstalujte.

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Prohledat a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

ANGILO · #9 Příspěvek od **ANGILO** » 21 črc 2013 20:00

# AdwCleaner v2.306 - Log vytvooen 21/07/2013 v 20:48:33
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : norbi - ACER
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\norbi\Plocha\adwcleaner.exe
# Volba [Prohledat]

***** [Služby] *****

***** [Soubory / Složky] *****

Složka Nalezeno : C:\WINDOWS\Installer\{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}
Soubor Nalezeno : C:\WINDOWS\Uninstall.exe

***** [Registry] *****

Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{95B92D92-8B7D-4A19-A3F1-43113B4DBCAF}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{5297E905-1DFB-4A9C-9871-A4F95FD58945}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v6.0.2900.5512

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v22.0 (sk)

Soubor : C:\Documents and Settings\norbi\Data aplikací\Mozilla\Firefox\Profiles\yyzx923l.default\prefs.js

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [1004 octets] - [21/07/2013 20:48:33]

########## EOF - C:\AdwCleaner[R1].txt - [1064 octets] ##########

ANGILO · #10 Příspěvek od **ANGILO** » 21 črc 2013 21:02

# AdwCleaner v2.306 - Log vytvooen 21/07/2013 v 21:46:15
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : norbi - ACER
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\norbi\Plocha\adwcleaner.exe
# Volba [Vymazat]

***** [Služby] *****

***** [Soubory / Složky] *****

Složka Vymazáno : C:\WINDOWS\Installer\{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}
Soubor Vymazáno : C:\WINDOWS\Uninstall.exe

***** [Registry] *****

Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{95B92D92-8B7D-4A19-A3F1-43113B4DBCAF}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{5297E905-1DFB-4A9C-9871-A4F95FD58945}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v6.0.2900.5512

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v22.0 (sk)

Soubor : C:\Documents and Settings\norbi\Data aplikací\Mozilla\Firefox\Profiles\yyzx923l.default\prefs.js

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [1133 octets] - [21/07/2013 20:48:33]
AdwCleaner[S1].txt - [1062 octets] - [21/07/2013 21:46:15]

########## EOF - C:\AdwCleaner[S1].txt - [1122 octets] ##########

Logfile of random's system information tool 1.09 (written by random/random)
Run by norbi at 2013-07-21 21:56:28
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 2 GB (9%) free of 27 GB
Total RAM: 446 MB (12% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:58:09, on 21. 7. 2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\PROGRA~1\MOBILI~1\FMMSER~1.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Documents and Settings\norbi\Plocha\RSIT.exe
C:\Program Files\trend micro\norbi.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Panel nástrojů - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O3 - Toolbar: Lexmark Panel nástrojů - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [MobilityManager] C:\Program Files\Mobility Manager\MobilityManager
O4 - HKLM\..\Run: [Trust Gaming mouse] "C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: FMMService - Flarion Technologies, Inc. - C:\PROGRA~1\MOBILI~1\FMMSER~1.EXE
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

--
End of file - 6090 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\MpIdleTask.job
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\norbi\Data aplikací\Mozilla\Firefox\Profiles\yyzx923l.default

prefs.js - "extensions.enabledItems" - "{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.11"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-05-15 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}]
Lexmark Panel nástrojů - C:\Program Files\Lexmark Toolbar\toolband.dll [2006-01-25 184320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - Lexmark Panel nástrojů - C:\Program Files\Lexmark Toolbar\toolband.dll [2006-01-25 184320]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"=Alaunch []
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-10-07 98394]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-10-07 688218]
"SiSPower"=SiSPower.dll,ModeAgent []
"SiS Windows KeyHook"=C:\WINDOWS\system32\keyhook.exe [2005-03-04 32768]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"LManager"=C:\Program Files\Launch Manager\QtZgAcer.EXE [2005-10-12 315392]
"lxcrmon.exe"=C:\Program Files\Lexmark 2400 Series\lxcrmon.exe [2006-01-22 286720]
"MobilityManager"=C:\Program Files\Mobility Manager\MobilityManager []
"Trust Gaming mouse"=C:\Program Files\Trust\GM-4200 Gamer Mouse Optical\Panel.exe [2006-12-28 1232896]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-02-23 77824]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 931200]
"LXCRCATS"=rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16 []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
C:\WINDOWS\AGRSMMSG.exe [2004-10-07 88363]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
C:\Program Files\Lexmark 2400 Series\ezprint.exe [2006-02-07 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
C:\Program Files\Lexmark Fax Solutions\fm3032.exe [2006-02-02 290816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Utility Tray.lnk - C:\WINDOWS\system32\sistray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe"="C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe:*:Enabled:Sunbelt Kerio Firewall GUI"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\groove.exe"="C:\Program Files\Microsoft Office\Office12\groove.exe:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-07-21 21:46:15 ----A---- C:\AdwCleaner[S1].txt
2013-07-21 20:48:33 ----A---- C:\AdwCleaner[R1].txt
2013-07-21 15:48:22 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2013-07-21 15:48:16 ----D---- C:\Documents and Settings\norbi\Data aplikací\Malwarebytes
2013-07-21 15:47:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-07-21 15:46:27 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2013-07-21 14:16:12 ----D---- C:\Program Files\trend micro
2013-07-21 14:16:07 ----D---- C:\rsit
2013-07-21 13:40:25 ----A---- C:\WINDOWS\system32\muweb.dll
2013-07-21 13:40:25 ----A---- C:\WINDOWS\system32\mucltui.dll
2013-07-20 14:41:05 ----ASH---- C:\hiberfil.sys
2013-07-19 19:15:04 ----SHD---- C:\Recycled
2013-07-19 16:27:54 ----SHD---- C:\FOUND.001
2013-07-19 14:29:14 ----SHD---- C:\FOUND.000
2013-07-19 11:53:03 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2013-07-19 11:47:20 ----D---- C:\WINDOWS\system32\CatRoot_bak
2013-07-19 10:51:28 ----D---- C:\Program Files\Microsoft Security Client
2013-07-19 10:51:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2013-07-19 10:48:21 ----D---- C:\WINDOWS\Prefetch
2013-07-19 10:03:04 ----N---- C:\WINDOWS\system32\msxml6r.dll
2013-07-19 10:03:03 ----N---- C:\WINDOWS\system32\msxml6.dll
2013-07-19 10:02:29 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2013-07-19 10:02:29 ----N---- C:\WINDOWS\system32\aaclient.dll
2013-07-19 10:02:28 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2013-07-19 10:02:28 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2013-07-19 10:02:28 ----N---- C:\WINDOWS\system32\ati3duag.dll
2013-07-19 10:02:28 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2013-07-19 10:02:28 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2013-07-19 10:02:28 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2013-07-19 10:02:27 ----N---- C:\WINDOWS\system32\dimsroam.dll
2013-07-19 10:02:27 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2013-07-19 10:02:27 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2013-07-19 10:02:27 ----N---- C:\WINDOWS\system32\credssp.dll
2013-07-19 10:02:27 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2013-07-19 10:02:27 ----N---- C:\WINDOWS\system32\azroles.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\eappgnui.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\eappcfg.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\eapolqec.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3ui.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3svc.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3msm.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2013-07-19 10:02:26 ----N---- C:\WINDOWS\system32\dot3api.dll
2013-07-19 10:02:25 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2013-07-19 10:02:25 ----N---- C:\WINDOWS\system32\eapsvc.dll
2013-07-19 10:02:25 ----N---- C:\WINDOWS\system32\eapqec.dll
2013-07-19 10:02:25 ----N---- C:\WINDOWS\system32\eappprxy.dll
2013-07-19 10:02:25 ----N---- C:\WINDOWS\system32\eapphost.dll
2013-07-19 10:02:24 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2013-07-19 10:02:24 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2013-07-19 10:02:24 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2013-07-19 10:02:23 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2013-07-19 10:02:23 ----N---- C:\WINDOWS\system32\kmsvc.dll
2013-07-19 10:02:23 ----N---- C:\WINDOWS\system32\kbdpash.dll
2013-07-19 10:02:22 ----N---- C:\WINDOWS\system32\mmcperf.exe
2013-07-19 10:02:22 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2013-07-19 10:02:22 ----N---- C:\WINDOWS\system32\mmcex.dll
2013-07-19 10:02:22 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2013-07-19 10:02:21 ----N---- C:\WINDOWS\system32\napstat.exe
2013-07-19 10:02:21 ----N---- C:\WINDOWS\system32\napmontr.dll
2013-07-19 10:02:21 ----N---- C:\WINDOWS\system32\napipsec.dll
2013-07-19 10:02:21 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2013-07-19 10:02:21 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2013-07-19 10:02:21 ----N---- C:\WINDOWS\system32\mssha.dll
2013-07-19 10:02:20 ----N---- C:\WINDOWS\system32\onex.dll
2013-07-19 10:02:20 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2013-07-19 10:02:19 ----N---- C:\WINDOWS\system32\rasqec.dll
2013-07-19 10:02:19 ----N---- C:\WINDOWS\system32\qutil.dll
2013-07-19 10:02:19 ----N---- C:\WINDOWS\system32\qcliprov.dll
2013-07-19 10:02:19 ----N---- C:\WINDOWS\system32\qagentrt.dll
2013-07-19 10:02:19 ----N---- C:\WINDOWS\system32\qagent.dll
2013-07-19 10:02:19 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\slrundll.exe
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\slgen.dll
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\slextspk.dll
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\slcoinst.dll
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\setupn.exe
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\s3gnb.dll
2013-07-19 10:02:18 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2013-07-19 10:02:17 ----N---- C:\WINDOWS\system32\slserv.exe
2013-07-19 10:02:15 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2013-07-19 10:02:15 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2013-07-19 10:02:15 ----N---- C:\WINDOWS\system32\tspkg.dll
2013-07-19 10:02:15 ----N---- C:\WINDOWS\system32\tsgqec.dll
2013-07-19 10:02:14 ----N---- C:\WINDOWS\system32\wmphoto.dll
2013-07-19 10:02:14 ----N---- C:\WINDOWS\system32\wlanapi.dll
2013-07-19 10:02:13 ----N---- C:\WINDOWS\system32\xmllite.dll
2013-07-19 10:02:13 ----N---- C:\WINDOWS\slrundll.exe
2013-07-19 10:02:12 ----D---- C:\WINDOWS\system32\cs-cz
2013-07-19 10:02:11 ----D---- C:\WINDOWS\system32\cs
2013-07-19 10:02:11 ----D---- C:\WINDOWS\system32\bits
2013-07-19 10:02:11 ----D---- C:\WINDOWS\l2schemas
2013-07-19 09:55:54 ----D---- C:\WINDOWS\network diagnostic
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2013-07-19 09:55:53 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2013-07-19 09:55:52 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2013-07-19 09:55:51 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2013-07-19 09:55:51 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2013-07-19 09:55:50 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2013-07-19 09:55:50 ----N---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2013-07-19 09:55:50 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2013-07-19 09:55:50 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2013-07-19 09:55:50 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2013-07-19 09:55:50 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2013-07-19 09:55:50 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2013-07-19 09:55:49 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2013-07-19 09:55:48 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2013-07-19 09:55:48 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2013-07-19 09:55:48 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2013-07-19 09:55:48 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2013-07-19 09:55:48 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2013-07-19 09:55:48 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2013-07-19 09:55:48 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2013-07-19 09:49:57 ----HD---- C:\WINDOWS\$NtServicePackUninstall$
2013-07-19 09:49:51 ----D---- C:\WINDOWS\EHome
2013-07-13 16:14:55 ----D---- C:\Program Files\Yamicsoft
2013-07-13 16:12:12 ----RSD---- C:\WINDOWS\assembly
2013-07-13 16:10:44 ----D---- C:\WINDOWS\Microsoft.NET
2013-07-12 22:46:55 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2013-07-12 22:46:52 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2013-07-12 22:46:51 ----A---- C:\WINDOWS\system32\ksuser.dll
2013-07-12 22:46:50 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2013-07-12 22:46:49 ----A---- C:\WINDOWS\system32\drivers\stream.sys
2013-07-12 22:46:14 ----A---- C:\WINDOWS\Alcrmv.exe
2013-07-12 22:46:12 ----A---- C:\WINDOWS\system32\RTLCPAPI.dll
2013-07-12 22:46:10 ----A---- C:\WINDOWS\system32\RTLCPL.EXE
2013-07-12 22:45:59 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2013-07-12 22:45:58 ----A---- C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2013-07-12 22:44:14 ----RA---- C:\WINDOWS\system32\mdmxsdk.dll
2013-07-12 22:44:14 ----RA---- C:\WINDOWS\system32\hsfci012.dll
2013-07-12 22:44:14 ----RA---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2013-07-12 22:44:14 ----RA---- C:\WINDOWS\system32\drivers\HSFHWSIS.sys
2013-07-12 22:44:14 ----RA---- C:\WINDOWS\system32\drivers\HSF_DP.sys
2013-07-12 22:44:14 ----RA---- C:\WINDOWS\system32\drivers\HSF_CNXT.sys
2013-07-12 22:44:14 ----D---- C:\Program Files\CONEXANT
2013-07-12 22:43:55 ----A---- C:\WINDOWS\system32\drivers\siside.sys
2013-07-12 22:43:49 ----A---- C:\WINDOWS\system32\drivers\sisnicxp.sys
2013-07-12 22:43:41 ----A---- C:\WINDOWS\difxapi.dll
2013-07-12 22:43:36 ----A---- C:\WINDOWS\system32\SiSParse.dll
2013-07-12 22:43:36 ----A---- C:\WINDOWS\system32\SiSInst.dll
2013-07-12 22:43:36 ----A---- C:\WINDOWS\system32\sisgrv.dll
2013-07-12 22:43:36 ----A---- C:\WINDOWS\system32\sisgl.dll
2013-07-12 22:43:36 ----A---- C:\WINDOWS\system32\SiSBase.dll
2013-07-12 22:43:36 ----A---- C:\WINDOWS\system32\drivers\srvkp.sys
2013-07-12 22:43:36 ----A---- C:\WINDOWS\system32\drivers\sisgrp.sys
2013-07-12 22:43:31 ----A---- C:\WINDOWS\system32\drivers\SISAGPX.SYS
2013-07-12 22:43:22 ----A---- C:\WINDOWS\system32\SiSPIns2.dll
2013-07-12 22:42:38 ----A---- C:\WINDOWS\system32\drivers\AmdK8.sys
2013-07-12 22:40:38 ----D---- C:\Documents and Settings\norbi\Data aplikací\DRPSu
2013-07-12 20:54:01 ----A---- C:\WINDOWS\system32\MRT.exe
2013-07-12 17:02:57 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-06-25 19:28:03 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2013-07-21 21:52:06 ----A---- C:\WINDOWS\system32\eRLog.ini
2013-07-21 21:52:04 ----A---- C:\WINDOWS\ModemLog_Agere Systems AC'97 Modem.txt
2013-07-19 12:13:02 ----A---- C:\WINDOWS\wincmd.ini
2013-07-19 10:13:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-14 46464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2012-03-20 171064]
R0 SISAGP;SiS AGP Filter; C:\WINDOWS\system32\DRIVERS\SISAGPX.sys [2003-07-18 36992]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-08-11 39424]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2007-02-20 302000]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2007-02-20 71088]
R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2005-02-25 13312]
R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-09-28 278728]
R2 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-09-28 25416]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-10-07 1270540]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-02-24 2311680]
R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2004-12-08 16896]
R3 GMFilter Filter;GMFilter Filter; C:\WINDOWS\System32\Drivers\GMFilter.sys [2006-12-29 27648]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-12-11 6144]
R3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2005-03-02 240640]
R3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51; C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [2004-11-05 32768]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-10-07 185824]
S0 ixquml;ixquml; C:\WINDOWS\System32\drivers\lrwa.sys []
S3 BCM43XX;Broadcom 802.11 ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2004-12-21 369024]
S3 BthEnum;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-04-14 272896]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 ft1000;Flarion Flash OFDM wireless service; C:\WINDOWS\system32\DRIVERS\ft1000.sys [2007-07-09 62208]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2004-08-16 1287168]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 FMMService;FMMService; C:\PROGRA~1\MOBILI~1\FMMSER~1.EXE [2007-12-06 40960]
R2 KPF4;Sunbelt Kerio Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [2007-02-20 1222192]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 11552]
R3 lxcr_device;lxcr_device; C:\WINDOWS\system32\lxcrcoms.exe [2006-02-03 495616]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-06-25 117144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

#11 Příspěvek od **Márty84** » 22 črc 2013 02:13

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu a spustte.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

ANGILO · #12 Příspěvek od **ANGILO** » 22 črc 2013 09:06

Po spusteni sa zasekol - po restarte spustene znovu - zasekol sa
log je z nudzoveho rezimu

RogueKiller V8.6.3 [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Nouzový režim
Uživatel : norbi [Práva správce]
Mód : Kontrola -- Datum : 07/22/2013 09:54:49
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> NALEZENO
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> NALEZENO
[HJ SMENU] HKLM\[...]\Advanced : Start_ShowRecentDocs (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[SCREENSVR][SUSP PATH] HKCU\[...]\Desktop : SCRNSAVE.EXE (C:\WINDOWS\ACER.SCR [-]) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x2] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 www.yamicsoft.com

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST960821A +++++
--- User ---
[MBR] 96ae1b6c7df365346740c616d08c681f
[BSP] d269bde5b70bf39116d91e392caddd0b : Acer MBR Code
Partition table:
0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 63 | Size: 2996 Mo
1 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 6136830 | Size: 26866 Mo
2 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 61159455 | Size: 27368 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_07222013_095449.txt >>

ANGILO · #13 Příspěvek od **ANGILO** » 22 črc 2013 09:43

...podarilo sa ... log

RogueKiller V8.6.3 [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : norbi [Práva správce]
Mód : Kontrola -- Datum : 07/22/2013 10:39:18
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> NALEZENO
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> NALEZENO
[HJ SMENU] HKLM\[...]\Advanced : Start_ShowRecentDocs (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[SCREENSVR][SUSP PATH] HKCU\[...]\Desktop : SCRNSAVE.EXE (C:\WINDOWS\ACER.SCR [-]) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] SSDT[25] : NtClose @ 0x805B1C3A -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD612F80)
[Address] SSDT[37] : NtCreateFile @ 0x8056E27C -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD612552)
[Address] SSDT[41] : NtCreateKey @ 0x8061A286 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD60E882)
[Address] SSDT[47] : NtCreateProcess @ 0x805C7420 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD611A1A)
[Address] SSDT[48] : NtCreateProcessEx @ 0x805C736A -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD611910)
[Address] SSDT[53] : NtCreateThread @ 0x805C7208 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD611F2A)
[Address] SSDT[62] : NtDeleteFile @ 0x8056BE1C -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD613034)
[Address] SSDT[63] : NtDeleteKey @ 0x8061A716 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD60ED54)
[Address] SSDT[65] : NtDeleteValueKey @ 0x8061A8E6 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD60EE70)
[Address] SSDT[97] : NtLoadDriver @ 0x80579588 -> HOOKED (C:\WINDOWS\system32\drivers\khips.sys @ 0xF77B0F4C)
[Address] SSDT[108] : NtMapViewOfSection @ 0x805A7480 -> HOOKED (C:\WINDOWS\system32\drivers\khips.sys @ 0xF77B1232)
[Address] SSDT[116] : NtOpenFile @ 0x8056F39A -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD612906)
[Address] SSDT[119] : NtOpenKey @ 0x8061B658 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD60EB78)
[Address] SSDT[206] : NtResumeThread @ 0x805CAC22 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD6120DC)
[Address] SSDT[224] : NtSetInformationFile @ 0x80570284 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD612CE0)
[Address] SSDT[247] : NtSetValueKey @ 0x8061880C -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD60F038)
[Address] SSDT[274] : NtWriteFile @ 0x80572248 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD612BB2)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 www.yamicsoft.com

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST960821A +++++
--- User ---
[MBR] 96ae1b6c7df365346740c616d08c681f
[BSP] d269bde5b70bf39116d91e392caddd0b : Acer MBR Code
Partition table:
0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 63 | Size: 2996 Mo
1 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 6136830 | Size: 26866 Mo
2 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 61159455 | Size: 27368 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_07222013_103918.txt >>
RKreport[0]_S_07222013_095449.txt

#14 Příspěvek od **Márty84** » 22 črc 2013 13:52

Znovu spustte RogueKiller (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

ANGILO · #15 Příspěvek od **ANGILO** » 22 črc 2013 16:44

RogueKiller V8.6.3 [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : norbi [Práva správce]
Mód : Odebrat -- Datum : 07/22/2013 14:18:57
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> NAHRAZENO (0)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> NAHRAZENO (1)
[HJ SMENU] HKLM\[...]\Advanced : Start_ShowRecentDocs (0) -> NAHRAZENO (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[SCREENSVR][SUSP PATH] HKCU\[...]\Desktop : SCRNSAVE.EXE (C:\WINDOWS\ACER.SCR [-]) -> NAHRAZENO (C:\WINDOWS\system32\logon.scr)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] SSDT[25] : NtClose @ 0x805B1C3A -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD612F80)
[Address] SSDT[37] : NtCreateFile @ 0x8056E27C -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD612552)
[Address] SSDT[41] : NtCreateKey @ 0x8061A286 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD60E882)
[Address] SSDT[47] : NtCreateProcess @ 0x805C7420 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD611A1A)
[Address] SSDT[48] : NtCreateProcessEx @ 0x805C736A -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD611910)
[Address] SSDT[53] : NtCreateThread @ 0x805C7208 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD611F2A)
[Address] SSDT[62] : NtDeleteFile @ 0x8056BE1C -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD613034)
[Address] SSDT[63] : NtDeleteKey @ 0x8061A716 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD60ED54)
[Address] SSDT[65] : NtDeleteValueKey @ 0x8061A8E6 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD60EE70)
[Address] SSDT[97] : NtLoadDriver @ 0x80579588 -> HOOKED (C:\WINDOWS\system32\drivers\khips.sys @ 0xF77B0F4C)
[Address] SSDT[108] : NtMapViewOfSection @ 0x805A7480 -> HOOKED (C:\WINDOWS\system32\drivers\khips.sys @ 0xF77B1232)
[Address] SSDT[116] : NtOpenFile @ 0x8056F39A -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD612906)
[Address] SSDT[119] : NtOpenKey @ 0x8061B658 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD60EB78)
[Address] SSDT[206] : NtResumeThread @ 0x805CAC22 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD6120DC)
[Address] SSDT[224] : NtSetInformationFile @ 0x80570284 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD612CE0)
[Address] SSDT[247] : NtSetValueKey @ 0x8061880C -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD60F038)
[Address] SSDT[274] : NtWriteFile @ 0x80572248 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xAD612BB2)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 www.yamicsoft.com

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST960821A +++++
--- User ---
[MBR] 96ae1b6c7df365346740c616d08c681f
[BSP] d269bde5b70bf39116d91e392caddd0b : Acer MBR Code
Partition table:
0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 63 | Size: 2996 Mo
1 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 6136830 | Size: 26866 Mo
2 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 61159455 | Size: 27368 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_07222013_141857.txt >>
RKreport[0]_S_07222013_095449.txt;RKreport[0]_S_07222013_103918.txt

VIRY.CZ

Posim o kontrolu

Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu

Re: Posim o kontrolu